How to enable non-standard tcp port connections from a non-localhost machine?
I'm trying to set up an ssh tunnel from a machine behind a firewall to a
machine with a public IP with a command like this:
$ ssh -R 20150:localhost:22 computer.server.com
This should cause port 2501 on computer.server.com to be an alias for
port 22 (sshd) on my local computer.
This command executes fine. However, when I try to ssh to port 2501
from an outside computer, I get a "connection refused" error:
$ ssh -p 20150 computer.server.com
ssh: connect to host computer.server.com port 20150: Connection refused
Something isn't letting my connection through. The weird thing is that
I CAN connect to this port from computer.server.com, with the command:
$ ssh -p 20150 localhost
... but I CAN'T connect from any other computer, or even from
computer.server.com using its ip address instead of "localhost":
$ ssh -p 20150 128.32.37.60
ssh: connect to host 128.32.37.60 port 20150: Connection refused
Can anyone tell me what I have to do to fix this? I've had this problem
both on sid and woody. I've removed both the iptables and ipchains
packages. My hosts.allow and hosts.deny are both empty (I tried adding
hosts explicitly to hosts.allow as well, just to check). This seems to
be a problem ONLY with ports I create myself -- the ports used by
apache, sshd, etc. all work fine and I can cannect to them from
anywhere. This also seems to be somewhat debian-specific: the ssh
command I used above works fine when I'm trying to forward packages
through a redhat or solaris box.
Thanks!
Michael
Reply to: