SSH tunnel only works on loopback interface

Question

What i am trying to do: I want to connect to an ubuntu server (server A) thats behind a NAT from the internet. Ive got an ubuntu server (server B) with its own ip adress/domain. I want to make server A to connect to server B and estabilsh a ssh tunnel so anyone can connect to server B and use services on server A.

What i have tried so far:

basicly on server A i have used this: ssh -N -R *:[PORT]:localhost:[PORT] [usrname]@[domain]

server B accepts the connection and a test where i do: server A sudo nc -l [PORT] server B sudo nc localhost [PORT]

works.

The problem comes when i try to connect from my pc (windows) to server A via server B. I use ncat.exe for this: server A sudo nc -l [PORT] pc: .\ncat.exe [domain] [PORT] does not work, refused connection

It also works when i: server B sudo nc -l [PORT] pc .\ncat.exe [domain] [PORT]

So firewalls are not the problem. So it must be that on server B ssh only listens for the loopback interface, since that worked. But in the ssh doc it says

By default, TCP listening sockets on the server will be bound to the loopback interface only. This may be overridden by specifying a bind_address. An empty bind_address, or the address ‘*’, indicates that the remote socket should listen on all interfaces. Specifying a remote bind_address will only succeed if the server's GatewayPorts option is enabled (see sshd_config(5)).

But i actually used * for the bind adress, shouldnt it listen to all interfaces?

Note that every time i wrote [PORT] its the same port.

Answer 1

Ive got it. What i failed to recognize is that it is not up to the client if the server actually forwards the port for remote users. On server B i had to edit sshd_config and change GatewayPorts to yes. Its right in the text i copy-pasted here and now i feel stupid.