Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Forward IPv6 in ssh
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Forward IPv6 in ssh

szymonpszymonp Member

Hi, how do you forward IPv6 in ssh? For IPv4 it's
-D 0.0.0.0:1080
what is the IPv6 equivalent?

Comments

  • henixhenix Member
    edited June 2022
  • Hey, at least it got you to remove the rickroll.

    On a more serious note, the -D controls the address of the local SOCKS proxy spawned by SSH, so whether that's on IPv4 or IPv6 isn't of much concern.

    As long as you have IPv6 on the VPS you're connecting to, any connections for IPv6 hosts should be routed through the local socks proxy and subsequently the IPv6 address.

    Thanked by 2yoursunny szymonp
  • @stevewatson301 said:
    Hey, at least it got you to remove the rickroll.

    On a more serious note, the -D controls the address of the local SOCKS proxy spawned by SSH, so whether that's on IPv4 or IPv6 isn't of much concern.

    As long as you have IPv6 on the VPS you're connecting to, any connections for IPv6 hosts should be routed through the local socks proxy and subsequently the IPv6 address.

    I have an ipv6-only VPS I want to proxy through. I tried -D 0.0.0.0:1080 but it doesn't work, even with ipv6.google.com

  • I get all this:
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed
    channel 3: open failed: connect failed: open failed
    channel 4: open failed: connect failed: open failed
    channel 5: open failed: connect failed: open failed

  • dfroedfroe Member, Host Rep

    @szymonp said:
    I get all this:
    channel 5: open failed: connect failed: open failed [...]

    I bet you get more than this.
    If you seek help, share the full output of your console including the full shell prompt with the command you are executing etc. Otherwise others barely have a chance guessing what exactly you are doing. And without knowing what you are doing, nobody can tell you what you are doing wrong.

  • @dfroe said:

    @szymonp said:
    I get all this:
    channel 5: open failed: connect failed: open failed [...]

    I bet you get more than this.
    If you seek help, share the full output of your console including the full shell prompt with the command you are executing etc. Otherwise others barely have a chance guessing what exactly you are doing. And without knowing what you are doing, nobody can tell you what you are doing wrong.

    ssh -D 1080 root@[redacted]
    root@[redacted]'s password:
    Linux v6 5.10.0-14-amd64 #1 SMP Debian 5.10.113-1 (2022-04-29) x86_64
    
    The programs included with the Debian GNU/Linux system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.
    
    Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
    permitted by applicable law.
    Last login: Sun Jun  5 17:33:47 2022 from [redacted]
    root@v6:~#
    

    I get the thing I posted above once I actually connect to the proxy.

  • Do a ssh -vvv -ND 1080 user@pass and try to connect to the IPv6 website; that might tell us more about why you're getting those channel open errors.

    Thanked by 1szymonp
  • szymonpszymonp Member
    edited June 2022

    btw the VPS ha> @stevewatson301 said:

    Do a ssh -vvv -ND 1080 user@pass and try to connect to the IPv6 website; that might tell us more about why you're getting those channel open errors.

    a bunch of this appears... could this have to do with the fact that the VPS has no IPv4? the sites I am using are ipv6, I tried ipv6.google.com

    debug1: Connection to port 1080 forwarding to socks port 0 requested.
    debug2: fd 6 setting TCP_NODELAY
    debug2: fd 6 setting O_NONBLOCK
    debug3: fd 6 is O_NONBLOCK
    debug1: channel 2: new [dynamic-tcpip]
    debug2: channel 2: pre_dynamic: have 0
    debug2: channel 2: pre_dynamic: have 9
    debug2: channel 2: decode socks4
    debug2: channel 2: decode socks4: user /0
    debug2: channel 2: dynamic request: socks4 host 108.177.127.188 port 5228 command 1
    debug3: send packet: type 90
    debug3: receive packet: type 92
    channel 2: open failed: connect failed: open failed
    debug2: channel 2: zombie
    debug2: channel 2: garbage collecting
    debug1: channel 2: free: direct-tcpip: listening port 1080 for 108.177.127.188 port 5228, connect from ::1 port 52568 to ::1 port 1080, nchannels 3
    debug3: channel 2: status: The following connections are open:
    
    debug1: Connection to port 1080 forwarding to socks port 0 requested.
    debug2: fd 6 setting TCP_NODELAY
    debug2: fd 6 setting O_NONBLOCK
    debug3: fd 6 is O_NONBLOCK
    debug1: channel 2: new [dynamic-tcpip]
    debug2: channel 2: pre_dynamic: have 0
    debug2: channel 2: pre_dynamic: have 9
    debug2: channel 2: decode socks4
    debug2: channel 2: decode socks4: user /0
    debug2: channel 2: dynamic request: socks4 host 142.251.37.99 port 443 command 1
    debug3: send packet: type 90
    debug3: receive packet: type 92
    channel 2: open failed: connect failed: open failed
    debug2: channel 2: zombie
    debug2: channel 2: garbage collecting
    debug1: channel 2: free: direct-tcpip: listening port 1080 for 142.251.37.99 port 443, connect from ::1 port 52569 to ::1 port 1080, nchannels 3
    debug3: channel 2: status: The following connections are open:
    
  • @szymonp said: debug2: channel 2: dynamic request: socks4 host 108.177.127.188 port 5228 command 1

    @szymonp said: debug2: channel 2: dynamic request: socks4 host 142.251.37.99 port 443 command 1

    What's interesting is why there's a dynamic-tcpip request for 142.251.37.99 and
    108.177.127.188, ideally you'd see ipv6.google.com itself. For example, in my case:

    debug1: channel 9: new [dynamic-tcpip]
    debug2: channel 8: pre_dynamic: have 3
    debug2: channel 8: decode socks5
    debug2: channel 8: socks5 auth done
    debug2: channel 8: pre_dynamic: need more
    debug2: channel 9: pre_dynamic: have 0
    debug2: channel 8: pre_dynamic: have 0
    debug2: channel 9: pre_dynamic: have 3
    debug2: channel 9: decode socks5
    debug2: channel 9: socks5 auth done
    debug2: channel 9: pre_dynamic: need more
    debug2: channel 8: pre_dynamic: have 0
    debug2: channel 9: pre_dynamic: have 0
    debug2: channel 8: pre_dynamic: have 22
    debug2: channel 8: decode socks5
    debug2: channel 8: socks5 post auth
    debug2: channel 8: dynamic request: socks5 host ipv6.google.com port 443 command 1
    

    What are you using to make these requests through the socks proxy?

    Thanked by 1szymonp
  • @stevewatson301 said:

    @szymonp said: debug2: channel 2: dynamic request: socks4 host 108.177.127.188 port 5228 command 1

    @szymonp said: debug2: channel 2: dynamic request: socks4 host 142.251.37.99 port 443 command 1

    What's interesting is why there's a dynamic-tcpip request for 142.251.37.99 and
    108.177.127.188, ideally you'd see ipv6.google.com itself. For example, in my case:

    debug1: channel 9: new [dynamic-tcpip]
    debug2: channel 8: pre_dynamic: have 3
    debug2: channel 8: decode socks5
    debug2: channel 8: socks5 auth done
    debug2: channel 8: pre_dynamic: need more
    debug2: channel 9: pre_dynamic: have 0
    debug2: channel 8: pre_dynamic: have 0
    debug2: channel 9: pre_dynamic: have 3
    debug2: channel 9: decode socks5
    debug2: channel 9: socks5 auth done
    debug2: channel 9: pre_dynamic: need more
    debug2: channel 8: pre_dynamic: have 0
    debug2: channel 9: pre_dynamic: have 0
    debug2: channel 8: pre_dynamic: have 22
    debug2: channel 8: decode socks5
    debug2: channel 8: socks5 post auth
    debug2: channel 8: dynamic request: socks5 host ipv6.google.com port 443 command 1
    

    What are you using to make these requests through the socks proxy?

    chrome

  • I'm not sure what OS you use, but Chrome follows OS settings on Mac and thus I've never bothered to use it, I usually install Proxy Helper and call it a day.

    How about you give it a try?

    Thanked by 1szymonp
  • @stevewatson301 said:
    I'm not sure what OS you use, but Chrome follows OS settings on Mac and thus I've never bothered to use it, I usually install Proxy Helper and call it a day.

    How about you give it a try?

    that worked, thank you!

Sign In or Register to comment.