f



Warning: remote port forwarding failed for listen port 4043

I have a script that does a port forwarding for me: 

ssh -n  -R localhost:4043:localhost:22 remoteserver.example.com 

The problem with this is that if port forwarding fails, ssh prints

Warning: remote port forwarding failed for listen port 4043

But it STAYS CONNECTED instead of properly failing with exit code. 

So it is a MAJOR pain to detect this condition and kill ssh. 

How can I change is so that, when report port forwarding cannot be
accomplished, ssh exits right away? 

I think that it is a bug, period.

thanks

i
0
Ignoramus3694
10/9/2007 2:06:38 PM
comp.security.ssh 4228 articles. 0 followers. terra1024 (490) is leader. Post Follow

1 Replies
2722 Views

Similar Articles

[PageSpeed] 5

>>>>> "Ignoramus3694" == Ignoramus3694  <ignoramus3694@NOSPAM.3694.invalid> writes:

    Ignoramus3694> I have a script that does a port forwarding for me: ssh
    Ignoramus3694> -n -R localhost:4043:localhost:22
    Ignoramus3694> remoteserver.example.com

    Ignoramus3694> The problem with this is that if port forwarding fails,
    Ignoramus3694> ssh prints

    Ignoramus3694> Warning: remote port forwarding failed for listen port
    Ignoramus3694> 4043

    Ignoramus3694> But it STAYS CONNECTED instead of properly failing with
    Ignoramus3694> exit code.

    Ignoramus3694> So it is a MAJOR pain to detect this condition and kill
    Ignoramus3694> ssh.

    Ignoramus3694> How can I change is so that, when report port
    Ignoramus3694> forwarding cannot be accomplished, ssh exits right
    Ignoramus3694> away?

Reading the documentation [ssh_config(5)]:

     ExitOnForwardFailure
             Specifies whether ssh(1) should terminate the connection if it
             cannot set up all requested dynamic, tunnel, local, and remote
             port forwardings.  The argument must be ``yes'' or ``no''.  The
             default is ``no''.

    Ignoramus3694> I think that it is a bug, period.

It is not a bug, since that is how it is documented to work.

    Ignoramus3694> thanks

    Ignoramus3694> i

-- 
  Richard Silverman
  res@qoxp.net

0
res49 (1410)
10/10/2007 1:03:03 AM
Reply:

Similar Artilces:

Prevent blocking remote port when setting up a SSH tunnel/SSH port forwarding?
Assume I create an SSH tunnel to a remote computer with ssh foobar@remcomp -L 20110:remcomp:110 then it seems to me that on the remote computer port 110 is blocked for other clients. Is this true? How can I prevent this exclusive locking? Peter pins1000@yahoo.com (Peter Insold) writes: > Assume I create an SSH tunnel to a remote computer with > > ssh foobar@remcomp -L 20110:remcomp:110 > > then it seems to me that on the remote computer port 110 is blocked for other > clients. Is this true? No. DES -- Dag-Erling Smørgrav - des@des.no...

Ports....Ports....Ports...
I have a linksys WRT54G wireless access point and I have't been able to get voice communications using Windows Messenger or Buddy Talk. With a direct PPOE connection to my isp they voice items worked fine. What ports need to be forwarded to allow for voice? Thanx, Grumpy On Fri, 08 Aug 2003 15:05:30 GMT, William Harper spoketh >I have a linksys WRT54G wireless access point and I have't been able to get >voice communications using Windows Messenger or Buddy Talk. With a direct >PPOE connection to my isp they voice items worked fine. What ports need to >be forwarded...

What is the difference between local port forwarding (-L) and remote port forwarding (-R)
Hi! I need to do an SSH tunnel to encrypt the data sent between an agent and a the server. I'm able to establish a tunnel but there's something that I can't understand... What is the difference between the bit -L and the bit -R. I've read the man of SSH on Fedora. It's seems to be simple but in practice, I don't understand. Can somebody help me on this subject? Thanks a lot! Yann > What is the difference between the bit -L and the bit -R. -L forwards a port from the client to the server. -R forwards a port from the server to the client. -- To reply by email,...

