Ssh forward only works with :localhost

Hey, I was wondering why my experience so far is that

ssh -L127.0.0.1:8000:127.0.0.1:80 root@openwrt.lan

only works with

ssh -L127.0.0.1:8000:localhost:80 root@openwrt.lan

or I simply get

channel 1: open failed: connect failed

when visiting via 127.0.0.1:8000.

Is it a dnsmasq setting that prevents it? I tried finding a similar issue by searching both here and general ssh use and no one has mentioned this yet.

My understanding is that surely there is not much difference between the two when they both have a 127.0.0.1 entry in /etc/hosts

getent hosts localhost

?

returns
::1 localhost.lan

1 Like
uci show uhttpd; netstat -l -n -p | grep  -e uhttpd; pgrep -f -a uhttpd
uhttpd.main=uhttpd
uhttpd.main.listen_http='0.0.0.0:80' '[::]:80'
uhttpd.main.listen_https='0.0.0.0:443' '[::]:443'
uhttpd.main.redirect_https='1'
uhttpd.main.home='/www'
uhttpd.main.rfc1918_filter='1'
uhttpd.main.max_requests='3'
uhttpd.main.max_connections='100'
uhttpd.main.cert='/etc/uhttpd.crt'
uhttpd.main.key='/etc/uhttpd.key'
uhttpd.main.cgi_prefix='/cgi-bin'
uhttpd.main.lua_prefix='/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua'
uhttpd.main.script_timeout='60'
uhttpd.main.network_timeout='30'
uhttpd.main.http_keepalive='20'
uhttpd.main.tcp_keepalive='1'
uhttpd.defaults=cert
uhttpd.defaults.days='730'
uhttpd.defaults.key_type='rsa'
uhttpd.defaults.bits='2048'
uhttpd.defaults.ec_curve='P-256'
uhttpd.defaults.country='ZZ'
uhttpd.defaults.state='Somewhere'
uhttpd.defaults.location='Unknown'
uhttpd.defaults.commonname='OpenWrt'
tcp        0      0 10.0.0.1:80             0.0.0.0:*               LISTEN      18693/uhttpd
tcp        0      0 :::80                   :::*                    LISTEN      18693/uhttpd
18693 /usr/sbin/uhttpd -f -h /www -r OpenWrt -x /cgi-bin -t 60 -T 30 -k 20 -A 1 -n 3 -N 100 -R -p 10.0.0.1:80 -p [::]:80
1 Like

As you can see, uHTTPd is listening on IPv6 localhost, but not IPv4.

uci commit uhttpd; /etc/init.d/uhttpd restart; \
pgrep -f -a uhttpd; netstat -l -n -p | grep -e :80

Right! It works adding 127.0.0.1.

I thought 0.0.0.0 included that, but I guess it made me find out by googling :slight_smile:

This is the default configuration, right? Maybe it should mention this at https://openwrt.org/docs/guide-user/luci/luci.secure#openssh_client

1 Like

Yep, the unspecified address should include the localhost address.
But it looks like either the config is not applied properly, or the socket is busy.

Strange :thinking: Service is restarted and it works with the 127.0.0.1 line. Maybe I should try rebooting it

Rebooting totally did the trick. It worked with 0.0.0.0 again. You're probably right, one of my first tries must have had a stuck process.

Thanks a lot for quick and concise help!

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.