Jerry LeVan wrote:
> Hi,
> On my linux box I can issue the command
>
> ssh -L 5555:macjerry:5432 -l jerry macjerry
>
> This will create a "tunnel" to connect to my
> mac named "macjerrry".
>
> I can connect to databases on macjerry via psql
> by specifying port 5555 on my linux box and other postgresql
> front ends.
>
> How ever if I turn it around, and on the mac issue
> the command
>
> ssh -L 6666:linuxbox:5432 -l jerry linuxbox
>
> Then I am not able to connect to the linux box
> via psql or any Gui front ends.
>
> I get an error:
>
> [jerry@localhost ~]$ channel 3: open failed: administratively
> prohibited: open failed
> channel 3: open failed: administratively prohibited: open failed
>
> No errors appear in the server log on the linux box.
>
> I am new to ssh, have I overlooked something?
Well one slight mistake is maybe to use the hostname
in the forward. The forward is always calculated from
ssh-connection end point. And in your case it should be
in both cases: localhost - since you are connecting
to the box where the service runs.
This might or might not change anything but a connection
from localhost to localhost is always treated differently
by firewalls.
Also make sure: AllowTcpForwarding yes
is set in sshd_config
Regards
Tino