Question: channel 2: open failed: unknown channel type: unsupported channel type Enabling local (-L) and dynamic (-D) forwarding in addition to reverse (-R)

[MeatBunny]

Hi, sorry if this isn't the right place to put this but I'm stumped. Additionally I'm a bit of a Go newbie, so if this is painfully obvious to everyone else I apologize again.

I'm trying to make an SSH application that supports SSH tunneling for forward (-L), reverse (-R), and dynamic / socks (-D).

The example from _examples/ssh-remoteforward/portforward.go works like a champ for setting up reverse tunnels but forward tunnels and dynamic tunnels keep failing as channel 2: open failed: unknown channel type: unsupported channel type. Below is an example of what happens. I'm using the example and a regular SSH client to cut out any extraneous details.

# go run _examples/ssh-remoteforward/portforward.go &
[1] 2314
# 2021/08/26 11:29:51 starting ssh server on port 2222...

# ssh -p 2222 -Nf localhost -R1234:127.0.0.1:4321
The authenticity of host '[localhost]:2222 ([::1]:2222)' can't be established.
RSA key fingerprint is SHA256:n9/o3zJo5iw4blSjOarZAVGt20/KUuT238Z5G6tz90Y.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[localhost]:2222' (RSA) to the list of known hosts.
2021/08/26 11:30:53 attempt to bind localhost 1234 granted
# nc -lvnp 4321 &
[2] 2408
# listening on [any] 4321 ...

# echo test | nc -nv 127.0.0.1 1234
(UNKNOWN) [127.0.0.1] 1234 (?) open
connect to [127.0.0.1] from (UNKNOWN) [127.0.0.1] 48602
test

^C

[2]+  Stopped                 nc -lvnp 4321

# pkill ssh
# netstat -antp | grep LIST
tcp6       0      0 :::2222                 :::*                    LISTEN      2373/portforward    
# ssh -p 2222 -Nf localhost -L5678:127.0.0.1:8765
# netstat -antp | grep LIST
tcp        0      0 127.0.0.1:5678          0.0.0.0:*               LISTEN      2423/ssh            
tcp6       0      0 ::1:5678                :::*                    LISTEN      2423/ssh            
tcp6       0      0 :::2222                 :::*                    LISTEN      2373/portforward    
# 
# nc -lvnp 8765 &
[3] 2428
# listening on [any] 8765 ...

# nc -nv 127.0.0.1 5678
(UNKNOWN) [127.0.0.1] 5678 (?) open
channel 2: open failed: unknown channel type: unsupported channel type
# pkill ssh
# ssh -p 2222 -Nf localhost -D1080
# curl -I http://google.com
curl: (52) Empty reply from server
HTTP/1.1 301 Moved Permanently
Location: http://www.google.com/
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 Aug 2021 15:37:05 GMT
Expires: Sat, 25 Sep 2021 15:37:05 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 219
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

# curl -I --socks5-hostname localhost:1080 http://google.com
channel 2: open failed: unknown channel type: unsupported channel type
curl: (97) connection to proxy closed

[mrschyte]

The "direct-tcpip" channel handler seems to be missing from the example. Try adding ssh.DirectTCPIPHandler to ChannelHandlers to get local and dynamic forwarding working:

server := ssh.Server{
...
    ChannelHandlers: map[string]ssh.ChannelHandler{
      "direct-tcpip":        ssh.DirectTCPIPHandler,
      "session": ssh.DefaultSessionHandler,
    },
...
}

[belak]

This seems to have been answered so I'm closing it for now