Bug 22331 - openssh has connection forwarding problems
Summary: openssh has connection forwarding problems
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: openssh
Version: 7.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2000-12-15 06:54 UTC by dh_redhat
Modified: 2007-04-18 16:30 UTC (History)
1 user (show)

Clone Of:
Last Closed: 2005-03-31 11:40:43 UTC

Attachments (Terms of Use)

Description dh_redhat 2000-12-15 06:54:15 UTC
channel 17: chan_shutdown_read: shutdown() failed for fd21 [i1 o16]:
Transport endpoint is not connected

This is one typical error that I get running the following configuration:

1. CLIENT: openssh-2.3.0p1-4 as the client ssh

2. SERVER SSH Version 1.2.26 [i686-unknown-linux], protocol version 1.5.
Standard version.  Does not use RSAREF.
Linux mark 2.2.17 #2 Fri Oct 20 02:26:15 PDT 2000 i686 unknown

3. SQUID: Squid Cache version 2.3.STABLE4

4. Connection forwarding (no compression) from local port 2080 to remote
port 2080 where SQUID listens on.

Here's a picture of the configuration:

Browser --> ssh client port 2080 (as proxy for browser) --> [Internet] -->
sshd  on some remote host (forwards connections to localhost 2080) -->
squid (listens on 2080) --> [grab the requested page]

The problem is that some of the connections work, others die with the error
above on the Squid side.

Please note that the current configuration works fine when using a
different ssh client than openssh shipped with RedHat 7.0. For example an
ssh compiled by myself works fine. Also,  a Windows client F-Secure SSH 1.1
works fine.

It looks like openssh has a problem with connection forwarding.

I am doing this in order to prevent HTTP request loggin by my ISP.

Comment 1 Tomas Mraz 2005-02-02 15:55:24 UTC
Please test with current Fedora Core distribution.

Comment 2 Tomas Mraz 2005-03-31 11:40:43 UTC
No response, please reopen if still happens with a current FC/RHEL release.

Note You need to log in before you can comment on or make changes to this bug.