Target solution: Applications (client and server) to run over SSH port forwarding / tunnel setup (SSH client and Server). ---------------------------------------------------------------------- Issue: OpenSSH at server side need to port forward only for Remote port forwarding requests when the client SSH is on -L mode, but with 8.2p1 build, it does connect apps even on (-L) Local port forward options. 1B. Command: $SSH -R 6900:127.0.0.1:5900 ssh@127.0.0.1 or 1B. Command: $SSH -L 6900:127.0.0.1:5900 ssh@127.0.0.1 Comments: both commands are working. --------------------------------------------------------------------- Question: SSH as server supporting both modes (-L) and (-R) if the SSH as client is running (-L) option is known behavior? or does it needs a fix. ---------------------------------------------------------------------- TestBench: Remote system connected with home network system via VPN. ====================================================================== Setup details: 1. At linux machine in remote network: 1A. VNC_Server is running at port 5900 and configured to accept connection strictly for 127.0.0.1 IP only. Command: $./libVncServer/example/example 1B. openSSH as server in port forwarding mode is supposed to work only for (-R) Remote port forwarding mode but it works for (-L) Local port forwarding as well. Command: $SSH -R 6900:127.0.0.1:5900 ssh@127.0.0.1 --------------------------------------------------------------------- 2. At windows machine in home network: 2A. openSSH as client in set in (-L) mode. Command: ssh -L 5900:127.0.0.1:6900 <user>@<LinuxMachineIP> 2B. VNC viewer in UI settings configured to connect to 127.0.0.1 at port 5900. ======================================================================
Setup: VNCServer<-->OpenSSH_Server(RPF) <===> openSSH_Client(LPF)<-->VNCClient ------------------------------------------------------------------------ Individual App details: 1. VNCServer on LinuxSystem: configured to run at 127.0.0.1 at port 5900 2. OpenSSH as Server on LinuxSystem: ssh -R 6900:127.0.0.1:5900 user@127.0.0.1 3. OpenSSH as Client on Windows: ssh -L 5900:127.0.0.1:6900 user@LinuxSystemIP 4. VNCClient on Windows: VNCClient.exe 127.0.0.1:5900 configured to connect to 127.0.0.1 on port 5900
If I'm understanding your report correctly then this is working as intended: > 1B. Command: $SSH -R 6900:127.0.0.1:5900 ssh@127.0.0.1 This asks ssh/sshd to forward remote port 6900 to 127.0.0.1:5900 at the local side. > 1B. Command: $SSH -L 6900:127.0.0.1:5900 ssh@127.0.0.1 This asks ssh/sshd to forward local port 6900 to 127.0.0.1:5900 at the remote side. Since the "remote side" in both these examples is localhost, there is no effective difference between these commands, and they could be used interchangeably.
(In reply to PavanKumar K Arakere from comment #1) > 2. OpenSSH as Server on LinuxSystem: > ssh -R 6900:127.0.0.1:5900 user@127.0.0.1 This step in unnecessary. > 3. OpenSSH as Client on Windows: > ssh -L 5900:127.0.0.1:6900 user@LinuxSystemIP You want this instead: $ ssh -L 5900:127.0.0.1:5900 user@LinuxSystemIP Note that some vncviewer implmentations have ssh port forwarding integrated with the "-via" flag. If you have one of those you can replace steps 2-4 with: $ vncviewer -via user@LinuxSystemIP 127.0.0.1