SSH dynamic port forwarding, "Connection refused"

7

2

I am trying to do dynamic portforwarding using openssh through a remote computer following this command: 

ssh -D 6789 rohan@<remote_ip> -p <remote_port>

This should set up a socks server on my comp as I assume.

I am able to use this for normal browsing but can't connect to IRC or remote ssh (through proxychains).

I get this error: 

channel 3: open failed: connect failed: Connection refused

A high verbosity level output of the error: 

$ debug1: Connection to port 6789 forwarding to socks port 0 requested.
debug2: fd 9 setting TCP_NODELAY
debug2: fd 9 setting O_NONBLOCK
debug3: fd 9 is O_NONBLOCK
debug1: channel 3: new [dynamic-tcpip]
debug2: channel 3: pre_dynamic: have 0
debug2: channel 3: pre_dynamic: have 4
debug2: channel 3: decode socks5
debug2: channel 3: socks5 auth done
debug2: channel 3: pre_dynamic: need more
debug2: channel 3: pre_dynamic: have 0
debug2: channel 3: pre_dynamic: have 10
debug2: channel 3: decode socks5
debug2: channel 3: socks5 post auth
debug2: channel 3: dynamic request: socks5 host 4.2.2.2 port 53 command 1
debug3: Wrote 96 bytes for a total of 3335
channel 3: open failed: connect failed: Connection refused
debug2: channel 3: zombie
debug2: channel 3: garbage collecting
debug1: channel 3: free: direct-tcpip: listening port 6789 for 4.2.2.2 port 53, connect from 127.0.0.1 port 33694, nchannels 4
debug3: channel 3: status: The following connections are open:
  #2 client-session (t4 r0 i0/0 o0/0 fd 6/7 cfd -1)

debug3: channel 3: close_fds r 9 w 9 e -1 c -1

I googled for this too, but couldn't find any solutions.

crodjer

Posted 2011-01-26T09:00:31.717

Reputation: 250

Answers

4

It's as simple as that: The target computer (in this case 4.2.2.2) refused the connection.

debug2: channel 3: dynamic request: socks5 host 4.2.2.2 port 53 command 1
channel 3: open failed: connect failed: Connection refused
debug1: channel 3: free: direct-tcpip: listening port 6789 for 4.2.2.2 port 53, connect from 127.0.0.1 port 33694, nchannels 4

(I must say that tunnelling DNS over SOCKS this way is very unusual, although not related to your problem.)

Are you able to connect from the server to (for example) IRC using interactive commands? (nc chat.freenode.net 6667, irssi -c chat.freenode.net, and so on). If connections to several different servers fail, it's likely to be a firewall problem on your remote server.

user1686

Posted 2011-01-26T09:00:31.717

Reputation: 283 655

no i can't connect to freenode irc.... – crodjer – 2011-01-28T10:52:20.120

@dcrodjer: Then it's a problem with your server itself, not related to SSH. Have you checked the firewall(s)? tried different ports? tried SSL connections? – user1686 – 2011-01-28T12:58:18.680

actually the above same config works with my friends comp...same distro....I guess it should be due to some comps config....Currently the remote comp is off, will share the output of nmap on localhost when its back. – crodjer – 2011-01-28T14:27:36.537

@dcrodjer: If you are unable to connect to Freenode from the server (you haven't told me yet), then it's not caused by SSH. I doubt nmap ing the server would help, too -- after all, you are connecting to Freenode, not to localhost. – user1686 – 2011-01-28T14:35:59.907

yeah freenode works on the server...I currently use irssi at the remote account only – crodjer – 2011-01-28T15:49:23.750

Asked: 2011-01-26T09:00:31.717

Viewed: 12 683 times

Active: 2019-08-15T05:09:13.240