Bug 2770 - open failed: administratively prohibited: open failed
Summary: open failed: administratively prohibited: open failed
Status: CLOSED DUPLICATE of bug 2674
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 7.2p2
Hardware: Other Linux
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-08-29 05:54 AEST by jg
Modified: 2021-04-23 15:00 AEST (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description jg 2017-08-29 05:54:44 AEST 
Could the error message be improved to clarify what the issue was? Don't know if it relates to DNS, sockets, ports or a specific file.

Seems to occur sometimes. 
https://unix.stackexchange.com/questions/14160/ssh-tunneling-error-channel-1-open-failed-administratively-prohibited-open

My internet is stable, all my online browsing working well.
This SSH connection also working well from the shell. Both computers on stable Ethernet connections.

j@ubuntu1404:~/aws$ ssh -i "j.pem" -C -D localhost:8080 ubuntu@x.x.x.x
Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.4.0-1030-aws x86_64)
ubuntu@ip-x-x-x-x:~$ channel 12: open failed: administratively prohibited: open failed
channel 16: open failed: administratively prohibited: open failed
channel 20: open failed: administratively prohibited: open failed
channel 5: open failed: administratively prohibited: open failed
channel 6: open failed: administratively prohibited: open failed
channel 7: open failed: administratively prohibited: open failed
channel 3: open failed: administratively prohibited: open failed
channel 4: open failed: administratively prohibited: open failed
channel 6: open failed: administratively prohibited: open failed


This is in a 10 minute period.

Assuming these messages are from "ssh" client?

SSH ob client and SSHD on server is
OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g  1 Mar 2016
Comment 1 Darren Tucker 2017-08-29 08:34:51 AEST 
Please upgrade to a newer version, this was fixed in 7.4.

https://anongit.mindrot.org/openssh.git/commit/?id=858252fb1d451ebb0969cf9749116c8f0ee42753

Author: dtucker@openbsd.org <dtucker@openbsd.org>
Date:   Wed Feb 1 02:59:09 2017 +0000

    upstream commit
    
    Return true reason for port forwarding failures where
    feasible rather than always "administratively prohibited".  bz#2674, ok djm@
    
    Upstream-ID: d901d9887951774e604ca970e1827afaaef9e419

*** This bug has been marked as a duplicate of bug 2674 ***
Comment 2 Darren Tucker 2017-08-29 08:36:40 AEST 
[...]
> Assuming these messages are from "ssh" client?

No, they're generated by the server and sent to the client which displays them.
Comment 3 jg 2017-08-29 16:07:44 AEST 
Great! Thank you for fixing this already.
Apologies, I'm using latest Ubuntu LTS version, will get new version in six months I believe.
Comment 4 Damien Miller 2021-04-23 15:00:56 AEST 
closing resolved bugs as of 8.6p1 release