Professional Web Applications Themes

OpenSSH 3.4p1 port forwarding problem - SCO

I am attempting to setup port forwarding of port 1680 over the SSH tunnel to allow Carbon Copy on the local Windows machine to connect to CC on a Windows host at the client's office. When I proposed this 2 years ago, I had set up a test at another client's office and I got it to work with very little trouble. (SCO 5.0.5 Enterprise with either ssh_3.0.p1_os5.tar or ssh-504.tar. I don't have access to the machine as the company went out of business) Finally, the client using CC to connect from home to the office using dial-up has installed ...

  1. #1

    Default OpenSSH 3.4p1 port forwarding problem

    I am attempting to setup port forwarding of port 1680 over the SSH
    tunnel to
    allow Carbon Copy on the local Windows machine to connect to CC on a
    Windows
    host at the client's office.

    When I proposed this 2 years ago, I had set up a test at another
    client's office
    and I got it to work with very little trouble. (SCO 5.0.5 Enterprise
    with
    either ssh_3.0.p1_os5.tar or ssh-504.tar. I don't have access to the
    machine as
    the company went out of business)

    Finally, the client using CC to connect from home to the office using
    dial-up has
    installed DSL at both end and I have been unable to get CC working over
    ssh3.1p1.

    I downloaded openssh3.4p1 in VOLS from SKUNKWARE and still no luck.

    I'm using TerraTermPro with SSH extensions to make the connection. I
    configured
    TTPRO to forward 1680 on the local Windows pc to 192.168.10.34:1680 at
    the
    client site.

    When I try to connect with CC to "localhost" I get the following
    message:

    "A program on the local machine attempted to connect to a forwarded
    port.
    The forwarding request was denied by the server. The connection has been
    closed."

    When I model the connection on my office LAN, I connect to server
    192.168.111.231
    and set TTPRO to forward 1680:192.168.111.10:1680 (the local machine
    with CC)
    and use CC to connect to "localhost" I then get the message:

    "Host with IP number 192.168.111.231 tried to connect to
    forwarded local port 1680. This could be some kind of hostile attack."

    Indicating that forwarding is attempted. When I change the forwarding
    request to
    point to a nonexistent host (local 1680:remote 192.168.111.34):1680, the
    following
    appears when running netstat -a:

    tcp 0 0 pentium.1301 192.168.111.34.1680
    SYN_SENT
    tcp 0 0 localhost.2022 *.*
    LISTEN
    tcp 0 0 pentium.22 smf4861.1054
    ESTABLISHED
    tcp 0 4 pentium.telnet smf4861.1022
    ESTABLISHED
    tcp 0 0 pentium.telnet smf4861.1023
    ESTABLISHED
    tcp 0 0 pentium.nb-ssn smf4861.nterm
    ESTABLISHED
    tcp 0 0 *.1266 *.*
    LISTEN
    tcp 0 0 *.1265 *.*
    LISTEN
    tcp 0 0 *.nb-ssn *.*
    LISTEN
    :q

    Again, indicating that port forwarding is configured and should be
    working.

    Yesterday, I was on-site at the client and set up CC on another Win98
    system on the
    local network. I was able to use CC to connect to the target machine
    directly
    192.168.10.39 -> 192.168.10.34. But when I installed TTPRO on the .39
    machine
    and used it to connect to 192.168.10.33 (SCO 5.0.5) and setup forwarding
    as local 1680:remote 192.168.10.34:1680.

    I got the same failed connection:
    "A program on the local machine attempted to connect to a forwarded
    port.
    The forwarding request was denied by the server. The connection has been
    closed."

    Changing the forwarding to local 1680:remote 192.168.10.101:1680,
    results in a timed
    out connection attempt and netstat -a showing:

    tcp 0 0 wwcpa.1301 192.168.10.101.1680
    SYN_SENT
    tcp 0 0 localhost.2022 *.*
    LISTEN
    tcp 0 0 wwcpa.22 randy.1054
    ESTABLISHED

    Again, appearing to show that forwarding is being attempted. What I have
    not been
    able to determine is why CC is failing to connect to the target machine
    over the
    forwarded port.

