Skip to main content
Unix & Linux

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

18
  • 1
    Here what I specifically add in sshd_config to make it work: TCPKeepAlive yes AllowTCPForwarding yes PermitOpen any I have a few "open failed" but it seems a normal thing. Things work very well. Commented Jan 17, 2015 at 6:58
  • 8
    A corner case to note: You can get this error when trying to create a tap/tun device with SSH and SSH allows it, but the kernel does not. This can occur in LXC containers. See blog.felixbrucker.com/2015/10/01/… for the exact details, but in that case you may want to add lxc.cgroup.devices.allow = c 10:200 rwm to your container's config, and ensure that if /dev/net/tun does not exist, mknod /dev/net/tun c 10 200; chmod 666 /dev/net/tun is run on bootup in the container. Commented Apr 16, 2016 at 0:58
  • 1
    For some reason I had to enable both options in the sshd_config for this to work. Commented May 8, 2017 at 18:56
  • 2
    @St.Antario, AllowTcpForwarding allows you to forward TCP ports over SSH, which is what the -L 0.0.0.0:8984:remote:8983 parameter is requesting. If AllowTcpForwarding is set to no, SSH will reject the port forwarding request, causing you to see that error. Commented Nov 12, 2018 at 11:20
  • 2
    Tried to edit the upper-case of AllowTCPForwarding to AllowTcpForwarding, but SE wants at least 6 characters changed. So just noting that the correct case is the Tcp version, as used correctly the first time. Commented Apr 12, 2019 at 19:56