Issue 231: SSH connection doesn't work through port forwarding
Status:  CannotReproduce
Owner:
Closed:  Sep 2009
Reported by code-rev...@gtempaccount.com, Sep 24, 2009
Reported by Shawn Pearce <sop@google.com> on Tue Jun 23 10:35:04 PDT 2009
Source: JIRA GERRIT-232
Affected Version: 2.0.15

Setup a port forwarding in ~/.ssh/config, e.g.:

  Host s
    Hostname external.example.com
    LocalForward 29419 internal-gerrit.example.com:29418

Open the forwarding connection:

  ssh s

And in another terminal, try to connect to Gerrit through the forwarding:

  ssh -p 29419 localhost

This appears to block and never complete the authentication steps, based on
ssh -vvvv output.  It may be related to problems with reverse lookup of the
client... which to Gerrit is the external.example.com proxy host, and not the
end-user's system.
Sep 24, 2009
#1 code-rev...@gtempaccount.com
Comment by Nick Pelly <npelly@google.com> on Fri Jun 26 10:52:55 PDT 2009

Request increase of priority.

There are many situations where VPN is not available. We are dead in the water
in these cases.

For example, I have been at several partner sites where there corp network
policies prevent / interrupt VPN sessions.
There have also been a long line of Mac + VPN bugs. For example the 100 MB VPN
limit in 10.4, and the WIFI + VPN issues in 10.5.
Sep 24, 2009
#2 code-rev...@gtempaccount.com
Comment by Shawn Pearce <sop@google.com> on Wed Jul 01 17:13:45 PDT 2009

Change https://review.source.android.com/10566 permits port tunneling of the
web interface, e.g.:

  ssh -L 8443:internal-gerrit:443 external.example.com
  firefox https://localhost:8443/

provided that the server does not use OpenID authentication.  If the server
uses some sort of corporate wide SSO solution, I have no clue whether or not
the SSO process will break running through localhost on a nonstandard port
like this.

However, this is a start, as it may make it possible to at least tunnel the
web UI.  We still need to handle the original problem of the SSH port not
tunneling correctly.
Sep 24, 2009
#3 sop+code@google.com
Appears to be a non-issue.  Nick has since reported its working OK.
Summary: SSH connection doesn't work through port forwarding
Status: CannotReproduce
Owner: s...@google.com