question regarding port forwarding with dropbear

[Matt Johnston]

On Tue, Mar 14, 2006 at 10:23:33PM -0700, Smith Kennedy wrote:
> Hello,
> 
> I have a router that is running dropbear for an ssh server.  I am  
> trying to use dropbear for "listener port forwarding" , but so far I  
> am not able to do so.  I am using the following arguments to the  
> "ssh" command:
> 
> ssh -g -N -R 9777:localhost:9778 foo at null.bitbucket.org
> 
> If the "-g" argument is provided to ssh, and the sshd at the other  
> end is the OpenSSH sshd, and its sshd_config file contains the  
> "GatewayPorts yes" directive, then sshd on the remote host will begin  
> listening on port 9777, forwarding any connections over the tunnel to  
> port 9778 on the machine at the other end of the tunnel, and it all  
> works.  If this directive is missing then sshd will only listen on  
> port 9777 for the loopback address (localhost:9777) instead of on all  
> interfaces (*:9777), which defeats the purpose of the exercise.
> 
> The corresponding argument for dropbear seems to be omitting the "-k"  
> argument when starting dropbear.  However, dropbear isn't being  
> started with that argument.
> 
> Is there something additional I need to do, or is this just a  
> deficiency with dropbear?

You'll have to start the Dropbear server with the -a
argument (equivalent to the "gatewayports yes" directive).
Dropbear's -k option disables "ssh -R" style forwarding entirely.
Note that "-a" was only introduced in Dropbear 0.47.

Let me know if that doesn't work.

Cheers,
Matt