ssh tunneling to POP3 problem

Long story short, I can’t tunnel into port 110 from a remote site - the connection is refused. I can telnet to 110 locally but as soon as I try to come down the ssh tunnel, the wheels fall off. The firewall is off for now and POP3 works just fine locally. It’s a permissions thing, I’m sure, but what one?

The tunnel is set up with
ssh -L -l user -N
and something as simple as
telnet localhost 11110
tanks. ssh works fine otherwise - that is, ssh -l user gives me a terminal session on as expected.

What do you get when you do telnet localhost 11110? No response or connection refused.?

What happens if you replace that forward with:

-L 11110:localhost:110

since you are ssh-ing to the same server providing the POP service?

PS: It could also be that the sshd on the server disallows forwarding. Try something else running on the server, maybe even ssh itself, i.e.:

-L 22222:localhost:22

I got connection refused.

But… doing ssh -L 11110:localhost:110 -l -N
fixed the problem!!

The problem, then, was using the remote system’s name instead of using localhost. Now to verify this works by physically leaving the net (the problem is I’m trying this from a set of machines that are on a common ethernet net - the router should be sending me out into the Internet and back but maybe not?). I’ll report back.

Meanwhile, many thanks for the break in the case! :slight_smile:

Yes, it looks like the POP server wasn’t listening on the FQDN IP address, perhaps it resolved to the external IP address at the other end or something like that.

The frustrating thing is I could see the attempts showing up at the server and being rejected. Using tail -f /var/log/messages, the attempts to use port 110 were reported along with the error messages.

I have, however, successfully retrieved mail from the server, so I know the tunnel works. At least here at home. Tomorrow I’ll try it from the road…

If you are the admin of the system, perhaps you should set up POP3S service (POP3 over SSL) to make life easier.

Thanks. I’ll look into that. The local net here has been in place for a while and there’s a lot of cruft that needs to be weeded out, including the business with POP.

The “live fire” exercise was successful.

As an aside, while watching /var/log/messages during testing, I happened to see:

Mar 15 23:20:20 wxsat sshd[18904]: Invalid user test from
Mar 15 23:20:24 wxsat sshd[18908]: Invalid user webmaster from
Mar 15 23:20:28 wxsat sshd[18912]: Invalid user oracle from
Mar 15 23:20:30 wxsat sshd[18914]: Invalid user library from
Mar 15 23:20:31 wxsat sshd[18916]: Invalid user info from
Mar 15 23:20:33 wxsat sshd[18918]: Invalid user shell from
Mar 15 23:20:35 wxsat sshd[18920]: Invalid user linux from
Mar 15 23:20:37 wxsat sshd[18922]: Invalid user unix from
Mar 15 23:20:39 wxsat sshd[18924]: Invalid user webadmin from
Mar 15 23:20:43 wxsat sshd[18928]: Invalid user test from
Mar 15 23:20:51 wxsat sshd[18936]: Invalid user master from
Mar 15 23:21:19 wxsat sshd[18968]: Invalid user test from
Mar 15 23:21:21 wxsat sshd[18970]: Invalid user test from
Mar 15 23:21:23 wxsat sshd[18972]: Invalid user webmaster from
Mar 15 23:21:25 wxsat sshd[18974]: Invalid user user from
Mar 15 23:21:27 wxsat sshd[18976]: Invalid user username from
Mar 15 23:21:29 wxsat sshd[18978]: Invalid user username from
Mar 15 23:21:31 wxsat sshd[18980]: Invalid user user from
Mar 15 23:21:37 wxsat sshd[18986]: Invalid user test from
Mar 15 23:21:46 wxsat sshd[18997]: Invalid user danny from
Mar 15 23:21:48 wxsat sshd[18999]: Invalid user sharon from
Mar 15 23:21:50 wxsat sshd[19001]: Invalid user aron from

Said idiot at least did me the favor of reminding me to adjust ssh to minimize break in attempts. Aren’t script kiddies fun? >:)