SSH Port Forwarding Error

Question

I am using SSH Port Forwarding command,

    ssh -L 12776:localhost:12776 root@suvhost.com 
    debug1: identity file /root/.ssh/id_dsa type -1
    debug1: identity file /root/.ssh/id_dsa-cert type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
    debug1: match: OpenSSH_5.3 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.3
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'i-9b267152.workdaysuv.com' is known and matches the RSA host key.
    debug1: Found key in /root/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
    debug1: Next authentication method: gssapi-keyex
    debug1: No valid Key exchange context
    debug1: Next authentication method: gssapi-with-mic
    Address 54.68.124.102 maps to ec2-54-68-124-102.us-west-2.compute.amazonaws.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
    debug1: Unspecified GSS failure.  Minor code may provide more information
    Credentials cache file '/tmp/krb5cc_0' not found

    debug1: Unspecified GSS failure.  Minor code may provide more information
    Credentials cache file '/tmp/krb5cc_0' not found

    debug1: Unspecified GSS failure.  Minor code may provide more information
    debug1: Unspecified GSS failure.  Minor code may provide more information
    Credentials cache file '/tmp/krb5cc_0' not found

    debug1: Next authentication method: publickey
    debug1: Trying private key: /root/.ssh/identity
    debug1: Offering public key: /root/.ssh/id_rsa
    debug1: Server accepts key: pkalg ssh-rsa blen 277
    debug1: read PEM private key done: type RSA
    debug1: Authentication succeeded (publickey).
    debug1: Local connections to LOCALHOST:12776 forwarded to remote address localhost:12776
    debug1: Local forwarding listening on ::1 port 12776.
    bind: Address already in use
    debug1: Local forwarding listening on 127.0.0.1 port 12776.
    bind: Address already in use
    channel_setup_fwd_listener: cannot listen to port: 12776
    Could not request local forwarding.
    debug1: channel 0: new [client-session]
    debug1: Requesting no-more-sessions@openssh.com
    debug1: Entering interactive session.
    debug1: Sending environment.
    debug1: Sending env LANG = en_US.UTF-8
    Last login: Mon Apr 13 17:07:19 2015 from 54.68.124.102

and I get the following error

Address 54.187.51.48 maps to ec2-54-187-51-48.us-west-2.compute.amazonaws.com but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!

I also tried cleaning up both the localhost and the Server's ~/.ssh/known_hosts file and re-doing it but no luck. Any pointers on this please ?

Answer 1

For one thing, it looks like port 12776 is already in use locally so ssh cannot bind to that port. What is already using that port?

debug1: Local forwarding listening on ::1 port 12776.
bind: Address already in use
debug1: Local forwarding listening on 127.0.0.1 port 12776.
bind: Address already in use

Second thing: what are the permissions for your .ssh folder (/root/.ssh/)?

By the way, it'a very bad idea to be doing all this as root. But that's another story. Create a proper user and use that. See https://superuser.com/questions/218379/why-is-it-bad-to-run-as-root