simple ssh forward administratively prohibited: open failed
807557Dec 24 2007 — edited Mar 7 2008I'm trying to use ssh -L on a solaris 10 command line, as follows:
ssh -v -L 1521:dbmachine:1521 login@solaris10machine
This connects to solaris10machine using password authentication and indicates the following (where I've replaced the dbmachine address with <dbmachine>):
debug1: Authentication succeeded (keyboard-interactive)
debug1: Connections to local port 1521 forwarded to remote address <dbmachine>:1521
debug1: Local forwarding listening on ::1 port 1521.
bind: Cannot assign requested address
debug1: Local forwarding listening on 127.0.0.1 port 1521.
Then, when trying to access 127.0.0.1 port 1521, I get the following:
debug1: Connection to port 1521 forwarding to <dbmachine> port 1521 requested.
debug1: fd 9 setting TCP_NODELAY
debug1: channel 2: new [direct-tcpip]
channel 2: open failed: administratively prohibited: open failed
debug1: channel_free: channel 2: direct-tcpip: listening port 1521 for <dbmachine> port 1521, connect from 127.0.0.1 port 63130, nchannels 3
-----
It seems to me that this can't be a problem on the dbmachine (since it is quite happy to receive connections on port 1521). So the problem must be due to a problem on my local solaris 10 machine or the one I'm connecting to. I've read the man files for ssh and ssh_config and can't see what I'm doing wrong. Some web articles talk about putting AllowTcpForwards in ssh_config, but that isn't even documented in the man files, so it must refer to some other version of ssh than the one in Solaris 10. Can anyone help?