With Red Hat Linux 7+errata for both client and server, remote port
forwarding only works if the server has 'Protocol 1' in
/etc/ssh/sshd_config. It doesn't seem to work with protocol 2.
Is this just omitted from the documentation, or is it supposed to work
This hasn't been implemented yet. There has been a patch on
openssh-unix-dev list sometime ago though.
FWIW, this has been implemented (based on the abovementioned patch) in the latest OpenSSH snapshots.
This is fixed in the released openssh-2.5.1p1
2.5.1p1 is (will be) in rawhide.
This is broken again in openssh-2.9p2-3 from rawhide.
Fixed in OpenSSH CVS by this, (I think):
date: 2001/05/10 23:24:49; author: mouring; state: Exp; lines: +4 -3
- email@example.com 2001/05/09 22:51:57
fix -R for protocol 2, noticed by firstname.lastname@example.org.
bug was introduced with experimental dynamic forwarding.
RCS file: /cvs/openssh_cvs/channels.c,v
retrieving revision 1.86
retrieving revision 1.87
diff -u -r1.86 -r1.87
--- channels.c 2001/05/08 20:07:40 1.86
+++ channels.c 2001/05/10 23:24:49 1.87
@@ -40,7 +40,7 @@
-RCSID("$OpenBSD: channels.c,v 1.114 2001/05/08 19:17:30 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.115 2001/05/09 22:51:57 markus Exp $");
@@ -771,8 +771,9 @@
rtype = (c->type == SSH_CHANNEL_RPORT_LISTENER) ?
"forwarded-tcpip" : "direct-tcpip";
- nextstate = (c->host_port == 0) ? SSH_CHANNEL_DYNAMIC :
+ nextstate = (c->host_port == 0 &&
+ c->type != SSH_CHANNEL_RPORT_LISTENER) ?
+ SSH_CHANNEL_DYNAMIC : SSH_CHANNEL_OPENING;
addrlen = sizeof(addr);
newsock = accept(c->sock, &addr, &addrlen);