Consider the following command: foo% ssh -R 8080:localhost:80 bar The above would forward the port 8080 on bar to port 80 on machine foo. However, this only permits applications running on bar to connect to its 8080 port. An application running on a third machine (say baz) cannot connect to bar:8080. ssh needs to support a way to allow this. Note that the '-g' option with ssh only works for the ports forwarded with the '-L' option. Thus, if I had instead used: foo% ssh -g -L 8080:localhost:80 bar The above forwards port 8080 on foo to port 80 on bar. It also permits a 3rd machine baz to connect to foo:8080.
What you're asking for is included in bug #413. *** This bug has been marked as a duplicate of 413 ***
This bug is not a duplicate of bug 413. Bug 413 is concerned with the "-L" option. This bug is concerned with the "-R" option. Please read the bug carefully before marking it a duplicate.
Just adding a bit more clarification on why this bug is not a duplicate of bug 413. Bug 413 does not require changes to the protocol between the ssh client and server. This bug requires that the ssh client give some extra information to the ssh server and thus requires changes to the protocol. This extra information tells the remote server how to listen on the remote port that's going to be forwarded to a port on the ssh client's machine.
Please read the bug carefully before reopening it. This IS a duplicate of bug #413 In your case the client needs to tell the server the bind-address and this is what 413 does. No need to modifiy protocol version 2. However, sshd will probably _NEVER_ allow the client to specify a liste address (unless GatewayPorts is enabled). *** This bug has been marked as a duplicate of 413 ***