System Administration Guide: Security Services

ProcedureHow to Configure Port Forwarding in Solaris Secure Shell

Port forwarding enables a local port be forwarded to a remote host. Effectively, a socket is allocated to listen to the port on the local side. Similarly, a port can be specified on the remote side.

Note –

Solaris Secure Shell port forwarding must use TCP connections. Solaris Secure Shell does not support UDP connections for port forwarding.

  1. Assume the Primary Administrator role, or become superuser.

    The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Configure a Solaris Secure Shell setting on the remote server to allow port forwarding.

    Change the value of AllowTcpForwarding to yes in the /etc/ssh/sshd_config file.

    # Port forwarding
    AllowTcpForwarding yes
  3. Restart the Solaris Secure Shell service.

    remoteHost# svcadm restart network/ssh:default

    For information on managing persistent services, see Chapter 18, Managing Services (Overview), in System Administration Guide: Basic Administration and the svcadm(1M) man page.

  4. Verify that port forwarding can be used.

    remoteHost# /usr/bin/pgrep -lf sshd
     1296 ssh -L 2001:remoteHost:23 remoteHost