SSH Tunnels - Connection Refused
Having trouble getting an SSH tunnel to connect to my Slackware 12.0 box.
Here's my setup: - EXTERNAL_BOX: putty to SLACKWARE_12:SSH_PORT, tunnel 1111 (local) to SLACKWARE_12:FORWARDING_PORT - ROUTER: forwards port SSH_PORT to SLACKWARE_12 (which I can log in fine) and forwards FORWARDING_PORT to SLACKWARE_12 - SLACKWARE_12: ...sshd_conf: Code:
AllowTcpForwarding yes Now I've tried it behind the router with the same results: Connection refused. I don't know if it is sshd stopping the tunnel or what. inetd? I'll try a local tunnel to see if I can at least do that. Thanks. |
This might help. Depending on what you're trying to tunnel, you could use SSH as a socks proxy.
http://tipotheday.com/2007/12/16/bor...r-connections/ |
I'll have to try the SSH and SOCKS out...
So I can do this: # ssh -L 2001:localhost:25 localhost then in that session I can telnet to localhost 2001 and get my smtp... So I still don't know why it want let any external sessions. If I add a "PermitOpen 192.168.1.100:7838" to the sshd_config I'll get the error message in Putty: Forwarded connection refused by server: Administratively prohibited [open failed] Something's changing for sure. If I had the "PermitOpen any" I get the connection refused again. The ports are open through the firewall, unless I'm screwing that up (I'm getting different responses, so I'd think I have the firewall right though). I'm totally baffled at this point. |
Disable firewall for now.
|
I set the firewall to accept all by default.
Something I thought was interesting: ... sshd[12657]: debug1: server_request_direct_tcpip: originator 0.0.0.0 port 0, target server.com port 7777 ... When it works from my router, i.e. ssh -L 2000:server:25 or whatever, I get: sshd[12550]: debug1: server_request_direct_tcpip: originator 127.0.0.1 port 59556, target server.com port 25 So maybe figuring out why I'm not getting an originating IP might fix me. |
Finally
OK. I might be an idiot, but this seemed to fix it:
The hostname has always been domain-serv, since I always thought of my router as being domain.com...so after running `hostname domain.com`...bam! It finally works... I guess sometimes it is too simple. sshd had to be resolving domain.com to my router, ergo the connection failed. I spent a couple weeks on this just for one command to fix it...but I learned much in the process. Now I'm only a Level 2 idiot. :) |
All times are GMT -5. The time now is 07:28 PM. |