Re: ssh tricks (was Re: ssh -t <host> /bin/sh trick (was Re: ftp

From: Nate Williams (nate@yogotech.com)
Date: 03/01/01 

From: Nate Williams <nate@yogotech.com>
Date: Thu, 1 Mar 2001 09:58:38 -0700 (MST)
To: Kris Kennaway <kris@obsecurity.org>

> > > Are you aware that the FreeBSD SSH installation by default has TCP
> > > forwarding enabled?
> >
> > Yep. Note, the commercial version SSH1 had the ability to turn on/off
> > port forwarding on a per-user and/or a per-port options.
> >
> > So, you could disable/enable all ports but one, and then enable/disable
> > the particular port for certain users.
> >
> > It was pretty nice for setting up 'truly' secure systems that still
> > allowed some flexibility.
> >
> > Too bad this doesn't exist in OpenSSH (or if it does, I haven't found
> > it).
>
> I can't even find mention of this in the ssh.com version - can you
> point me to it?

It was in the commercial version of their SSH1 product. This was from
at least 2 years ago, although I think I still have the product
somewhere around here.

Nate

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message