Re: Disable port forward on specific users
From: smn (smn_at_smn.smn)
Date: 06/06/03
- Next message: Lapp: "Forwarding FTP with PuTTY"
- Previous message: Mike: "Re: scp batch file"
- In reply to: Franky: "Disable port forward on specific users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 06 Jun 2003 17:44:42 GMT
Franky wrote:
> Hi,
>
> I'm wondering if it is possible to prevent a specific user from forwarding a
> specific port on my server (or any port).
> Thanks for your help
>
> FRANK
>
>
You might want to look into the "permitopen" feature which is entered in
the user's authorized_keys file. I have on my server allowed people to
log in and forward a connection to a particular machine and a specific
port. It looks like this for each key:
permitopen="192.168.10.15:5555" ssh-dss AAAAB3Nza...
You might also be interested in the no-port-forwarding option in the sshd.
no-port-forwarding
Forbids TCP/IP forwarding when this key is used for authentica-
tion. Any port forward requests by the client will return an
error. This might be used, e.g., in connection with the command
option.
- smn
- Next message: Lapp: "Forwarding FTP with PuTTY"
- Previous message: Mike: "Re: scp batch file"
- In reply to: Franky: "Disable port forward on specific users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
