I just tried destination port 22. same problem.
Let me see if I get this right:
Ftp client talks to localhost port 21.
SSH client receives this session, encrypts it using SSH and sends it to
the other side to port 22. Server decrypts this, and forwards it to port
21 of the localhost. ftp server receives session.
1. Is ssh/ssh2 port-forwarding mechanism active-ftp-aware?
2. Why doesn't my ssh server accept port forwarding requests?
--
Miki Shapiro
Aladdin Knowledge Systems
---------------------
Sex. Unix. Snowboarx.
---------------------
On Tue, 4 Jul 2000, Jonathan Ben-Avraham wrote:
> On Tue, 4 Jul 2000, Miki Shapiro wrote:
>
> > Hi everyone
> >
> > 2 probs:
> > I connect to a linux box using ssh2 (SuSE 6.4)
> > once connected, I set up port forwarding from client port 21 to the
> > server's port 21 (encrypted along the way).
> >
> > I explicitly allowed the said user to get port-forwarding access:
> >
> > in /etc/ssh2/sshd2_config it says:
> >
> > AllowTcpForwardingForUsers aris
> >
> > but every time I ftp to localhost on the client machine (from where it
> > gets forwarded to the ssh2 server) , I get in /var/log/messages on the
> > server box the next line:
> > Jul 4 14:12:59 amber sshd2[4329]: Direct TCP/IP forwarding request denied
> > for user in configuration.
> >
> > why?
>
> Why are you forwarding to 21 (ftp). By default ssh is 22?
>
> - yba
>
> >
> > 2. Another SuSE 6.4 box, stock.
> > I can't figure out why, but none of the users on the box are allowed
> > access via ftp. (the session opens, I get asked user and password, then no
> > matter what user, I get kicked out).
> >
> > ftpusers only has the root account. I understand SuSE has some weird PAM
> > module. What do I set up and where for this to work? (or, for that matter,
> > some FM to RT on this subject would be just as fine..)
> >
> > Thanks for the help!
> >
> > --
> > Miki Shapiro
> > Aladdin Knowledge Systems
> >
> > ---------------------
> > Sex. Unix. Snowboarx.
> > ---------------------
> >
> >
> > =================================================================
> > To unsubscribe, send mail to [EMAIL PROTECTED] with
> > the word "unsubscribe" in the message body, e.g., run the command
> > echo unsubscribe | mail [EMAIL PROTECTED]
> >
>
>
> EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA ~. .~ TclTek Ltd.
> =}-------------------------------------------------ooO--U--Ooo-----------{=
> - [EMAIL PROTECTED] - tel: +972.52.670.353, http://www.tcltek.co.il -
>
>
> =================================================================
> To unsubscribe, send mail to [EMAIL PROTECTED] with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail [EMAIL PROTECTED]
>
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
