Bug 72723 - SSH port forwarding non-functional.
SSH port forwarding non-functional.
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: openssh (Show other bugs)
8.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-08-26 19:12 EDT by Sandip Patel
Modified: 2007-04-18 12:46 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-02-07 07:46:47 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Sandip Patel 2002-08-26 19:12:39 EDT
Description of Problem:
Set-up of ssh local port forwarding results in the xterm/shell in which the ssh
command was launched, "locking" up. 
I have disabled the firewall (using iptables -F and through the setup command).

The problem does not occur on the limbo release. 

Version-Release number of selected component (if applicable):
open-ssh_3.4p1,sshprotocols1.5/2.0;openssh0x0090602f

How Reproducible:
100% reproducible

Steps to Reproduce:
1. ssh -L localPort:remotehost:remotePort user@remoteserver.com
2. in a different shell type vncviewer localhost:localPort
3. This is some data exchanged e.g VNC prompts for the server password.
Howerver, all traffic ceases thereafter. 

Actual Results:


Expected Results:


Additional Information:
Similar problems occur when port forwarding imap ports e.g 143.
Comment 1 Barry K. Nathan 2002-08-27 04:45:05 EDT
I tried and failed to reproduce this on (null). In other words, WORKSFORME...
Comment 2 tbeckman 2002-12-18 22:36:58 EST
I also have this problem using the openssh on Redhat 8.0.  X11 port forwarding
is broken when ssh'ing from a Red Hat 7.3 box to a Red Hat 8.0.  Instead of
forwarding X11 data through ssh, it tries to send the X11 traffic outside the
ssh session.  I get a message stating that it couldn't reach the display. 
Looking at the iptables log messages on the the Red Hat 7.3 machines shows that
the Red Hat 8.0 box was attempting to send data directly to port 6010 on the Red
Hat 7.3 box.  So, I suggest you configure your test box to reject all incoming
connections.  I bet it won't work for you then.

It works fine when ssh'ing from the Red Hat 8.0 box to the Red Hat 7.3 box.
Comment 3 George France 2003-03-24 12:50:56 EST
I had same the problem that was reported by tbeckman@splitrocktel.net.  After
doing analysis of many packets, I found the problem I was have was with ECN. 
Appending:

#disable ECN
net.ipv4.tcp_ecn = 0

to /etc/sysctl.conf, then rebooting my system has solved the problem for me.  I
do not know if it will help anybody else, but it works for me.

Best Regards,



--George

Comment 4 Darren Tucker 2003-11-05 03:17:07 EST
Could be an MTU mismatch.  The usual suspects are a firewall, NAT
device, or PPPoE between server and client.  See
http://www.snailbook.com/faq/mtu-mismatch.auto.html
Comment 5 Barry K. Nathan 2004-07-14 10:07:21 EDT
Is anyone still having this problem with Fedora Core or Red Hat
Enterprise Linux? If not, then this is a stale bug that needs to be
closed...
Comment 6 Tomas Mraz 2005-02-07 07:46:47 EST
No response to comment #5.

Note You need to log in before you can comment on or make changes to this bug.