You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have tried both values of the remote.SSH.useLocalServer setting
Connect Locally
It connects successfully
->
No response
Expected Behavior
Setting remote.SSH.remoteServerListenOnSocket should prevent Remote-SSH from trying to forward local TCP sockets and instead forward a Unix socket over SSH.
We've recently had to disable AllowTcpForwarding in our sshd_config. AllowStreamLocalForwarding is enabled on the server.
Steps To Reproduce
Set remote.SSH.remoteServerListenOnSocket to true in user settings
Kill VSCode server on the host (through command)
Ensure no parts of the server are running (via ps/grep on the host)
Delete the entire .vscode-server directory on the host
Connect VSCode to the host - it tries and fails to set up a forwarding server and suggests turning on AllowTcpForwarding
Remote-SSH Log
Remote-SSH Log
[16:57:33.270] Log Level: 2
[16:57:33.274] SSH Resolver called for "ssh-remote+xxxxx", attempt 1
[16:57:33.274] "remote.SSH.useLocalServer": false
[16:57:33.275] "remote.SSH.useExecServer": true
[16:57:33.275] "remote.SSH.showLoginTerminal": false
[16:57:33.276] "remote.SSH.remotePlatform": {"xxxx":"linux"}
[16:57:33.276] "remote.SSH.path": undefined
[16:57:33.276] "remote.SSH.configFile": undefined
[16:57:33.276] "remote.SSH.useFlock": true
[16:57:33.276] "remote.SSH.lockfilesInTmp": false
[16:57:33.276] "remote.SSH.localServerDownload": auto
[16:57:33.276] "remote.SSH.remoteServerListenOnSocket": true
[16:57:33.276] "remote.SSH.showLoginTerminal": false
[16:57:33.276] "remote.SSH.defaultExtensions": []
[16:57:33.276] "remote.SSH.loglevel": 2
[16:57:33.276] "remote.SSH.enableDynamicForwarding": true
[16:57:33.276] "remote.SSH.enableRemoteCommand": false
[16:57:33.276] "remote.SSH.serverPickPortsFromRange": {}
[16:57:33.279] VS Code version: 1.88.1
[16:57:33.279] Remote-SSH version: [email protected]
[16:57:33.279] darwin arm64
[16:57:33.280] SSH Resolver called for host: xxxxx
[16:57:33.280] Setting up SSH remote "xxxxx"
[16:57:33.281] Using commit id "e170252f762678dec6ca2cc69aba1570769a5d39" and quality "stable" for server
[16:57:33.283] Install and start server if needed
[16:57:34.916] PATH: /Users/username/.local/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/X11/bin:/Library/TeX/texbin
[16:57:34.916] Checking ssh with "ssh -V"
[16:57:34.929] > OpenSSH_9.6p1, LibreSSL 3.3.6
[16:57:34.930] Running script with connection command: ssh -T -D 64712 -o ConnectTimeout=15 xxxxx bash
[16:57:35.460] > <Connection Banner>
[16:57:35.460] Got some output, clearing connection timeout
[16:57:36.037] > 2756c390e05e: running
[16:57:36.069] > Installing to /home/xxxxx.company.com/username/.vscode-server...
[16:57:36.087] > 2756c390e05e%%1%%
[16:57:36.112] > Downloading with wget
[16:57:36.575] > Download complete
> 2756c390e05e%%2%%
> tar --version:
> tar (GNU tar) 1.26
> Copyright (C) 2011 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
>
> Written by John Gilmore and Jay Fenlason.
[16:57:37.110] > code 1.88.1 (commit e170252f762678dec6ca2cc69aba1570769a5d39)
[16:57:37.132] > Starting VS Code CLI... "/home/xxxxx.company.com/username/.vscode-server/code-e170252f762678dec6ca2cc69aba1570769a5d39" command-shell --cli-data-dir "/home/xxxxx.company.com/username/.vscode-server/cli" --on-port --parent-process-id 2707 &> "/home/xxxxx.company.com/username/.vscode-server/.cli.e170252f762678dec6ca2cc69aba1570769a5d39.log" < /dev/null
> printenv:
> XDG_SESSION_ID=1632
> SELINUX_ROLE_REQUESTED=
> SHELL=/bin/zsh
> SSH_CLIENT=10.12.25.53 57806 22
> SELINUX_USE_CURRENT_RANGE=
> ZDOTDIR=/home/xxxxx.company.com/username/.config/zsh
> USER=username
> VSCODE_AGENT_FOLDER=/home/xxxxx.company.com/username/.vscode-server
> MAIL=/var/mail/username
> PATH=/usr/local/bin:/usr/bin
> PWD=/home/xxxxx.company.com/username
> LANG=en_US.UTF-8
> SELINUX_LEVEL_REQUESTED=
> SHLVL=1
> HOME=/home/xxxxx.company.com/username
> LOGNAME=username
> SSH_CONNECTION=10.12.25.53 57806 10.53.13.35 22
> XDG_RUNTIME_DIR=/run/user/1512401790
> _=/usr/bin/printenv
> OLDPWD=/home/xxxxx.company.com/username/.vscode-server
> Spawned remote CLI: 2787
[16:57:37.278] > Waiting for server log...
