Mailing List Archive

[Bug 3333] New: Both Local Port forwarding and Remote port forwarding at openSSH working is not a right case, if SSH Client is on Remote port forwarding
https://bugzilla.mindrot.org/show_bug.cgi?id=3333

Bug ID: 3333
Summary: Both Local Port forwarding and Remote port forwarding
at openSSH working is not a right case, if SSH Client
is on Remote port forwarding
Product: Portable OpenSSH
Version: 8.2p1
Hardware: All
OS: Linux
Status: NEW
Severity: security
Priority: P5
Component: sshd
Assignee: unassigned-bugs@mindrot.org
Reporter: pshimoga@gmail.com

Target solution:
Applications (client and server) to run over SSH port forwarding /
tunnel setup (SSH client and Server).
----------------------------------------------------------------------
Issue: OpenSSH at server side need to port forward only for Remote port
forwarding requests when the client SSH is on -L mode, but with 8.2p1
build, it does connect apps even on (-L) Local port forward options.
1B. Command: $SSH -R 6900:127.0.0.1:5900 ssh@127.0.0.1
or
1B. Command: $SSH -L 6900:127.0.0.1:5900 ssh@127.0.0.1
Comments: both commands are working.
---------------------------------------------------------------------
Question: SSH as server supporting both modes (-L) and (-R) if the SSH
as client is running (-L) option is known behavior? or does it needs a
fix.
----------------------------------------------------------------------

TestBench:
Remote system connected with home network system via VPN.
======================================================================
Setup details:
1. At linux machine in remote network:
1A. VNC_Server is running at port 5900 and configured to accept
connection strictly for 127.0.0.1 IP only.
Command: $./libVncServer/example/example

1B. openSSH as server in port forwarding mode is supposed to work only
for (-R) Remote port forwarding mode but it works for (-L) Local port
forwarding as well.
Command: $SSH -R 6900:127.0.0.1:5900 ssh@127.0.0.1

---------------------------------------------------------------------
2. At windows machine in home network:
2A. openSSH as client in set in (-L) mode.
Command: ssh -L 5900:127.0.0.1:6900 <user>@<LinuxMachineIP>

2B. VNC viewer in UI settings configured to connect to 127.0.0.1 at
port 5900.

======================================================================

--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs