SSH port forwarding: bind: Cannot assign requested address
Wednesday, September 24th, 2014
Just now I tried seting up an SSH tunnel. Something I must have done for at least a few tens of thousands of times in my career. But suddenly, it didn’t work anymore:
$ ssh -L 8080:127.0.0.1:80 dev.local bind: Cannot assign requested address
After checking that the local port was free, and the remote port had Apache listening on it, and testing some other things, I turned on verbose logging for SSH:
$ ssh -v -L 8080:127.0.0.1:80 dev.local OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Local connections to LOCALHOST:8080 forwarded to remote address 127.0.0.1:80 debug1: Local forwarding listening on 127.0.0.1 port 8080. debug1: channel 0: new [port listener] debug1: Local forwarding listening on ::1 port 8080. bind: Cannot assign requested address
The problem becomes obvious. It’s trying to bind on an IPv6 address, not IPv4. And since IPv6 is a flaming heap of shit not production ready yet, it fails miserably.
You can force the use of IPv4 on the commandline with the -4
switch:
$ ssh -4 -L 8080:127.0.0.1:80 dev.local Linux dev.local 2.6.32-5-amd64 #1 SMP Mon Sep 23 22:14:43 UTC 2013 x86_64 [fboender@dev]~$
To permanently disable IPv6, edit your ~/.ssh/config and add:
$ vi ~/.ssh/config Host * AddressFamily inet
That will make sure SSH never even tries anything with IPv6.