Port Forwarding and Multiple SSH Servers
Behind my firewall I have several SSH servers that I connect to with something like: ssh -p xx user@firewall_IP_address and then the firewall forwards it to the correct server, generally running some version of Linux. The problem is this error message: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA h...

Why is port forwarding more secure than opening up a port?
I have never understood this very well, here is my current grasp of it.. If I open up port 110 on my router: 1. If hacker is probing random IP addresses on that port, I will be flagged as open and he will come back and pay me a visit. 2. Any Trojans, viruses, or other malware that works its way into PCs via port 110 will eventually stumble across my open port and infect me. Alternatively, if I "forward" port 110 to say 192.168.0.5 (my pop3 server PC): 1. If hacker is probing random IP addresses on that port, will I will be flagged as closed? stealthed? worth a second visit?...

ssh port forward
Hi, Im trying to set up ssh local port forward. But I dont know the ports to connect to on the remote machine beforehand. Is it possible to setup forward for a range of ports? thanks rc You can specify multiple ports to forward on the command line, or establish a VPN if you have the need for UDP. See: http://www.securitybulletins.com/mediawiki/index.php/SSH_Tunnelling for info on both types. Doug On 21 Nov 2006 15:57:54 -0800 chandranramesh@gmail.com wrote: > Hi, > > Im trying to set up ssh local port forward. > But I dont know the ports to connect to on the remote ma...

Port Forwarding: Device:Port = Router:Port?
- Webcam's IP addr = 10.0.0.140, and it's set up to use port 8000 - Router's IP addr = 1.0.0.1, and it's port forwarding is set up to forward port 8000 to 10.0.140. - I can view the camera using 10.0.0.140:8000, no problem. The Question: Should I be able to view the camera using 10.0.0.1:8000? -- PeteCresswell On Wed, 31 Aug 2011 08:13:01 -0400, "(PeteCresswell)" <x@y.Invalid> wrote: > - Webcam's IP addr = 10.0.0.140, and it's set up to > use port 8000 > > - Router's IP addr = 1.0.0.1, and...

To Port Forward or Not To Port Forward
System: DP MDD G4, OS 10.4.9 Inet connection: DSL with static i.p.,Broadcom Gateway to Linksys WRT54G Wireless Router using DHCP, 1 computer connected via enet, 3 connected wirelessly, basic home use only Wireless security is very basic: Unique router name and pw, SSID disabled, and connections allowed by MAC addresses only, Linksys firewall is enabled with all the other features set to their defaults, Mac OS firewall is disabled I recently purchased a Logitec QuickCam Pro 5000 webcam that works just fine with iChat right out of the box. Learning how to use it I found some Apple docs and ot...

ssh remote port forwarding
Hello experts, I have a little problem using ssh and remote port forwarding. Here is the problem: I have one machine (A) behind a nat firewall that I'd like to be able to access from the outside via ssh. Unfortunately I have no control over the router, so no DMZing it. So I was thinking of sshing from machine A behind the firewall to a machine outside the nat (machine B) and using reverse port forwarding on that machine. Then I could ssh to machine B and that would then forward the connection to A. so far I run this on A: sudo ssh -g -N -R 2222:127.0.0.1:22 machineBusername@machineB.something then running the following in the outside world: ssh -p 2222 machineAusername@machineB.something yields a time out. I'm a bit confused on how to get this to work. Is what I want to do pricipally possible and if so, what can I do to make it work? Regards, Sven. -- s v e n (dot) d (dot) m e i e r (at) g m x (dot) n e t In article <e0s4cl$dua$1@dennis.cc.strath.ac.uk> Sven <no@spam.com> writes: > >I have a little problem using ssh and remote port forwarding. Here is >the problem: I have one machine (A) behind a nat firewall that I'd like >to be able to access from the outside via ssh. Unfortunately I have no >control over the router, so no DMZing it. > >So I was thinking of sshing from machine A behind the firewall to a >machine outside the nat (machine B) and using reverse ...

