[clug] Why is my SSH port forwarding failing all of a sudden?

Tony Lewis tony at lewistribe.com
Mon Feb 1 10:46:13 UTC 2016

Hi all,

I SSH to my server, and use local port forwarding to reach in to other 
servers.  It was working a treat until today.

Nothing changed on the server or client configs, though the clients 
(Cygwin) did upgrade from
     OpenSSH_7.1p1, OpenSSL 1.0.2d (XX) Aug 2015
     OpenSSH_7.1p2, OpenSSL 1.0.2f 28 Jan 2016

I tried downgrading but can't go back to earlier than OpenSSH 1.0.2e.  I 
am having the same problem on my Linux desktop also.

The problem is at the tunnel server.  In /var/log/auth.log I see:
     Received request to connect to host blah.domain port 22, but the 
request was denied.

Googlage indicates proposed solutions that involve enabling port 
forwarding.  But I have no AllowTcpForwarding directive, and the default 
is "yes".  There are no PermitOpen directives (though I tried them) and 
the result is the same with or without the PermitTunnel directive.

The authorized_keys file contains only keys, no restrictions (e.g. no 

I know the problem is with the server, because it makes no attempt on 
the network to establish a connection to my destination server. 
Something in the server is administratively blocking my port forwarding.

The server is Debian Wheezy.

# dpkg -l | grep ssh
ii  openssh-client 1:6.0p1-4+deb7u3                   amd64        
secure shell (SSH) client, for secure access to remote machines
ii  openssh-server 1:6.0p1-4+deb7u3                   amd64        
secure shell (SSH) server, for secure access from remote machines

Any clues?


More information about the linux mailing list