Re: Howto?

• Previous message: Ahtonín Karásek: "RE: sftp and chroot"
• In reply to: Stephen Biggs: "Howto?"
• Next in thread: Stephen Biggs: "Re: Howto?"
• Reply: Stephen Biggs: "Re: Howto?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 25 Aug 2003 09:07:54 -0700 (PDT)
To: Stephen Biggs <xyzzy@hotpop.com>

Stephen: this depends on what services you're trying to forward (unless
I'm misreading your question).

What are you trying to accomplish with your tunnel?

+---------------------------------------------------
| Regards;
| Matt Linton
| UNIX Systems Administrator
| ASANI Solutions, LLC.
+---------------------------------------------------

On Sun, 24 Aug 2003, Stephen Biggs wrote:

> I have a machine behind a firewall that I connect out to another machine
> using remote port forwarding. Then, on the outer machine, I tunnel back
> through to the firewalled machine by accessing the listening port with
> SSH.
>
> This works fine but seems more than a little insecure. I would rather
> have the firewalled machine connect to the outer machine with a special
> account that only allows this connection without any other ability to
> normal SSH and login.
>
> I was thinking that the outer machine could define a user with
> "/bin/false" as its shell. I already connect using "-T -N" which should
> not need a remote shell. Would this work and would this also prevent
> SCP/SFTP from running?
>
>

• Previous message: Ahtonín Karásek: "RE: sftp and chroot"
• In reply to: Stephen Biggs: "Howto?"
• Next in thread: Stephen Biggs: "Re: Howto?"
• Reply: Stephen Biggs: "Re: Howto?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]