search

gravitational / teleport

The easiest, and most secure way to access and protect all of your infrastructure.
https://goteleport.com
GNU Affero General Public License v3.0
17.6k stars 1.76k forks source link

"bind: address already in use" when connecting to a second host while using local port forwarding #29848

Closed Gunni closed 1 year ago

Gunni commented 1 year ago

Expected behavior

terminal 1: tsh ssh -L 6001:127.0.0.1:80 example_host terminal 1: <gets shell> <port is forwarded>

terminal 2: tsh ssh example_host terminal 2: <gets shell>

Note that it does not matter if I connect to example_host or example_host2, I get an identical error.

Current behavior

When trying to connect in terminal 2, I get an error.

Same remote host as the one with local port forwarding

$ tsh ssh example_host                     
ERROR: Failed to bind to 127.0.0.1:6001: listen tcp 127.0.0.1:6001: bind: address already in use.

Different remote host:

$ tsh ssh example_host2
ERROR: Failed to bind to 127.0.0.1:6001: listen tcp 127.0.0.1:6001: bind: address already in use.

Workaround

In terminal 2, forward a different port.

$ tsh ssh -L 6002:127.0.0.1:80 example
[base] gunnar@example [ ~ ]$

Bug details

2023-08-01T08:36:47Z [CLIENT]    INFO ALPN connection upgrade required for "example.teleport.sh:443": false. client/api.go:620
2023-08-01T08:36:47Z [CLIENT]    INFO [KEY AGENT] Connected to the system agent: "/run/user/1000/keyring/ssh" client/api.go:3929
2023-08-01T08:36:47Z [KEYSTORE]  DEBU Reading certificates from path "/home/gunnar/.tsh/keys/example.teleport.sh/gunnar@example.com-ssh/example.teleport.sh-cert.pub". client/keystore.go:339
2023-08-01T08:36:47Z [KEYSTORE]  DEBU Teleport TLS certificate valid until "2023-08-01 20:21:59 +0000 UTC". client/client_store.go:91
2023-08-01T08:36:47Z [KEYAGENT]  INFO Loading SSH key for user "gunnar@example.com" and cluster "example.teleport.sh". client/keyagent.go:195
2023-08-01T08:36:47Z [KEYSTORE]  DEBU Teleport TLS certificate valid until "2023-08-01 20:21:59 +0000 UTC". client/client_store.go:91
2023-08-01T08:36:47Z [KEYSTORE]  DEBU Teleport TLS certificate valid until "2023-08-01 20:21:59 +0000 UTC". client/client_store.go:91
2023-08-01T08:36:47Z [CLIENT]    INFO Connecting to proxy=example.teleport.sh:443 login="gunnar" using TLS Routing client/api.go:2831
2023-08-01T08:36:47Z [KEYSTORE]  DEBU Teleport TLS certificate valid until "2023-08-01 20:21:59 +0000 UTC". client/client_store.go:91
2023-08-01T08:36:47Z [HTTP:PROX] DEBU No proxy set in environment, returning direct dialer. proxy/proxy.go:301
2023-08-01T08:36:47Z [KEYSTORE]  DEBU Teleport TLS certificate valid until "2023-08-01 20:21:59 +0000 UTC". client/client_store.go:91
2023-08-01T08:36:47Z [KEYAGENT]  DEBU "Checking key: ssh-rsa-cert-v01@openssh.com AAA...7g=\n." client/keyagent.go:367
2023-08-01T08:36:47Z [KEYAGENT]  DEBU Validated host example.teleport.sh:443. client/keyagent.go:373
2023-08-01T08:36:48Z [CLIENT]    INFO Successful auth with proxy example.teleport.sh:443. client/api.go:2836
2023-08-01T08:36:48Z [KEYSTORE]  DEBU Teleport TLS certificate valid until "2023-08-01 20:21:59 +0000 UTC". client/client_store.go:91
2023-08-01T08:36:48Z [CLIENT]    INFO Client= connecting to node=example on cluster example.teleport.sh client/client.go:1392
2023-08-01T08:36:48Z [KEYSTORE]  DEBU Teleport TLS certificate valid until "2023-08-01 20:21:59 +0000 UTC". client/client_store.go:91
2023-08-01T08:36:48Z [KEYAGENT]  DEBU "Checking key: ssh-rsa-cert-v01@openssh.com AAA...zX\n." client/keyagent.go:367
2023-08-01T08:36:48Z [KEYAGENT]  DEBU Validated host example:0@default@example.teleport.sh. client/keyagent.go:373

ERROR REPORT:
Original Error: *errors.errorString Failed to bind to 127.0.0.1:6001: listen tcp 127.0.0.1:6001: bind: address already in use.
Stack Trace:
    github.com/gravitational/teleport/lib/client/api.go:1648 github.com/gravitational/teleport/lib/client.(*TeleportClient).startPortForwarding
    github.com/gravitational/teleport/lib/client/api.go:1565 github.com/gravitational/teleport/lib/client.(*TeleportClient).runShellOrCommandOnSingleNode
    github.com/gravitational/teleport/lib/client/api.go:1436 github.com/gravitational/teleport/lib/client.(*TeleportClient).SSH
    github.com/gravitational/teleport/tool/tsh/tsh.go:3008 main.onSSH.func1.1
    github.com/gravitational/teleport/lib/client/api.go:509 github.com/gravitational/teleport/lib/client.RetryWithRelogin
    github.com/gravitational/teleport/tool/tsh/tsh.go:3007 main.onSSH.func1
    github.com/gravitational/teleport/tool/tsh/tsh.go:2918 main.retryWithAccessRequest
    github.com/gravitational/teleport/tool/tsh/tsh.go:3006 main.onSSH
    github.com/gravitational/teleport/tool/tsh/tsh.go:1102 main.Run
    github.com/gravitational/teleport/tool/tsh/tsh.go:492 main.main
    runtime/proc.go:250 runtime.main
    runtime/asm_amd64.s:1598 runtime.goexit
User Message: Failed to bind to 127.0.0.1:6001: listen tcp 127.0.0.1:6001: bind: address already in use.
Gunni commented 1 year ago

Fixed by upgrading client.