Remote port forwarding failing on a Raspberry Pi
Hello, folks!
I have configured my Raspberry Pi (Raspbian, debian) as a server, and ssh is working normally both on LAN and WAN (if i wanted to), but i cannot port forward on the router it's currently behind (my office router) for security reasons. What i am trying to do is a remote port forward from the Pi to my PC at home, using: Code:
ssh -fN -R $port:localhost:8022 $user@$mypclocation It does connect, and "netstat -nlpt" on my PC shows that it is listening on port $port, and "-npt" shows the connection is established. When i try to connect to it via the tunneled port, though, as in: Code:
ssh $user@localhost -p $port Code:
ssh_exchange_indentification: read: connection reset by peer. Code:
ssh_exchange_identification: Connection closed by remote host. Snippet of the verbose output (server side): Code:
debug1: Authentication succeeded (publickey). |
If your setup is like this:
Code:
rpi3 ----- Router A ----- ( Internet ) ----- Router B ----- PCatHome On rpi3: Code:
ssh -R 2202:localhost:22 user@pcathome.example.com Code:
while ! ssh -i some.key.ed25519 -R 2202:localhost:22 user@pcathome.example.com; do sleep 2; done; Then later on PCatHome this will connect back to rpi3: Code:
ssh -p 2202 localhost |
Ok, i made sure i did exactly as you said, but the same thing happened.. Whithout setting "-f", i actually get a shell inside the remote server, but then, when i try to connect back through the port, it fails:
Code:
root@pc:~:: netstat -nlpt |
None of these connections should be done as root.
Are you leaving the connection open from the RPi3 to the HomePC? Do you have the SSH server running on the RPi3 also? It's not on by default. |
Remote port forwarding failing on a Raspberry Pi
The only user on my dist is root. I use pub/priv keys for authentication, and yes, the ssh daemon is up and running, not on port 22 (extra security).
|
In #3 above you show the output of 'netstat -nlpt' for the PC at Home unit. What is the corresponding output on the Raspberry Pi 3?
|
Yes, sorry. Here it is:
Code:
pi@pc:~:: netstat -nlpt Code:
pi@pc:~:: netstat -npt |
Ok. sshd is listening there, but on port 71. Then on the RPi3 you'd launch the reverse tunnel back to port 71:
Code:
ssh -R 2202:localhost:71 user@pcathome.example.com |
Sorry for the trouble. I edited the question so it wasn't confusing. I use port 71, by default, i changed it to 22 in the post only.
Don't know if this is going to help or anything, but i have tryed this not only on my Pi. but on all my devices connecting to one another, and nothing. i suspected the firewall or something, but iptables is flushed. I suspected my router, so i went to another network, nothing. Maybe this is bad karma or the universe playing pranks, just doesn't make sense. I can SSH from and to every device, but cannot remote port forward. |
Can you get more information out of the SSH client regarding the failure to connect by increasing the verbosity?
Code:
ssh -v -p 2202 localhost |
Sure, here it is (with verbose set to "-vvv"):
Code:
OpenSSH_7.6p1 Debian-2, OpenSSL 1.0.2m 2 Nov 2017 |
Hello, problem solved. It turns out i didn't pay much attention when you said it was listening on port 71 and i was sending it to listen on the remote client's SSH port.
Quote:
What i was doing was Code:
$tunnel_port:localhost:$remote_client_SSH_port Code:
$tunnel_port:localhost:$server_SSH_port |
No problem.
Be sure to eventually take a look at ServerAliveCountMax on the client and ClientAliveCountMax on the server as well as using the while() loop shown above. The combination will allow the automatic maintenance of the tunnel. |
Quote:
Code:
if ps aux | grep StrictHostKeyChecking | grep -v grep; then Do you think using the options you provided is better? |
All times are GMT -5. The time now is 03:45 PM. |