ssh -R binds to 127.0.0.1 only on remote
Solution 1:
While the local optional bind address is at the control of SSH's client side (specified with -L
/LocalForward
or altered with -g
/GatewayPorts
in the client's configuration), the remote optional bind address specified by the client with -R
/RemoteForward
is at the control of SSH's server side with the server configuration GatewayPorts
. By default it's no
. It should be set to clientspecified
to allow the client to choose which address to bind to:
GatewayPorts
Specifies whether remote hosts are allowed to connect to ports forwarded for the client. By default, sshd(8) binds remote port forwardings to the loopback address. This prevents other remote hosts from connecting to forwarded ports.GatewayPorts
can be used to specify that sshd should allow remote port forwardings to bind to non-loopback addresses, thus allowing other hosts to connect. The argument may beno
to force remote port forwardings to be available to the local host only,yes
to force remote port forwardings to bind to the wildcard address, orclientspecified
to allow the client to select the address to which the forwarding is bound. The default isno
.
Moreover, the client's RemoteForward
entry tells likewise:
[...]
If the bind_address is not specified, the default is to only bind to loopback addresses. If the bind_address is ‘*’ or an empty string, then the forwarding is requested to listen on all interfaces. Specifying a remote bind_address will only succeed if the server'sGatewayPorts
option is enabled (see sshd_config(5)).
So you must be able to change the ssh's server configuration on the server (usually with root access), and add (or edit) this entry in the sshd_config
file, so it shows:
GatewayPorts clientspecified
If you can't, you could use other available tools if present (or locally installable) on the server side to overcome this (quite weak) security limitation. For example socat
, or ssh
itself by using a LocalForward
from the server to itself (even if it's uselessly adding a layer of encryption).