port tunneling over ssh (not port-forwarding in the traditional sense)
Does anybody know of a way to do port forwarding over ssh not using the standard ssh functionality, but rather by running a utility on the server and using a special client that forwards data through the terminal session. I think PPP and slirp would do the job, but I would prefer to have a standalone client that exists solely to forward one (or several) ports, rather than acting as my main network connection. > Does anybody know of a way to do port forwarding over ssh not using the > standard ssh functionality, but rather by running a utility on the server > and using a spe...

Port security on a Catalyst 4000
I've got port security configured on a catalyst 4000, running catos 7.6.3. The config command is:- set port security 6/18 enable age 0 maximum 1 shutdown 0 unicast-flood enable violation shutdown When I patch a workstation into the port, it learns the mac and shows it as secure. When I subsequently remove the workstation, a "show port security 6/18" shows no secure address. I can then patch a different workstation into the same port, and it learns the new machine's mac address. As I understand it, the first machine's mac address should be learnt, and the port should be...

Ports for DB2 behind firewall / ssh port forward
hi newsgroup, I'd like to connect to a remote DB2 Database V 8.2 using the "DB2 Steuerzentrale" (I guess it's called something like "DB2 management console" in the English version). Since the database host is behind a firewall I tried to communicate through ssh port forwarding. Therefore, I run: ssh -L 6789:remotename:6789 -L 50000:remotename:50000 -L 50001:remotename:50001 -L 523:remotename:523 remotename Though the ssh connection is established, my "DB2 Steuerzentrale" won't connect to localhost successfully and shows an error num...

remote/reverse port forward, ssh client setting source IPs to what ssh server reports
Note: most of this post is based on OpenSSH When I do a remote forward (port on server listens for incoming traffic, traffic gets forwarded to port that is listening on client), the source IPs of all the incoming connections in the server app on the client machine are 127.0.0.1/localhost. Using "-v", I can see that sshd passes the IP addresses of what computers connected to the sshd's port that forwards to the client. The client does not use/set the originating information when connect. RFC 4254 requires the server send the originating IP across the wire to the client. ------------------------------------------------------------------------------------------------------------------------- 7.2. TCP/IP Forwarding Channels When a connection comes to a port for which remote forwarding has been requested, a channel is opened to forward the port to the other side. byte SSH_MSG_CHANNEL_OPEN string "forwarded-tcpip" uint32 sender channel uint32 initial window size uint32 maximum packet size string address that was connected uint32 port that was connected ###string originator IP address########################################### uint32 originator port -------------------------------------------------------------------------------------------------------------------------- The 'originator IP address' is the numeric IP address of the machine from where the conn...

Socket connection to port fails despite port open / listening !
Hi all, I have opened port 5129 on 2 linux machines (CENTOS) and they are listening - 1 machine accepts socket connections from a third windows machine (all on same network) and the 1 doesnt !! What can I check ? 1- I ran this to verify ports: open(PRTCP,'/proc/net/tcp');while(<PRTCP>){ chomp;next if/^\s*$/;s/^\s*//;s/\s*$//;next if/^sl/;split/\s+/;@p=split':',$_[1];$h{hex $p[1]}=$_[7];}foreach(sort{$a<=>$b}keys%h){ print$_,"\t",[getpwuid($h{$_})]->[0],"\n"}; RESULT: 5129 jack 2- "netstat -tap" shows its listening : tcp 0...

FTP port forwarding in SSH.. Secure??
I was trying the "FTP Port Forwarding" to secure the FTP transfer). I really like it, but I have a question: On the unix manual pages (man ssh2), the description of the "-L" option indicates that part of the connection is not secure when you use FTP Port Forwarding, could someone please explain me what part is not secure? Is it referring to the FTP data which is non-encrypted inside the tunnel? Below is text from manual page for F-Secure SSH2 SSH2 SSH2(1) ...

I have a question about Remote port forwarding in SSH
Hi, I am trying do remote port forwarding in SSH and make the forwarded port available over a network. One machine, S, is behind a firewall and I can ssh out, but not ssh in. I can connect using a VPN which only works with Windoze. The other machine, H, is behind a different firewall, and it can SSH in or out. So I what I do is connect to the machine S from the machine H and then give the command: user@S$ ssh -R22222:localhost:22 H Then, on the machine H, I give the command user@H$ ssh -p 22222 localhost and I am connected. Using public key authentication, I don't need to ...

Question concerning remote port-forwarding with SSH
I have difficulties to find out when I should use SSH remote port-forwarding e.g. ssh sshserver -R 7777:localhost:110 Notice the -R and instead of -L This would cause a data traffic (with the syntax: in-port:machine:out-port): MailClient(on remote):* -> 7777:SSHServer:* -> 22:SSHClient(on localhost):* -> 110:MailServer(on localhost) Are the following statement correct: - Use remote port-forwarding (-R) when the connection between SSH-Server and ApplicationServer (e.g.MailServer) should be encrypted - Use "normal" port-forwarding (-L) when the connection between App...

port forwarding for multiple ports
Hello, Is there any way to do a port forwarding (ssh -L localport:remotehost:remoteport) for a range of ports? If do not, can I do a port forwarding dinamically? (is there any application that do something like this?) Thanks, RFT. rodrigofteixeira@yahoo.com.br (RFT) writes: >Is there any way to do a port forwarding (ssh -L >localport:remotehost:remoteport) for a range of ports? Not readily that I'm aware. >If do not, can I do a port forwarding dinamically? (is there any >application that do something like this?) There's the -D command (which supports SOCKS right no...

port forwarding/ opening port
hi i'm having P4 2.4 256MB RAM with Win XP SP-2 Pro installed. i'm using 256 kbps connection using adsl2+ router SmartAX MT882 ADSL Router from Huawei, china its having NAT & built in firewall.,,, i'm also using Win XP Firewall to protect my pc.. i want to know how to use port forwarding & how to open port on router so that i can establish connection, also i didn't understand the UDP & TCP, what is it all about? i want to open port for radmin connection... also, how to know that how much secure my pc is from internet... any resource... i have referred to router ...

port forward / port changing
Hi all I have my router set up to port forward various ports across, eg ExtIP:25 -> Mail:25 ExtIP:80 -> Web:80 but I cant figure out how to make the ports different. Eg i have another interal web server which i want to make available externally... ExtIP:8000 -> OtherWeb:80 what is the exact command for this? I've tried ip nat inside source static tcp 192.168.176.150 80 interface Dialer1 8000 but I dont seem to be getting anywhere. It's an 827 running IOS 12.3(15). Thanks Mike Never mind, I have it working now. Mistyped the port in my external access list. My ...

how to have ssh fails if remote forwarding fails
Hi, I'm using this command just to forward a port on a distant host: ssh remotehost -Nnx -o ControlPath=none -o BatchMode=yes -R 2222:localhost:22 I'm running this command in a while loop to have it always up even if the connection timeout because connectivity problem. And sometimes, when it is relaunched, it fails because of the following error: Warning: remote port forwarding failed for listen port 2222 In this case, I'd like ssh to exit and my while loop will launch it again until it succeed. Is it possible ? Note that with the -Nnx options, if the TCP forwarding failed, the command is pretty useless. Thank you for your help Best regards -- Lo�c On May 30, 4:56=A0am, Loic <lll...@free.fr> wrote: > Hi, > > I'm using this command just to forward a port on a distant host: > > ssh remotehost -Nnx -o ControlPath=3Dnone -o BatchMode=3Dyes -R > 2222:localhost:22 > > I'm running this command in a while loop to have it always up even if > the connection timeout because connectivity problem. And sometimes, when > it is relaunched, it fails because of the following error: > > Warning: remote port forwarding failed for listen port 2222 > > In this case, I'd like ssh to exit and my while loop will launch it > again until it succeed. Is it possible ? > > Note that with the -Nnx options, if the TCP forwarding failed, the > command is pretty useless. Won't 'autossh' serve your ne...

