ssh forwarding behaviour ipv6 and localhost?
James Wilkinson
fedora at aprilcottage.co.uk
Wed Jan 10 18:18:34 UTC 2007
Ian Malone wrote:
> I upgraded to FC6 over the weekend and found that my normal
> port forwarding trick to get Samba access to my home machine
> through a proxy stopped working, before I had something like
> this (running cygwin ssh):
> ssh -L 10.0.0.1:139:atlas:139 ian at 10.0.0.1 -f -N -i somekey
>
> (The strange forwarding from 10.0.0.1 is to overcome the
> fact that Windows will only try this port for Samba. The
> login at 10.0.0.1 is because I have to forward ssh over a proxy).
> But this started giving me connection refused messages.
>
> Trying Putty gave the same result, I also had a go at
> localhost instead to see if I'd done something funny to my
> hostname. No success. However, using 127.0.0.1 explicitly
> works:
>
> ssh -L 10.0.0.1:139:127.0.0.1:139 ian at 10.0.0.1 -f -N -i somekey
>
> Is fine, what I want to know is does this have something to
> do with IPV6? Either somewhere in samba or in sshd?
>
> $ cat /etc/hosts
> # Do not remove the following line, or various programs
> # that require network functionality will fail.
> ::1 atlas.millroad atlas localhost.localdomain localhost
As you've found, "localhost" by default points at an IPv6 address on
Fedora (the IPv6 equivalent of 127.0.0.1). This works for many things,
but not everything.
A bit of googling suggested:
Traditionally, Samba and Microsoft Windows have run SMB on top of the
NetBIOS protocol. On the Internet, NetBIOS can be layered on top of
TCP and UDP using ports 137, 138, and 139. This is called
NetBIOS-over-TCP, or NBT for short, and is essentially a giant hack by
Microsoft to make their old legacy networking protocols run on TCP/IP.
Since IPv4 addressing is deeply embedded in NBT, it will probably
never be possible to run NetBIOS on IPv6, but this is probably for the
best.
-- http://www.litech.org/samba/
So yes, you're right -- blame IPv6.
Personally, I switched back to an IPv4 alias for localhost almost
immediately.
James.
--
E-mail: james@ | ... in order to work, [Microsoft] Vista's content
aprilcottage.co.uk | protection must be able to violate the laws of physics,
| something that's unlikely to happen no matter how much
| the content industry wishes it were possible.
| -- Peter Gutmann
More information about the users
mailing list