PuTTY semi-bug portfwd-invalid-origin

This is a mirror. Follow this link to find the primary PuTTY web site.

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Privacy | Changes | Wishlist

summary: Some servers reject SSH-2 tunnels due to invalid originator IP address
class: semi-bug: This might or might not be a bug, depending on your precise definition of what a bug is.
difficulty: fun: Just needs tuits, and not many of them.
present-in: 0.58
fixed-in: r6477 5d5abbf8d42723b26f9c02fc98ede438cc8c6454 2005-12-08 (0.59)

In SSH-2, the local-to-remote port-forwarding request is defined by secsh-connect to contain an "originator IP address" and "originator port", which identify to the server where the connection the client received came from.

PuTTY has always taken the view that this is none of the server's business, and sent the bogus IP address client-side-connection and port 0.

Apparently, some servers take exception to this (with some justification) and refuse the forwarding. Specifically, a problem has reported with SSH Tectia Server (T) for Windows, version 5.0.0-844, and also with F-Secure SSH for Unix, version 3.1.0. Using 0.0.0.0 instead appears to mollify these servers.

If you want to comment on this web site, see the Feedback page.
Audit trail for this semi-bug.
(last revision of this bug record was at 2016-12-27 11:40:21 +0000)