The manual page for -L and -R does not mention -g. Since the default behaviour has changed it would be nice if the sections on -L and -R ended with: See also -g to allow remote hosts to connect.
hm, how did the default change?
Earlier it was the default that remote hosts could connect to a forwarded port. Now you will have to explicitly use -g. In any case it would be nice if -g was mentioned in relation to -L.
No, GatewayPorts=no has always been the default.
It's true that the default for GatewayPorts hasn't changed, but it will now affect the address_to_bind in remote port forwards where previously it wouldn't (the client always sent 0.0.0.0). "ssh -R 1234:localhost:22 -v -N localhost" gives: Remote connections from LOCALHOST:1234 forwarded to local address localhost:22 "ssh -R 1234:localhost:22 -g -v -N localhost" gives: Remote connections from *:1234 forwarded to local address localhost:22 (In recent OpenSSH servers, this is further modified if GatewayPorts is "clientspecified").
Created attachment 925 [details] Fix misleading log message I don't think so: a client's GatewayPorts isn't propogated to the server, nor is it used to fill in the address_to_bind if none is specified. Note that the log message in ssh_init_forwarding() is incorrect (see attachment) - it tells the user that the listen_address depends on gateway_ports. See channels.c:channel_request_remote_forwarding() - it always sends a listen_addr of localhost if none is specified.
debug message fix attached, I don't think any more explanation is required as the manpage for -L already mentions GatewayPorts.
Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.