Remote Port Forwarding: local port on client

Matt Johnston matt at ucc.asn.au
Mon Nov 3 22:36:47 WST 2008


On Mon, Nov 03, 2008 at 07:52:14AM +0100, Michael Wiedmann wrote:
> Hi,
> 
> am I correct, that the local port used on the client ('YY' in '-R XXXX:client-ip:YY') is not part of the SSH_MSG_GLOBAL_REQUEST packet (see http://www.faqs.org/rfcs/rfc4254.html, 7.1.  Requesting Port Forwarding)?
> 
> I'd like to know on the server side (child process) the port the clients wish to forward to so that I can build an URL for this port forwarding if the port is forwarded to an HTTP port.
> 
> Alternatively are there any plans to support remote port forwarding with an unspecified port (=0) so that the server can choose the next unprivileged port (see also RFC 4254. Marked as unsupported in svr-tcpfwd.c)?

Neither client-ip nor the YY port are given to the remote
server in the SSH_MSG_GLOBAL_REQUEST packet. I don't quite
see how it would be useful though?

Adding unspecified-port remote forwarding would probably be
fairly straightforward - I just didn't see a need for it
previously. If the client printed a message 
    Remote port <server-port> forwarded to <host:port>
on standard error would that be a useful interface?

Also, I've implemented printing an error message if the
remote forward fails, it'll be in the next release (or the
current development tree)

Matt


More information about the Dropbear mailing list