Ssh – “channel 3: open failed: administratively prohibited: open failed” when creating a VNC session on a SSH tunnel

port-forwardingsshssh-tunnelingvnc

On creating a VNC connection via tunneled SSH connection, I get an error:

channel 3: open failed: administratively prohibited: open failed

I have found that this happens only when I'm not logged into the host locally as the username on the host I'm trying to connect to using a tunneled VNC connection. SSH Tunnel:

ssh -p 6000 -L 5901:127.0.0.1:5901 username@192.168.0.2

VNC connection:

vncviewer localhost:1

I've tried adjusting the settings in /etc/ssh/sshd_config using AllowTunnel yes and without the setting. (I did restart ssh after each change: service ssh restart) However, the error goes away if I have a local session running on the remote host (i.e. I'm logged in as username locally.) Is anyone else seeing this behavior? It seems like I should be able to start a VNC remotely and access it with out having to logged in locally as well.

Best Answer

The option you are looking for is not AllowTunnel (it is for VPN and level 3 forwarding using tun devices). You are looking for AllowTcpForwarding, which handles local and remote port forwarding of TCP traffic in ssh.

Have a look what values is in your server and change it to yes:

AllowTcpForwarding yes

Best Answer

Related Solutions

SSH tunneling error: “channel 1: open failed: administratively prohibited: open failed”

Ssh – Disable SSH tunnel “open failed” messages

Related Question