How to allow ssh Forwarding, in case of ssh service is managed by Yunohost?

My YunoHost server

Hardware: Raspberry Pi at home (Pi III)
YunoHost version: 4.0.8
I have access to my server : Through SSH
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no
Yunohost manages ssh service : yes

Description of my issue

As a user, I want to connect with ssh whith port forwarding.
For example: ssh -4 -L 4080:localhost:4080 MyStandardUser@server.fr
ssh connection is succes. Port forwarding is refused.

Log is as follow:

sshd[22895]: refused local port forward: originator 127.0.0.1 port 54950, target localhost port 4080

What do you try to solve this issues ?

I test to add following lines to /etc/ssh/ssh_config file:

• PermitOpen any
• AllowTcpForwarding yes

then restart ssh service with command: sudo yunohost service restart ssh
I closed all ssh connections and initiate a new one.
It has no effect: port forwarding is refused.

Then I stop Yunohost firewall (with web admin)
I closed all ssh connections and initiate a new one.
It has no effect: port forwarding is refused.
How to allow port forwarding when yunohost manages ssh service ?

If you can wait the merge of this PR in 4.1 or 4.2, it could be a good idea.

If you make bad change of your sshd_conf you could open some vulerabilities in ssh.

Note: the admin and the root user, still have the right to do tcp forwarding.

Thanks.
I will use admin user

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.