SSH Portforward - Address already in use - Solved

Posted At : February 18, 2008 6:38 AM | Posted By : Mark Lynch
Related Categories: Ubuntu, Systems admin, Open Source, Linux, HOWTO

We uses SSH portforward's to ensure security of many of our systems as it allows us to have VPN-like functionality with a very simple configuration. As our use of it has grown over time I've become more and more familiar with the following error from SSH:

bind: Address already in use
channel_setup_fwd_listener: cannot listen to port: 2000

This occurs when you are already using a particular port for another port forward. Eg in this case I might be trying to forward port 2000 to two different machines. However, I came across this great and simple way to prevent this.

The basic theory is to use a unique local ip address for each portforward host you wish to connect to instead of using localhost (127.0.0.1) for each.

Set up your Hosts file

Open up your hosts file: /etc/hosts and add entries like this:

#port forward local ip's
system1.fwd 127.0.0.2
system2.fwd 127.0.0.3
anothersystem.fwd 127.0.0.4

I've chosen the .fwd extension to remind me what they are for.

Set up your ssh config

Then in your .ssh/config file add the optional hostnames to the localforward:

#System1 forward to the http and mysql ports
host system1
hostname 111.111.111.111
localforward system1.fwd:80 127.0.0.1:80
localforward system1.fwd:3306 127.0.0.1:3306

host system2
hostname 111.111.111.222
localforward system2.fwd:80 127.0.0.1:80
localforward system2.fwd:3306 127.0.0.1:3306

When you connect to these systems the port forwards will now be set up.

You can access the port forwards by using system1.fwd or system2.fwd instead of localhost.

Eg: http://system1.fwd/ or http://system2.fwd/

Nice, thanks for the tip Cameron.

Comments (0) | del.icio.us | Linking Blogs

Related Blog Entries