[16:57:37.316] > 2756c390e05e: start
> SSH_AUTH_SOCK====
> DISPLAY====
> listeningOn==127.0.0.1:36809==
> osReleaseId==centos==
> arch==x86_64==
> vscodeArch==x64==
> bitness==64==
> tmpDir==/run/user/1512401790==
> platform==linux==
> unpackResult==success==
> didLocalDownload==0==
> downloadTime==413==
> installTime==431==
> serverStartTime==189==
> execServerToken==111a1111-111a-1a11-a111-11a111a1a111==
[16:57:37.338] > 2756c390e05e: end
[16:57:37.339] Received install output:
SSH_AUTH_SOCK====
DISPLAY====
listeningOn==127.0.0.1:36809==
osReleaseId==centos==
arch==x86_64==
vscodeArch==x64==
bitness==64==
tmpDir==/run/user/1512401790==
platform==linux==
unpackResult==success==
didLocalDownload==0==
downloadTime==413==
installTime==431==
serverStartTime==189==
execServerToken==111a1111-111a-1a11-a111-11a111a1a111==
[16:57:37.339] Remote server is listening on port 36809
[16:57:37.340] Parsed server configuration: {"serverConfiguration":{"remoteListeningOn":{"port":36809},"osReleaseId":"centos","arch":"x86_64","sshAuthSock":"","display":"","tmpDir":"/run/user/1512401790","platform":"linux","execServerToken":"111a1111-111a-1a11-a111-11a111a1a111"},"downloadTime":413,"installTime":431,"serverStartTime":189,"installUnpackCode":"success"}
[16:57:37.343] Starting forwarding server. local port 64717 -> socksPort 64712 -> remotePort 36809
[16:57:37.343] Forwarding server listening on port 64717
[16:57:37.343] Waiting for ssh tunnel to be ready
[16:57:37.344] Tunneled port 36809 to local port 64717
[16:57:37.344] Resolved "ssh-remote+xxxxx" to "port 64717"
[16:57:37.346] Initizing new exec server for ssh-remote+xxxxx
[16:57:37.346] Resolving exec server at port 64717
[16:57:37.358] [Forwarding server port 64717] Got connection 0
[16:57:37.358] [Forwarding server port 64717] Got connection 1
[16:57:37.408] Failed to set up socket for dynamic port forward to remote port 36809: Socket closed. TCP port forwarding may be disabled, or the remote server may have crashed. See the VS Code Server log above for details.
[16:57:37.409] Failed to set up socket for dynamic port forward to remote port 36809: Socket closed. TCP port forwarding may be disabled, or the remote server may have crashed. See the VS Code Server log above for details.
[16:57:37.421] > channel 3: open failed: administratively prohibited: open failed
> channel 4: open failed: administratively prohibited: open failed
[16:57:37.421] ERROR: TCP port forwarding appears to be disabled on the remote host. Ensure that the sshd_config has `AllowTcpForwarding yes`. Contact your system administrator if needed.
Anything else?
No response
The text was updated successfully, but these errors were encountered:
Is there an existing issue for this bug?
Required Troubleshooting Steps
remote.SSH.useLocalServer
settingConnect Locally
It connects successfully
->
No response
Expected Behavior
Setting
remote.SSH.remoteServerListenOnSocket
should prevent Remote-SSH from trying to forward local TCP sockets and instead forward a Unix socket over SSH.We've recently had to disable
AllowTcpForwarding
in oursshd_config
.AllowStreamLocalForwarding
is enabled on the server.Steps To Reproduce
remote.SSH.remoteServerListenOnSocket
totrue
in user settings.vscode-server
directory on the hostAllowTcpForwarding
Remote-SSH Log
Remote-SSH Log
Anything else?
No response
The text was updated successfully, but these errors were encountered: