ssh tunneling and "channel 2: open failed: administratively prohibited: open failed"

[Mike Cohler]

Mike Cohler <mike.cohler <at> gmail.com> writes:

> 1) From machine A do "ssh -L 12345:C:5900 B" (where B and C are your machine
> names in question) 
> in a first terminal window.
> 
> This allows an ssh login from A to machine B where the firewall is, but once
> connected is set up to forward in this case port 12345 from the originating
> machine A to port 5900 on machine C. Once connected to machine B, then login to
> machine C on the standard ssh port. Now the tunnel should be set up with the
> correct port forwarding that you want - in this case anything going to poert
> 12345 on machine A will be forwarded through to 5900 on machine C which is the
> standard vnc port.
> 
> 2) Once this is running then start the vnc connection command in a second
> terminal session on machine A going to port 12345, and this will then have the
> vnc command running and communicating to port 5900 (default) on machine C via
> the tunnel.

I should add that if you want to tunnel a different application than vnc then
the port number on the final machine should be the port for the application you
want to run and use its default port or change it to one of your own choice.