[Remote-SSH Bug]: remote.SSH.remoteServerListenOnSocket appears to be ignored

[chockey]

Is there an existing issue for this bug?

• I have searched the existing issues

Required Troubleshooting Steps

• I have followed these troubleshooting steps
• I have tried both values of the remote.SSH.useLocalServer setting

Connect Locally

It connects successfully

->

No response

Expected Behavior

Setting remote.SSH.remoteServerListenOnSocket should prevent Remote-SSH from trying to forward local TCP sockets and instead forward a Unix socket over SSH.

We've recently had to disable AllowTcpForwarding in our sshd_config. AllowStreamLocalForwarding is enabled on the server.

Steps To Reproduce

1. Set remote.SSH.remoteServerListenOnSocket to true in user settings
2. Kill VSCode server on the host (through command)
3. Ensure no parts of the server are running (via ps/grep on the host)
4. Delete the entire .vscode-server directory on the host
5. Connect VSCode to the host - it tries and fails to set up a forwarding server and suggests turning on AllowTcpForwarding

Remote-SSH Log

Remote-SSH Log

[16:57:33.270] Log Level: 2
[16:57:33.274] SSH Resolver called for "ssh-remote+xxxxx", attempt 1
[16:57:33.274] "remote.SSH.useLocalServer": false
[16:57:33.275] "remote.SSH.useExecServer": true
[16:57:33.275] "remote.SSH.showLoginTerminal": false
[16:57:33.276] "remote.SSH.remotePlatform": {"xxxx":"linux"}
[16:57:33.276] "remote.SSH.path": undefined
[16:57:33.276] "remote.SSH.configFile": undefined
[16:57:33.276] "remote.SSH.useFlock": true
[16:57:33.276] "remote.SSH.lockfilesInTmp": false
[16:57:33.276] "remote.SSH.localServerDownload": auto
[16:57:33.276] "remote.SSH.remoteServerListenOnSocket": true
[16:57:33.276] "remote.SSH.showLoginTerminal": false
[16:57:33.276] "remote.SSH.defaultExtensions": []
[16:57:33.276] "remote.SSH.loglevel": 2
[16:57:33.276] "remote.SSH.enableDynamicForwarding": true
[16:57:33.276] "remote.SSH.enableRemoteCommand": false
[16:57:33.276] "remote.SSH.serverPickPortsFromRange": {}
[16:57:33.279] VS Code version: 1.88.1
[16:57:33.279] Remote-SSH version: [email protected]
[16:57:33.279] darwin arm64
[16:57:33.280] SSH Resolver called for host: xxxxx
[16:57:33.280] Setting up SSH remote "xxxxx"
[16:57:33.281] Using commit id "e170252f762678dec6ca2cc69aba1570769a5d39" and quality "stable" for server
[16:57:33.283] Install and start server if needed
[16:57:34.916] PATH: /Users/username/.local/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/X11/bin:/Library/TeX/texbin
[16:57:34.916] Checking ssh with "ssh -V"
[16:57:34.929] > OpenSSH_9.6p1, LibreSSL 3.3.6

