[erlang-questions] erlang ssh and port forwarding

Hans Nilsson R hans.r.nilsson@REDACTED
Mon Jan 29 13:43:24 CET 2018 

Hi,

there was a start of tcp port forwarding, but since it makes me feel uneasy to have unfinished code hanging around in security software I removed it in commit 7efc9c9460baa78dba0bc63e300890df5a97812f
Thu Apr 28 16:35:23 2016 +0200

There are currently no plans to implement port-forwarding or X11-forwarding.

/Hans

On 01/29/2018 11:43 AM, Ali Sabil wrote:
> Hi Max,
> 
> I did the same thing some months ago, and I did dive into the Erlang ssh
> implementation a bit.
> 
> I didn't have a need for port forwarding, but as far as I can remember they
> are not implemented by the ssh application because all `ssh global
> requests` are denied:
> https://github.com/erlang/otp/blob/177eab3b67d9840c75d9986cd8870a84414bcacb/lib/ssh/src/ssh_connection.erl#L654
> 
> Best,
> Ali
> 
> On Sun, Jan 28, 2018 at 9:35 AM, Max Lapshin <max.lapshin@REDACTED> wrote:
> 
>> Hi.
>>
>> I'm writing ssh proxy in erlang:  https://github.com/flussonic/ssh-proxy
>>
>> It is required for our support team:  engineers need to login to customers
>> servers but I want to make a revocation of access.
>>
>> So this is a proxy that will hide our team private key from whole team
>> (except me).
>>
>> There is a working POC, but I've got a problem:
>>
>> port forwarding do not work:
>>
>> debug1: Connection to port 9080 forwarding to localhost port 80 requested.
>>
>> debug1: channel 3: new [direct-tcpip]
>>
>> channel 3: open failed: administratively prohibited: Not allowed
>>
>> debug1: channel 3: free: direct-tcpip: listening port 9080 for localhost
>> port 80, connect from ::1 port 54743 to ::1 port 9080, nchannels 4
>>
>>
>> Is something not ready in erlang ssh?
>>
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
>>
> 
> 
> 
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4101 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20180129/b4e420e6/attachment.bin>

More information about the erlang-questions mailing list