    These tests were conducted after adding: "AllowTcpForwarding yes" to the
    default /usr/local/etc/sshd_config file. Adding "GatewayPorts yes" does
    not
    correct the failure.

    Does anyone have any information on how to change the sshd_config file
    to
    complete port forwarding to allow CC to communicate over the ssh tunnel?

    All suggestions are welcome.
    --
    Steve Fabac
    S.M. Fabac & Associates
    816/765-1670
    Steve Guest

  2. #2

    Default Re: OpenSSH 3.4p1 port forwarding problem

    > Reposted after cleaning text wrap problem

    I am attempting to setup port forwarding of port 1680 over the SSH
    tunnel to allow Carbon Copy on the local Windows machine to connect
    to CC on a Windows host at the client's office.

    When I proposed this 2 years ago, I had set up a test at another
    client's office and I got it to work with very little trouble.
    (SCO 5.0.5 Enterprise with either ssh_3.0.p1_os5.tar or ssh-504.tar.
    I don't have access to the machine as the company went out of business)

    Finally, the client using CC to connect from home to the office using
    dial-up has installed DSL at both end and I have been unable to get CC
    working over ssh3.1p1.

    I downloaded openssh3.4p1 in VOLS from SKUNKWARE and still no luck.

    I'm using TerraTermPro with SSH extensions to make the connection.
    I configured TTPRO to forward 1680 on the local Windows pc to
    192.168.10.34:1680 at the client site.

    When I try to connect with CC to "localhost" I get the following
    message:

    "A program on the local machine attempted to connect to a forwarded
    port. The forwarding request was denied by the server. The connection
    has been closed."

    When I model the connection on my office LAN, I connect to server
    192.168.111.231 and set TTPRO to forward 1680:192.168.111.10:1680
    (the local machine with CC) and use CC to connect to "localhost" I
    then get the message:

    "Host with IP number 192.168.111.231 tried to connect to forwarded
    local port 1680. This could be some kind of hostile attack."

    Indicating that forwarding is attempted. When I change the forwarding
    request to point to a nonexistent host (local 1680:remote 192.168.111.34
    :1680), the following appears when running netstat -a:

    tcp 0 0 pentium.1301 192.168.111.34.1680 SYN_SENT
    tcp 0 0 localhost.2022 *.* LISTEN
    tcp 0 0 pentium.22 smf4861.1054 ESTABLISHED
    tcp 0 4 pentium.telnet smf4861.1022 ESTABLISHED
    tcp 0 0 pentium.telnet smf4861.1023 ESTABLISHED
    tcp 0 0 pentium.nb-ssn smf4861.nterm ESTABLISHED
    tcp 0 0 *.1266 *.* LISTEN
    tcp 0 0 *.1265 *.* LISTEN
    tcp 0 0 *.nb-ssn *.* LISTEN
    :q

    Again, indicating that port forwarding is configured and should be
    working.

    Yesterday, I was on-site at the client and set up CC on another Win98
    system on the local network. I was able to use CC to connect to the
    target machine directly 192.168.10.39 -> 192.168.10.34.

    But when I installed TTPRO on the .39 machine and used it to connect
    to 192.168.10.33 (SCO 5.0.5) and set up forwarding as
    local 1680:remote 192.168.10.34:1680.

    I got the same failed connection: "A program on the local machine
    attempted to connect to a forwarded port. The forwarding request
    was denied by the server. The connection has been closed."

    Changing the forwarding to "local 1680:remote 192.168.10.101:1680,"
    results in a timed out connection attempt and netstat -a showing:

    tcp 0 0 wwcpa.1301 192.168.10.101.1680 SYN_SENT
    tcp 0 0 localhost.2022 *.* LISTEN
    tcp 0 0 wwcpa.22 randy.1054 ESTABLISHED

    Again, appearing to show that forwarding is being attempted. What I have
    not been able to determine is why CC is failing to connect to the
    target machine over the forwarded port.

