The error you're getting with SSH isn't a problem with the pi, your local user is not root which means you cannot bind to any port <=1024, try listening on local port 8080 instead with -L 8080:localhost:80
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
bind [::1]:80: Permission denied channel_setup_fwd_listener_tcpip: cannot listen to port: 80 Could not request local forwarding
Some service is still grabbing your port 80, so the new job cannot start to listen there.
However i can not connect to port 80 for OMV
But this service is not really listening.
Maybe your first installation job is not 100% finished, but still 'hanging around' somehow?
Just a thought - I do not really know OMV.
The ssh tunnel might not work because the linux os reserves the ports 0-1023 to OS. You need higher priviliges to reserve this ports for your applications. If you type sudo ss -tulpn you can see the applications that are bound to you ports. Do you see nginx behind local addresses 0.0.0.0:80 and [::]:80 ?
I don't use OMV so take this with a grain of salt, but I would hazard a guess that the web server isn't listening on port 80.
Try ss -ltn
for a list of ports on which the system is listening and ss -nut
for a list of active connections. Double-checking firewall rules (commonly ufw) or filter rules (iptables) will be useful for diagnosing connection issues.
(edited swapping around ss option explanations)
The issue was much more straightforward than i thought. It seems sometimes thinking of too complex issues will hinder finding the easiest cause - the local forewall on the pi was blocking it / had no explcite allow.
To check i did: sudo ufw status verbose
There was only port 22
I added the new port as Allow Port 8081: sudo ufw allow 8081
And it works now! Thanks for all the tipps that pointed me in the right direction!
Thanks for the hints, this definitely helped, however it did not solve the issue.
What i did:
- I changed via
omv-firstaid
the omv port from 80 to 8081. - I confirmed with
ss -ltn
that this change was successful and i see the listening port 80 vanished, while this now popped up:
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 511 0.0.0.0:8081 0.0.0.0:*
- I tested locally via ssh from the pi the connection via
curl http://mylocalip:8081/
and it works, i get the html back - I tested from my laptop (connected to my router via WiFi, where the raspberry is meshed into via the repeater in between) and i still get the timeout.
- I tried tunneling again via ssh
ssh -L 8081:localhost:8081 pi@raspberrypi.local
and i did not get any errors this time. However when i open the local url in the browser i get a connection reset and my terminal shows mechannel 3: open failed: administratively prohibited: open failed
. However this just says that TcPForwarding is disabled, which is fine, so that tunneling issue should not be the main problem, i assume.
Now I would double check your name services.
First reboot the Fritz 7490, then the Fritz 4040.
Then ping from everywhere to your Pi AND also ping from the Pi to every other machine: all the names must resolve to the proper addresses.