2

I am on a RHEL 5 system, connecting to another RHEL 5 system. I created a SSH tunnel with the following command: ssh -2 -4 -f -x -N -L 1527:remote_host:1527 user@remote_host

(remote_host is the same server)

I type the password, and I'm immediately returned to the command prompt. I run a quick 'ps axu | grep ssh' to verify and see a process for the ssh command I just executed:

dashbrd 17861 0.0 0.1 68796 13224 ? Ss 12:44 0:00 ssh -2 -4 -f -x -N -L 1527:remote_host:1527 user@remote_host

I assume my tunnel is established successfully.

Then I test using 'telnet remote_host 1527' but that fails to connect; just hangs for several minutes before I kill it. I try the telnet test with different users on the local host (including the username I used to establish the tunnel) and the result is the same - no connection.

The purpose of this tunnel is to connect to an Oracle Listener. So, I run the tnsping utility; that also fails to connect. (And yes, I have the database connect configured correctly in the tnsnames.ora file.)

What did I do wrong?

Improve this question
1
  • Voted this up because I've seen a lot of people make this mistake. Commented Aug 29, 2013 at 18:35

1 Answer 1

Reset to default
5

You don't telnet to remote_host, you telnet to localhost. If you could telnet directly to remote_host you wouldn't need a port forward. 

telnet localhost 1527

From the ssh man page:

 -L [bind_address:]port:host:hostport Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side. This works by allocating a socket to listen to port on the local side, optionally bound to the specified bind_address. Whenever a con- nection is made to this port, the connection is forwarded over the secure channel, and a connection is made to host port hostport from the remote machine. Port forwardings can also be specified in the configuration file. IPv6 addresses can be spec- ified with an alternative syntax: [bind_address/]port/host/hostport or by enclosing the address in square brackets. Only the superuser can forward privileged ports. By default, the local port is bound in accordance with the GatewayPorts setting. However, an explicit bind_address may be used to bind the connection to a specific address. The bind_address of “localhost” indicates that the listening port be bound for local use only, while an empty address or ‘*’ indicates that the port should be available from all interfaces.
Improve this answer
1
  • OMG duh. thank you. Kindly forget that I ever asked this question. I just tested again using localhost and it worked. Commented Aug 29, 2013 at 18:11

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.