ssh port forwarding - Forwarded connection refused by server

sbyrne · n00b Joined: 12 Jun 2002 Posts: 8 Location: Rochester, NY

I am trying to forward a port through ssh, specifically port 5999 for vnc. I am using putty from a windows machine to make the ssh connection, which works fine. The putty event log says "Local port 5999 forwarding to <myhost>:5999". Then I run a vncviewer for "localhost:99". It doesn't work. The putty event log says "Forwarded connecton refused by server". This happens with both vnc and tightvnc. I tried "iptables --flush" first. I've tried it from multiple windows machines. So I am assuming it is an openssh problem. The only uncommented things i have in my sshd_config are:
PermitRootLogin No
UsePrivilegeSeperation Yes
Subsystem sftp /usr/lib/msic/sftp-server

Any ideas?

Maz · Posted: Fri Jan 10, 2003 5:26 am Post subject:

Well, I read it like 20 times, and I still don't understand what you are trying to do

. Or more precisely, how exactly you want to connect with your vnc server.

Could you try to explain it a little better ?
_________________
Maz

thehyperintelligentslug · n00b Joined: 30 Jun 2002 Posts: 49 Location: Edinburgh

Hi,

This is the method I use for forwarding my VNC ports from my flat to my work machine (using puTTY);

At the flat I have a vncserver started.

At work I connect with ssh and forward like this:

sbyrne · n00b Joined: 12 Jun 2002 Posts: 8 Location: Rochester, NY

philthedrill · n00b Joined: 10 Jan 2003 Posts: 18 Location: Moscow, ID

Could you give a detailed diagram of the machines in your path (client, ssh server, vnc server, etc), including OS info and version numbers of vnc and putty?

I'll give you an example of what I'm doing, because I struggled with port forwarding for a bit.

I want to connect to my home PC from school. At home I have a FreeBSD box running openssh (we'll call it 'zb') and a Windows XP box running vnc server on default port 5900 (we'll call it 'uc'). There's a firewall at home, and the only open port is ssh to zb, so uc is closed to the outside. Traffic between zb and uc (behind the firewall) is unrestricted.

In Putty, I set up the ssh connection as normal. Then under SSH -> Tunnels, I added a new forwarded port.

Source port: 5902 (in your case, 5999)
Destination: uc:5900

The "Local" radio box should be checked, and then I click "Add".

With vncviewer, I type localhost:2, and it should connect.

The concept of port forwarding that tripped me up is the destination. uc:5900 is from the perspective of the ssh daemon, not the ssh client.

If all else fails, start using telnet to log into specific ports and see if they're open. Also, run 'netstat -a' on the machines to view active connections.

HTH.

--phil

philthedrill · n00b Joined: 10 Jan 2003 Posts: 18 Location: Moscow, ID

Oops. Looks like I was a little late on my post.

Port 5800 is for vncserver through a web server, which can be viewed through a java capable browser.

I've never used it.

--phil

thehyperintelligentslug · n00b Joined: 30 Jun 2002 Posts: 49 Location: Edinburgh

Hi,

thehyperintelligentslug · n00b Joined: 30 Jun 2002 Posts: 49 Location: Edinburgh

Bingo