Symantec 200R Firewall port forwarding remote desktop security
Hi, I have set up the 200R to allow a virtual server for port 3389 so that I can connect to our remote server using terminal services to the public Internet IP address. It all works OK but I have disabled it because of security reasons. Two questions:- Is there any way to tie down this access to my own PC or network? Can I make the port appear in Stealth mode rather than Open? Regards, Vic Vic Russell wrote: > Hi, > I have set up the 200R to allow a virtual server for port 3389 so that I > can connect to our remote server using terminal services to the public > Internet ...

remote host access on a remote forwarded port
Hi, I tried to connect my home lan to my office. So I want to use VNC in order to forward only one port. Because of the firewall of my office(I don't manage), I want to create a tunnel by this way : LAN(OFFICE)->OFFICE_FIREWALL->(INTERNET)->HOME_FIREWALL->LAN(HOME) to be able to use VNC by this way : VNCClient(HOME)->(tunnel)->VNCServer(OFFICE) I use port 443 to bypass the firewall of my office. So I use the commands : OFFICE: ssh -g -R 5900:VNCServer:5900 -p 443 HOME_FIREWALL HOME: vncclient HOME_FIREWALL But it looks like if the -g option doesn't work wit...

how do i forward ports and allow access on some port?
Hi all, I am using Norton System Works 2005 full edition (with nortn firewall) on a windows 2000 professional OS , now i want to forward port 80,99,100 to a linux box running in the same office and I also want to allow someone access on port 101 and 102. Can someone help me out , how to do it. Regards vivek kedia india vivekkedia@gmail.com wrote: > Hi all, > > I am using Norton System Works 2005 full edition (with nortn firewall) > on a windows 2000 professional OS , now i want to forward port > 80,99,100 to a linux box running in the same office and I also want to > a...

Web resources about - Warning: remote port forwarding failed for listen port 4043 - comp.security.ssh

Call forwarding - Wikipedia, the free encyclopedia
Call forwarding , or call diversion , is a telephony feature of some telephone switching systems which redirects a telephone call to another ...

Facebook Messenger For IOS Adds Groups, Message Forwarding
Facebook released version 4.0 of its Messenger application for iOS , and the major additions were the ability to create groups , and the ability ...

Choice urges IP spoofing for better IT prices - Parliament, House, prices, iTunes, guide, US forwarding ...
Consumers should spoof their IP address and use US forwarding addresses to beat high IT prices in Australia, consumer advocacy group Choice said. ...

Martin Taupau email mix-up highlights legal risks of forwarding misdirected message
An incredible email mix-up gave a Canadian theatre critic a cracking NRL scoop &ndash; and potentially a legal headache.

VPN Routing & Forwarding Instance_网络子站_IT专家网
VRF-VPN路由转发实例(VPN Routing & Forwarding Instance) VPN Routing & Forwarding Instance

Facebook Messenger updated to version 4.0 with groups and message forwarding
... 4.0 Groups: Now you can create groups for the people you message most. Name them, set group photos and keep them all in one place Forwarding: ...

Facebook Messenger For IOS Adds Groups, Message Forwarding - SocialTimes
Facebook released version 4.0 of its Messenger application for iOS , and the major additions were the ability to create groups , and the ability ...

Sprint StarStar Me offers vanity phone numbers and controlled call forwarding
Sprint has kicked off a new add-on service today called StarStar Me. For $2.99/month, subscribers can register a new number that's accessed by ...


Facebook Messenger 4.0 Features Easy Group Creation And Message Forwarding
... , its messaging-focused app, to version 4.0 on iOS. Facebook Messenger 4.0 introduces a couple of significant new features: groups and forwarding. ...

Resources last updated: 3/7/2016 11:06:35 AM