Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 99803 - Port forwarding is broken in SSH (OpenSSH_4.1p1, OpenSSL 0.9.7g)
Summary: Port forwarding is broken in SSH (OpenSSH_4.1p1, OpenSSL 0.9.7g)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: x86 Linux
: High major (vote)
Assignee: Daniel Ahlberg (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-07-21 07:46 UTC by John Brown
Modified: 2005-07-22 07:32 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Brown 2005-07-21 07:46:00 UTC 
I use a number of scripts to setup automatic port forwarding via several bastion
hosts. Yesterday, post-emerge, these scripts all started throwing errors:

-----
$ ssh -V
OpenSSH_4.1p1, OpenSSL 0.9.7g 11 Apr 2005

$ ssh user@host -L LPORT:target.host:RPORT
channel_setup_fwd_listener: cannot listen to port: LPORT
Could not request local forwarding
-----

Again, these scripts have worked reliably for me, literally for years. In this
case, I am able to successfully authenticate and login to the remote host but
the local forwards are never setup. Likewise, testing these on Linux, BSD,
Solaris results in a successful forward. I've reviewed the changes from the
latest base-layout and can't find anything that would have caused this to break. 

Reproducible: Always
Steps to Reproduce:
1. ssh user@host -L lport:target.host:rport
Actual Results:  
channel_setup_fwd_listener: cannot listen to port: LPORT
Could not request local forwarding

Expected Results:  
I expected the software to work the way it had pre-emerge meaning, I expected
the ports to be opened and forwarded.

I'd like to make a snarky remark about the insanity of something like this, I
mean, c'mon already. Oh wait, I guess I just did. ;)
Comment 1 John Brown 2005-07-21 07:48:22 UTC 
Oh yes, I am *not* trying to forward LPORT to RPORT - the values used on the
command line are actual ports I identify by their numeric value. Just in case
that wasn't clear in my original statements.
Comment 2 John Brown 2005-07-21 08:38:05 UTC 
debug1: Authentication succeeded (password).
debug1: Local connections to LOCALHOST:6080 forwarded to remote address REMOTE:80
debug3: channel_setup_fwd_listener: type 2 wildcard 0 addr NULL
debug1: Local forwarding listening on 127.0.0.1 port 6080.
bind: Cannot assign requested address
socket: Address family not supported by protocol
channel_setup_fwd_listener: cannot listen to port: 6080
Could not request local forwarding.
Comment 3 SpanKY gentoo-dev 2005-07-21 09:05:38 UTC 
works for me:
ssh vapier@mailserver -L 33:localhost:25
then doing `nc localhost 33` gives me a connection to the smtp server on mailserver

debug1: Local forwarding listening on 127.0.0.1 port 6080.
bind: Cannot assign requested address
socket: Address family not supported by protocol

that should be a pretty good indication of where to look next ...
Comment 4 John Brown 2005-07-21 10:40:58 UTC 
Hmm, I guess I don't understand how that applies in this case.

Nothing has changed on either end of the link wrt protocol support. No changes
were made to the kernel(s). Google returns many posts about ppl trying to run
ipv6 over a kernel that doesn't support it, but nothing along the lines of,
'this worked one minute, I changed some userland stuff, it no longer works.'

Please enlighten me.
Comment 5 SpanKY gentoo-dev 2005-07-21 11:15:53 UTC 
why not verify that openssh-4.1p1 is the problem ...

downgrade it to previous versions and see if it starts working again
Comment 6 Caleb Tennis (RETIRED) gentoo-dev 2005-07-21 12:44:06 UTC 
Did you run etc-update after the emerge?  Perhaps you change a your config?
Comment 7 John Brown 2005-07-22 07:32:37 UTC 
fixed