    These tests were conducted after adding: "AllowTcpForwarding yes" to the
    default /usr/local/etc/sshd_config file. Adding "GatewayPorts yes" does
    not correct the failure.

    Does anyone have any information on how to change the sshd_config file
    to complete port forwarding to allow CC to communicate over the ssh
    tunnel?

    All suggestions are welcome.
    --

    Steve Fabac
    S.M. Fabac & Associates
    816/765-1670
    Steve Guest

  3. #3

    Default Re: OpenSSH 3.4p1 port forwarding problem

    Steve Fabac wrote: 
    >
    > I am attempting to setup port forwarding of port 1680 over the SSH
    > tunnel to allow Carbon Copy on the local Windows machine to connect
    > to CC on a Windows host at the client's office.
    >
    > When I proposed this 2 years ago, I had set up a test at another
    > client's office and I got it to work with very little trouble.
    > (SCO 5.0.5 Enterprise with either ssh_3.0.p1_os5.tar or ssh-504.tar.
    > I don't have access to the machine as the company went out of business)[/ref]

    Stuff deleted
     


    As Bela suggested, I removed openssh3.4p1 and reverted to installing
    ssh from ssh-504.tar (sshd version OpenSSH_2.2.0p1) and tested it.
    The problem still remained but the sshd -ddd output was different:
     
    repeated 4 times. 
    repeated 5 more times 
    repeated 4 more times 

    Where openssh3.4p1 sshd -ddd resulted in: 

    Note the more descriptive debug output of ssh2.2p1 for the forwarded
    port failure:
     

    vs ssh3.4p1: 

    With 2.2.0p1 debug information clearly indicating that the connection on
    port 1680 was being refused by 192.168.10.34 and is not a problem with
    ssh port forwarding, I reviewed the "wait for connection" configuration
    tab for CC and noted that "use internet" was not checked.

    I checked "use internet" and un-checked "use network broadcasts."
    Then deleted the default "Internet Locator Servers" leaving the
    configuration field blank.(This is the recommended configuration
    when connecting through a firewall on port 1680 when not using
    Internet Locator Server to connect by name.)

    When I tested the forwarded connection on port 1680 by pointing CC to
    localhost on the Win98 client machine, I was able to successfully
    connect to CC waiting for a TCP connection on 192.168.10.34.

    I un-installed SSH2.2.0p1 and reinstalled openssh3.4p1 and with the
    default sshd_config file was able to use CC over the forwarded
    connection.

    So, by not being familiar with the debug output of 3.4p1 I was unable to
    identify the source of the connection problem. Only when I re-installed
    ssh2.2.0p1, and obtained an indication that clearly showed that CC on
    the target machine was rejecting the connection, I was chasing problems
    with ssh when the problem was an improper configuration choice in CC.

    Thanks for the utility of openssh3.4p1, but "Bronx Cheer" for adopting
    the cryptic debug messages.

    --

    Steve Fabac
    S.M. Fabac & Associates
    816/765-1670
    Steve Guest

Similar Threads

  1. port forwarding
    By faEight in forum Macromedia Flash Flashcom
    Replies: 1
    Last Post: January 9th, 12:33 AM
  2. Port forwarding for 2 PCs in my network
    By be in forum Windows Networking
    Replies: 2
    Last Post: July 16th, 04:18 PM
  3. fetchmail and port forwarding
    By Emma Jane Hogbin in forum Debian
    Replies: 3
    Last Post: July 9th, 12:10 AM
  4. Ask for the notes on XP ICS port forwarding:
    By DBMOT in forum Windows Networking
    Replies: 1
    Last Post: July 7th, 11:48 AM
  5. port forwarding issues
    By Bas Zoetekouw in forum Debian
    Replies: 2
    Last Post: July 1st, 09:50 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139