2

I'm doing a reverse port forward with putty from my local machine to a server, I want every request on port 8002 to be forwarded to my local machine.

I set the destination port on the tunnel tab to 127.0.0.1:8002 and the source port to 8002. I tick both the; "Local ports accept connections from other hosts" and the "Remote ports do the same (SSH-2 only)"

Once I initiate the connection I see on the event log that the connection works;

2022-06-07 11:49:58 Access granted
2022-06-07 11:49:58 Requesting remote port 8002 forward to 127.0.0.1:8002
2022-06-07 11:49:58 Opening main session channel
2022-06-07 11:49:58 Remote debug message: /home/emre/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
2022-06-07 11:49:58 Remote debug message: /home/emre/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
2022-06-07 11:49:58 Remote port forwarding from 8002 enabled
2022-06-07 11:49:58 Opened main channel
2022-06-07 11:49:58 Allocated pty
2022-06-07 11:49:58 Started a shell/command

I pop a couple postman get requests to see if they get through, on the server I can see them come in. However they never reach my local machine, and this is the error I get.

Error: connect ECONNREFUSED 104.196.37.236:8002

What methods could I do to figure out what is wrong? The relevant ports are all forwarded on my router and I don't see any reason why it wouldn't forward. I'd appreciate any input as I'm completely stuck on this.

Edit: The gatewayports variable on my ssh config on the server is equal to "no" could this be causing the issue?

Improve this question
3
  • I would start by running netstat on the remote system to see how the listen port for 8002 was actually set up. It may just be listening on 127.0.0.1 despite how you set putty. Run something like "netstat -na | grep 8002" and see what is listed as the IP address for the listen entry.
    – Kenster
    Commented Jun 7, 2022 at 12:25
  • @Kenster I ran netstat both on my local machine and the server; this is the output for the server tcp 0 0 127.0.0.1:8002 0.0.0.0:* LISTEN tcp6 0 0 ::1:8002 :::* LISTEN
    – Mr.Grease
    Commented Jun 7, 2022 at 13:00
  • @Kenster TCP 0.0.0.0:8002 0.0.0.0:0 LISTENING TCP [::]:8002 [::]:0 LISTENING and this is the output for my local machine
    – Mr.Grease
    Commented Jun 7, 2022 at 13:01

1 Answer 1

Reset to default
2

I figured it out, it was indeed the GatewayPorts variable in my server's sshd_config file. In the case of a google vm instance this file is located two directories back from where you start and in /etc/ssh. Once you open the file it'll say its unwritable so make sure you use sudo beforehand. Once added a restart is also necessary, this can be done with the command.

sudo systemctl restart sshd.service

Once this is done restart the putty reverse tunnel and you should be able to forward requests from the server to your local machine.

Improve this answer
2
  • 1
    (Please use correct markdown for monospaced code and code boxes - please see the formatting bar or help link.) The global ssh_config would generally not be modified for this; instead, the user's ~/.ssh/config should be modified since it always take precedence.
    – JW0914
    Commented Jun 7, 2022 at 13:43
  • The parameter which the OP is talking about is GatewayPorts in the remote ssh server's sshd_config file. That file normally requires administrator access to update.
    – Kenster
    Commented Jun 7, 2022 at 14:57

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .