Bug 2592

Summary: -R bind_address not working, always bind 0.0.0.0
Product: Portable OpenSSH Reporter: vf <fffilimonov>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED INVALID    
Severity: normal    
Priority: P5    
Version: 7.2p1   
Hardware: amd64   
OS: Linux   

Description vf 2016-06-20 23:40:26 AEST 
Hello!

At server running sshd with 'GatewayPorts yes'.
There is many active network interfaces:

eth0      Link encap:Ethernet
lo        Link encap:Local Loopback
tun0      Link encap:UNSPEC
tun1      Link encap:UNSPEC
tun2      Link encap:UNSPEC

IP address at eth0 is 10.10.10.10.

After connection:

./ssh 10.10.10.10 -p444 -R10.10.10.10:8081:127.0.0.1:80

I see at netstat:

#netstat -nlpt | grep 8081
tcp        0      0 0.0.0.0:8081                0.0.0.0:*                   LISTEN      8729/sshd
tcp        0      0 :::8081                     :::*                        LISTEN      8729/sshd

#ps axuf | grep sshd
root      8728  0.1  0.5  28004  2680 pts/0    S+   16:37   0:00          \_ ./ssh 10.10.10.10 -p444 -R10.10.10.10:8081:127.0.0.1:80
root      7899  0.0  0.1  27932   972 ?        Ss   14:57   0:00 /root/openssh-portable/sshd -f sshd_config
root      8729  0.0  0.5  30492  2724 ?        Ss   16:37   0:00  \_ sshd: root@pts/1
root      8749  0.0  0.1 103316   804 pts/1    S+   16:37   0:00          \_ grep ssh

How can I bind port at specified address while requesting remote port forwarding?
Comment 1 vf 2016-06-21 00:05:28 AEST 
     GatewayPorts
             Specifies whether remote hosts are allowed to connect to ports forwarded for the client.  By default, sshd(8) binds remote port for-
             wardings to the loopback address.  This prevents other remote hosts from connecting to forwarded ports.  GatewayPorts can be used to
             specify that sshd should allow remote port forwardings to bind to non-loopback addresses, thus allowing other hosts to connect.  The
             argument may be ânoâ to force remote port forwardings to be available to the local host only, âyesâ to force remote port forwardings
             to bind to the wildcard address, or âclientspecifiedâ to allow the client to select the address to which the forwarding is bound.
             The default is ânoâ.
Comment 2 Damien Miller 2018-04-06 12:26:29 AEST 
Close all resolved bugs after release of OpenSSH 7.7.