Project

General

Profile

Actions
Copy link

Bug #4183

open

(sshd) Unable to forward TCP port

Added by Rome Novikov about 10 years ago. Updated about 10 years ago.

Status:
New
Priority:
Urgent
Assignee:
OI illumos
Category:
OS/Net (Kernel and Userland)
Target version:
-
Start date:
2013-10-06
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
ssh

Description

Hi! I'm trying to forward a TCP port from localhost of the remote server to the local machine using SSH. After the SSH connection is established I try to use the forwarded port but the tunnel is not working and a get the following error in /var/adm/messages : Oct 6 13:27:12 hisoft-oisrvh01 sshd1543: [ID 800047 auth.error] error: setsockopt TCP_NODELAY: Invalid argument
Nevertheless the telnet shows that the tunneling connection is established - I can put lines as many as I want but respondless.. And I see no warnings in terminal. X11 connections work Ok - I can use GUI-applications remotely (with -X).
So I put the "AllowTcpForwarding yes" option into sshd_config and restarted sshd but useless.
I don't know if it is a new security feature or a bug but the ssh-tunneling is a main thing I use for my work..
Please help me to resolve the problem - it's very important at least for my job...

Actions
Copy link
 #1

Updated by Rome Novikov about 10 years ago

I've install openssh from csw - the same result..

Actions
Copy link
 #2

Updated by Rome Novikov about 10 years ago

So as a workaround I've found a temporary solution. Obviously this issue is because there are some troubles with implementing IPv6. It somehow helps if the IPv6 support of sshd is disabled.
Thanks the authors of the following messages http://forums.servethehome.com/solaris-nexenta-openindiana-napp/2064-esxi-omnios-vm-problem-portforwarding-tcp_nodelay-invalid-argument.html
So I made the next changes:
"Modifiy: /lib/svc/method/sshd
Find the line "/usr/lib/ssh/sshd" and change it to "/usr/lib/ssh/sshd -4"

Then edit "/etc/ssh/sshd_config" and comment
out "ListenAddress ::" and uncomment "ListenAddress 0.0.0.0"

Execute "svcadm restart ssh" and you are good to go."

After that if I forward an unexisting remote socked onto local machine - I'll get the hanging relult for the local application (such as rdesktop, telnet) without any breaking the connection or any messages in my console. But if the remote socked exists - I have my rdp-terminal worked properly.

Actions
Copy link
 #3

Updated by Ken Mays about 10 years ago

  • Category set to OS/Net (Kernel and Userland)
  • Assignee set to OI illumos
  • Tags changed from needs-triage to ssh
Actions
Copy link

Also available in: Atom PDF