Question about config SSH server, to restrict Port Forwarding

From: Jie C. Huang (jiechau_at_yahoo.com)
Date: 08/01/03

  • Next message: MULLIS Cynthia K: "question about sftp"
    To: <secureshell@securityfocus.com>
    Date: Fri, 1 Aug 2003 15:03:26 -0400
    
    

    Hi,

    I have a quest about Remote Port Forwarding of SSH.
    This command:

    ssh -R 9001:Alice:5900 Bob

    This will result in allocating a socket to listen to
    port 9001 on the remote machine Bob, and whenever a
    connection is made to Bob:9001, the connection is
    forwarded to Alice:5900.

    Ok, now the question is:
    I wish to restrict the "whenever a connection to Bob:9001"
    to "only from localhost (Bob)"
    meaning that, you can't "telnet Bob 9001" from anywhere
    outside machine Bob. You can only do it from Bob.

    The port "opened by forwarding functionality" is the
    only port I want to restrict.

    How can I achieve this? Should I achieve this via the
    SSH configuration file (OpenSSH or SECSH)? or I can only
    achieve this via OS setup or via check incoming connection
    by myself?

    Thanks for answering.

    Jie
    ------------------
    Feel free to contact me:
    Email: jiechau@yahoo.com
    Weblog: http://www.livejournal.com/~jie73



  • Next message: MULLIS Cynthia K: "question about sftp"

    Relevant Pages