Docker SSH forwarding - bind: Address not available
I manage to create a ssh tunnel from a docker-compose using this entrypoint:
ssh -4 -i /.ssh/ssh_key -NL *:27017:0.0.0.0:27017 user@remote_ip
and then i was able to use the ssh tunnel from an another container by using the network created with the docker-compose
docker run --network=tunnel_default image nmap -p 27027 service_name
tunnel_default
is the name of the network
image
is a docker image where nmap
is installed (it allows you to check open ports)
service_name
is the name i gave to the service inside the docker-compose
You can get a "bind address not available" if you don't specify which interface you want to use. By default it will use all of them, including IPV6. In my case, it was binding on IPV4 but the "address not available" was actually for IPV6 e.g. bind [::1]:2001: Address not available
. If you use the -4
option, this will use IPV4 only and if you were getting an IPV6 type error, then this will resolve that for you, which it was for me on Arch Linux.
-4 Forces ssh to use IPv4 addresses only.
-D [bind_address:]port
Specifies a local “dynamic” application-level port forwarding. This works by allocating a socket to listen to port on the local side, optionally bound to the specified bind_address. Whenever a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. Currently the SOCKS4 and SOCKS5 protocols are sup‐ ported, and ssh will act as a SOCKS server. Only root can forward privileged ports. Dynamic port forwardings can also be specified in the configuration file. IPv6 addresses can be specified by enclosing the address in square brackets. Only the superuser can forward privileged ports. By default, the local port is bound in accordance with the GatewayPorts setting. However, an explicit bind_address may be used to bind the connection to a specific address. The bind_address of “localhost” indicates that the lis‐ tening port be bound for local use only, while an empty address or ‘*’ indicates that the port should be available from all interfaces.