On creating a VNC connection via tunneled SSH connection, I get an error:
channel 3: open failed: administratively prohibited: open failed
I have found that this happens only when I'm not logged into the host locally as the username
on the host I'm trying to connect to using a tunneled VNC connection. SSH Tunnel:
ssh -p 6000 -L 5901:127.0.0.1:5901 username@192.168.0.2
VNC connection:
vncviewer localhost:1
I've tried adjusting the settings in /etc/ssh/sshd_config
using AllowTunnel yes
and without the setting. (I did restart ssh after each change: service ssh restart
) However, the error goes away if I have a local session running on the remote host (i.e. I'm logged in as username
locally.) Is anyone else seeing this behavior? It seems like I should be able to start a VNC remotely and access it with out having to logged in locally as well.
Best Answer
The option you are looking for is not
AllowTunnel
(it is for VPN and level 3 forwarding usingtun
devices). You are looking forAllowTcpForwarding
, which handles local and remote port forwarding of TCP traffic in ssh.Have a look what values is in your server and change it to
yes
: