I use a number of scripts to setup automatic port forwarding via several bastion hosts. Yesterday, post-emerge, these scripts all started throwing errors: ----- $ ssh -V OpenSSH_4.1p1, OpenSSL 0.9.7g 11 Apr 2005 $ ssh user@host -L LPORT:target.host:RPORT channel_setup_fwd_listener: cannot listen to port: LPORT Could not request local forwarding ----- Again, these scripts have worked reliably for me, literally for years. In this case, I am able to successfully authenticate and login to the remote host but the local forwards are never setup. Likewise, testing these on Linux, BSD, Solaris results in a successful forward. I've reviewed the changes from the latest base-layout and can't find anything that would have caused this to break. Reproducible: Always Steps to Reproduce: 1. ssh user@host -L lport:target.host:rport Actual Results: channel_setup_fwd_listener: cannot listen to port: LPORT Could not request local forwarding Expected Results: I expected the software to work the way it had pre-emerge meaning, I expected the ports to be opened and forwarded. I'd like to make a snarky remark about the insanity of something like this, I mean, c'mon already. Oh wait, I guess I just did. ;)
Oh yes, I am *not* trying to forward LPORT to RPORT - the values used on the command line are actual ports I identify by their numeric value. Just in case that wasn't clear in my original statements.
debug1: Authentication succeeded (password). debug1: Local connections to LOCALHOST:6080 forwarded to remote address REMOTE:80 debug3: channel_setup_fwd_listener: type 2 wildcard 0 addr NULL debug1: Local forwarding listening on 127.0.0.1 port 6080. bind: Cannot assign requested address socket: Address family not supported by protocol channel_setup_fwd_listener: cannot listen to port: 6080 Could not request local forwarding.
works for me: ssh vapier@mailserver -L 33:localhost:25 then doing `nc localhost 33` gives me a connection to the smtp server on mailserver debug1: Local forwarding listening on 127.0.0.1 port 6080. bind: Cannot assign requested address socket: Address family not supported by protocol that should be a pretty good indication of where to look next ...
Hmm, I guess I don't understand how that applies in this case. Nothing has changed on either end of the link wrt protocol support. No changes were made to the kernel(s). Google returns many posts about ppl trying to run ipv6 over a kernel that doesn't support it, but nothing along the lines of, 'this worked one minute, I changed some userland stuff, it no longer works.' Please enlighten me.
why not verify that openssh-4.1p1 is the problem ... downgrade it to previous versions and see if it starts working again
Did you run etc-update after the emerge? Perhaps you change a your config?
fixed