Web lists-archives.com

Re: ssh local port forwarding stopped working

I would test port status with

nmap -P0 -p 22 <remote server public IP>

You want the response to be "open"


On 5/28/19 12:17 PM, Gary Dale wrote:
I'm running Debian/Testing on an AMD64 machine.

I follow what I believe is a fairly conventional way of connecting to remote machines. Firstly I establish an SSH tunnel using a command like:

  ssh <remote server public IP> -L 5902:<remote workstation local IP>:5900

where the remote server public IP is that of the router (DD-WRT) with port 22 forwarded to the local IP of a remote Debian/Stable server. The remote workstation IPs are in the 192.168.1.* range. The SSH connection works fine.

Then I connect to localhost:5902 using a VNC viewer (tried a few).  I've been doing this for a decade with no significant problems.

However I haven't been able to do this since at least yesterday (previous remote login was a week ago. It worked). No matter which remote machine I try to connect to, I never get to the password prompt. Instead the connection attempt eventually attempt times out.

I can log onto a KVM virtual machine running on the remote server using the Virtual Machine Manager GUI. From there I can connect to the other (real) machines using the Tight VNC viewer.

Since I can connect to the remote workstations from the VM, the problem cannot be with their service setup. And since the problem isn't resolved by using a different VNC viewer from my local workstation, the problem can't be the VNC client. This just leaves the ssh tunnel - specifically the port forwarding - as the only common element.