[16:57:34.930] Running script with connection command: ssh -T -D 64712 -o ConnectTimeout=15 xxxxx bash
[16:57:35.460] > <Connection Banner>
[16:57:35.460] Got some output, clearing connection timeout
[16:57:36.037] > 2756c390e05e: running
[16:57:36.069] > Installing to /home/xxxxx.company.com/username/.vscode-server...
[16:57:36.087] > 2756c390e05e%%1%%
[16:57:36.112] > Downloading with wget
[16:57:36.575] > Download complete
> 2756c390e05e%%2%%
> tar --version:
> tar (GNU tar) 1.26
> Copyright (C) 2011 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
> 
> Written by John Gilmore and Jay Fenlason.
[16:57:37.110] > code 1.88.1 (commit e170252f762678dec6ca2cc69aba1570769a5d39)
[16:57:37.132] > Starting VS Code CLI... "/home/xxxxx.company.com/username/.vscode-server/code-e170252f762678dec6ca2cc69aba1570769a5d39" command-shell --cli-data-dir "/home/xxxxx.company.com/username/.vscode-server/cli" --on-port --parent-process-id 2707 &> "/home/xxxxx.company.com/username/.vscode-server/.cli.e170252f762678dec6ca2cc69aba1570769a5d39.log" < /dev/null
> printenv:
>     XDG_SESSION_ID=1632
>     SELINUX_ROLE_REQUESTED=
>     SHELL=/bin/zsh
>     SSH_CLIENT=10.12.25.53 57806 22
>     SELINUX_USE_CURRENT_RANGE=
>     ZDOTDIR=/home/xxxxx.company.com/username/.config/zsh
>     USER=username
>     VSCODE_AGENT_FOLDER=/home/xxxxx.company.com/username/.vscode-server
>     MAIL=/var/mail/username
>     PATH=/usr/local/bin:/usr/bin
>     PWD=/home/xxxxx.company.com/username
>     LANG=en_US.UTF-8
>     SELINUX_LEVEL_REQUESTED=
>     SHLVL=1
>     HOME=/home/xxxxx.company.com/username
>     LOGNAME=username
>     SSH_CONNECTION=10.12.25.53 57806 10.53.13.35 22
>     XDG_RUNTIME_DIR=/run/user/1512401790
>     _=/usr/bin/printenv
>     OLDPWD=/home/xxxxx.company.com/username/.vscode-server
> Spawned remote CLI: 2787
[16:57:37.278] > Waiting for server log...
[16:57:37.316] > 2756c390e05e: start
> SSH_AUTH_SOCK====
> DISPLAY====
> listeningOn==127.0.0.1:36809==
> osReleaseId==centos==
> arch==x86_64==
> vscodeArch==x64==
> bitness==64==
> tmpDir==/run/user/1512401790==
> platform==linux==
> unpackResult==success==
> didLocalDownload==0==
> downloadTime==413==
> installTime==431==
> serverStartTime==189==
> execServerToken==111a1111-111a-1a11-a111-11a111a1a111==
[16:57:37.338] > 2756c390e05e: end
[16:57:37.339] Received install output: 
SSH_AUTH_SOCK====
DISPLAY====
listeningOn==127.0.0.1:36809==
osReleaseId==centos==
arch==x86_64==
vscodeArch==x64==
bitness==64==
tmpDir==/run/user/1512401790==
platform==linux==
unpackResult==success==
didLocalDownload==0==
downloadTime==413==
installTime==431==
serverStartTime==189==
execServerToken==111a1111-111a-1a11-a111-11a111a1a111==

[16:57:37.339] Remote server is listening on port 36809
[16:57:37.340] Parsed server configuration: {"serverConfiguration":{"remoteListeningOn":{"port":36809},"osReleaseId":"centos","arch":"x86_64","sshAuthSock":"","display":"","tmpDir":"/run/user/1512401790","platform":"linux","execServerToken":"111a1111-111a-1a11-a111-11a111a1a111"},"downloadTime":413,"installTime":431,"serverStartTime":189,"installUnpackCode":"success"}
[16:57:37.343] Starting forwarding server. local port 64717 -> socksPort 64712 -> remotePort 36809
[16:57:37.343] Forwarding server listening on port 64717
[16:57:37.343] Waiting for ssh tunnel to be ready
[16:57:37.344] Tunneled port 36809 to local port 64717
[16:57:37.344] Resolved "ssh-remote+xxxxx" to "port 64717"
[16:57:37.346] Initizing new exec server for ssh-remote+xxxxx
[16:57:37.346] Resolving exec server at port 64717
[16:57:37.358] [Forwarding server port 64717] Got connection 0
[16:57:37.358] [Forwarding server port 64717] Got connection 1
[16:57:37.408] Failed to set up socket for dynamic port forward to remote port 36809: Socket closed. TCP port forwarding may be disabled, or the remote server may have crashed. See the VS Code Server log above for details.
[16:57:37.409] Failed to set up socket for dynamic port forward to remote port 36809: Socket closed. TCP port forwarding may be disabled, or the remote server may have crashed. See the VS Code Server log above for details.
[16:57:37.421] > channel 3: open failed: administratively prohibited: open failed
> channel 4: open failed: administratively prohibited: open failed
[16:57:37.421] ERROR: TCP port forwarding appears to be disabled on the remote host. Ensure that the sshd_config has `AllowTcpForwarding yes`. Contact your system administrator if needed.

Anything else?

No response

[patmagauran]

I am also having this issue

[roblourens]

Fix on the way