I require constant SSH access to a host in our department, whose IP address is dynamically allocated. I've set up a remote SSH tunnel from the target host to one of our hosts that does posess a static ip address:
ssh -f -N -g -R :22223:localhost:22 tunnelhost
When I point SSH at local port 22223
on the tunnel host, the tunnel works fine. My problem is that I cannot seem to get the tunnel bound to anything other than localhost, though – i.e. when I try to SSH remotely to tunnelhost:12323
, there is no open port to receive it. I've also tried:
ssh -f -N -R :22223:localhost:22 tunnelhost -o GatewayPorts=yes
But still no luck. Netstat shows me:
[me@tunnel_host ~]$ netstat -an | grep 22223
tcp 0 0 127.0.0.1:22223 0.0.0.0:* LISTEN
tcp6 0 0 ::1:22223 :::* LISTEN
Confirming that the tunnel is only bound to localhost. I've added a port exception on the tunnel host, with firewalld-cmd, and ensured no network hardware is interfering with the connection. Any ideas as to what it could be?
Cheers, James.
Best Answer
You need to enable
GatewayPorts=yes
in the config for SSHd (/etc/ssh/sshd_config
), not the client in order to enable binding to interfaces other than loopback on remote ports.Only works for local ports when passed to the
ssh
command.