i’m using the ssh for remote administration.
on core 144 everything went well, now on core 147 the forwarding fails:
Received request from xxx.xxx.xxx.xxx port 25013 to connect to host xxx.xxxxxx.xxxx port 3389, but the request was denied.
I think my settings in /etc/ssh/sshd_config are valid:
What am i missing?
Have you ever solved the issues ?
So do I … but have no idea how.
It just started working after a number of reboots.
PermitOpen - commented out.
It’s strange, because i was trying a lot and finally it’s working.
If i look at my config, i think it should not work. I’m crossing the fingers and let it go…
Here’s my sshd_config so far:
OpenSSH server configuration file for IPFire
Only allow version 2 of SSH protocol
Listen on port 22 by default
Listen on every interface and IPv4 only
Limit authentication timeout to 30 seconds
Limit maximum instanctes to prevent DoS
Only allow safe crypto algorithms (may break some very outdated clients)
Only allow cryptographically safe SSH host keys (adjust paths if needed)
Only allow login via public key by default
Permit root login as there is no other user in IPFire 2.x
Ignore user ~/.ssh/known_hosts file
Do not allow any kind of forwarding (provides only low security);
some of them might need to be re-enabled if SSH server is a jump platform
Fix port forwarding???
Detect broken sessions by sending keep-alive messages to clients via SSH connection
Close unresponsive SSH sessions which fail to answer keep-alive
Add support for SFTP
Subsystem sftp /usr/lib/openssh/sftp-server
I just updated to core 151. The same issue here.
No Port forwarding after Update.
Commenting “permitopen none” and restarting the sshd does not solve this. But after reboot the Port forwarding works as expected.
Yes, it seems rebooting is a point.
Rebooting is annoying and it feels so windows-like lol
Rebooting sometimes is needed for install something new or upgrade something running, which may be critical to other processes and iterations.
Reboot is texted as requested when necessary at core upgrades…
Thats right. But changing some sshd config values should never cause a reboot to work!
In any distro installation or compiled installation you may be right. But it’s possible that you don’t have the full grasp of how IPFire works.
Yes you are right! I am an idiot. Thanks to show me the light.