SSH port forwarding: administratively prohibited

 Linux
Jun 172012
 

When setting up port forwarding to a web server, request were failing and command line returned:

channel 3: open failed: administratively prohibited: open failed

There were no firewalls blocking requests and curl just replied with “curl: (52) Empty reply from server”

After reestablishing ssh with -v as argument, the message came a bit clearer:

debug1: channel 3: new [direct-tcpip]                                                                                                                                                 
channel 3: open failed: administratively prohibited: open failed                                                                                                                      
debug1: channel 3: free: direct-tcpip: listening port 8000 for 192.168.33.7 port 80, connect from 127.0.0.1 port 38887, nchannels 4

Looking into sshd man page and checking sshd options, showed the potential issue straight away:

 AllowTcpForwarding no

After setting above to yes and a sshd reload all worked smoothly.

 Tagged with:

Sorry, the comment form is closed at this time.