I recently tried to use port forwarding and ran in to some confusion over the GatewayPorts setting. I think it would be helpful to update the _config man pages with the following clarifications: ssh_config GatewayPorts section * (at least for "remote" port forwardings requested using "ssh -R") this parameter doesn't directly control which address is used for the port bindings, but instead controls whether or not the client requests that the remote server do this -- and that the remote server must be configured to allow this option or it will silently be ignored. * It might be good to mention that the "-g" option to ssh is equivalent to GatewayPorts=yes . sshd_config GatewayPorts section * This should be reworded to make clear that GatewayPorts in the server config controls whether or not clients are _allowed_ to request wildcard fowardings, but even with this set to Yes the actual loopback v.s. wildcard setting will be based on the setting requested by the client. * If I my understanding of the port-forwarding process is correct, this setting only applies to "remote" port forwardings ("ssh -R") which are connecting in to this SSH daemon. I looked in the WebCVS versions of ssh_config.5 and sshd_config.5 and it looks like these man page paragraphs still have the same text as the OpenSSH 3.4 release that I am using, so hopefully these changes haven't already been made. Thanks. Nathan
Hmm, after repeating some of my testing I see that I was wrong in my original comments. I guess it's not actually possible to control from the client which type of address binding is used on the server side for a "remote" forward request. And with that in mind I see the man pages do actually say what they need to. Sorry for the confusion. Nathan
Mass change of RESOLVED bugs to CLOSED