'Re: unknown hostname on ssh tunnel end causes 'administratively prohibited: open failed''

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-misc
Subject:    Re: unknown hostname on ssh tunnel end causes 'administratively prohibited: open failed'
From:       Jiri B <jirib () devio ! us>
Date:       2016-11-29 22:11:39
Message-ID: 20161129221138.GA25695 () wolfman ! devio ! us
[Download RAW message or body]

> The code in sshd where the response is composed doesn't know what the
> reason for the failure is.  I suspect thid dates back to the original
> Protocol 1 code becuase Protocol 1 didn't (I think) have a reason field.
> This passes the reason back up the stack and sends it to the client.

Sorry for delay, I can't reproduce previous behaviour with your diff.
(Used host is incorrectly non-resolvable via socks5 tunnel.)

But, is following output OK (see '^^^^')?

j.

$ ssh -vvv -D9999 localhost
OpenSSH_7.3, LibreSSL 2.5.1
...
Authenticated to localhost ([127.0.0.1]:22).
debug1: Local connections to LOCALHOST:9999 forwarded to remote address socks:0
debug3: channel_setup_fwd_listener_tcpip: type 2 wildcard 0 addr NULL
debug1: Local forwarding listening on 127.0.0.1 port 9999.
...
debug1: Connection to port 9999 forwarding to socks port 0 requested.
debug2: fd 10 setting TCP_NODELAY
debug3: fd 10 is O_NONBLOCK
debug3: fd 10 is O_NONBLOCK
debug1: channel 3: new [dynamic-tcpip]
debug2: channel 3: pre_dynamic: have 0
debug2: channel 3: pre_dynamic: have 3
debug2: channel 3: decode socks5
debug2: channel 3: socks5 auth done
debug2: channel 3: pre_dynamic: need more
debug2: channel 3: pre_dynamic: have 0
debug2: channel 3: pre_dynamic: have 45
debug2: channel 3: decode socks5
debug2: channel 3: socks5 post auth
debug2: channel 3: dynamic request: socks5 host \
                jbelka-vm3.rhev.lab.eng.brq.example.com port 443 command 1
debug3: send packet: type 90
debug3: receive packet: type 92
channel 3: open failed: connect failed: no address associated with name
                                                                   ^^^^ ?
debug2: channel 3: zombie
debug2: channel 3: garbage collecting
debug1: channel 3: free: direct-tcpip: listening port 9999 for \
jbelka-vm3.rhev.lab.eng.brq.example.com port 443, connect from 127.0.0.1 port 10407 \
                to 127.0.0.1 port 9999, nchannels 4
debug3: channel 3: status: The following connections are open:
  #2 client-session (t4 r0 i0/0 o0/0 fd 7/8 cc -1)

debug1: Connection to port 9999 forwarding to socks port 0 requested.
debug2: fd 10 setting TCP_NODELAY
debug3: fd 10 is O_NONBLOCK
debug3: fd 10 is O_NONBLOCK
...

[prev in list] [next in list] [prev in thread] [next in thread] 