On 02/24/2010 06:23 PM, Christoph Höger wrote: > Am Mittwoch, den 24.02.2010, 15:57 +0000 schrieb Andrew Haley: >> On 02/24/2010 02:41 PM, Christoph Höger wrote: >>> Hi guys, >>> >>> are there any special client settings one needs to have for ssh >>> tunneling? >>> >>> I have the classical setup: machines A1 and A2 (both fedora 12) should >>> access C which is only accessible from B1 (kerberos) or B2 (private key) >>> >>> So on A1 I used to >>> >>> ssh -L 10080:C:80 B1 >>> >>> or >>> >>> ssh -L 10080:C:80 B2 >>> >>> Both work fine. >>> >>> But on A2: >>> >>> ssh -L 10080:C:80 B1/B2 >>> >>> logs me in to the machine but every connection attempt returns: >>> >>> channel 3: open failed: administratively prohibited: open failed >>> >>> Why? What kind of weird setting is this? >> >> Anything in the logs? Looks like a policy issue to me. > > What logs do you mean? This is a client issue. Does the ssh client write > to local log files? No. I think it may be a SELinux policy issue. See if anything is logged in any of the log files when you get this message. Also, make very sure that AllowTcpForwarding is set in sshd_config Make sure no-one else has this port open. Check the addresses. Andrew. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
