Question about config SSH server, to restrict Port Forwarding

• Previous message: Asif Iqbal: "scp only , no ssh"
• Next in thread: Derek Martin: "Re: Question about config SSH server, to restrict Port Forwarding"
• Reply: Brian Hatch: "Re: Question about config SSH server, to restrict Port Forwarding"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <secureshell@securityfocus.com>
Date: Fri, 1 Aug 2003 15:03:26 -0400

Hi,

I have a quest about Remote Port Forwarding of SSH.
This command:

ssh -R 9001:Alice:5900 Bob

This will result in allocating a socket to listen to
port 9001 on the remote machine Bob, and whenever a
connection is made to Bob:9001, the connection is
forwarded to Alice:5900.

Ok, now the question is:
I wish to restrict the "whenever a connection to Bob:9001"
to "only from localhost (Bob)"
meaning that, you can't "telnet Bob 9001" from anywhere
outside machine Bob. You can only do it from Bob.

The port "opened by forwarding functionality" is the
only port I want to restrict.

How can I achieve this? Should I achieve this via the
SSH configuration file (OpenSSH or SECSH)? or I can only
achieve this via OS setup or via check incoming connection
by myself?

Thanks for answering.

Jie
------------------
Feel free to contact me:
Email: jiechau@yahoo.com
Weblog: http://www.livejournal.com/~jie73

• Previous message: Asif Iqbal: "scp only , no ssh"
• Next in thread: Derek Martin: "Re: Question about config SSH server, to restrict Port Forwarding"
• Reply: Brian Hatch: "Re: Question about config SSH server, to restrict Port Forwarding"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]