OpenSSH: allow -R only
From: Thomas Themel (themel-comp.security.ssh-030828_at_isogsglei.iwoars.net)
Date: 28 Aug 2003 10:35:28 GMT
I'm trying to set up an account on an OpenSSH server to only allow -R
forwarding, but not -L forwarding. I've gone through a lot of OpenSSH
documentation and Google results, but it seems there is no way to configure
Things I've tried that failed:
- no-port-forwarding also blocks -R forwarding
- permitopen can be used to allow specific -L connection
The target scenario should allow authorized clients to connect and let
the (host-key authenticated) server access their forwards, but not allow
the clients any extra access to the network of the server.
Is there a way to do this in OpenSSH (preferrably 3.4, but upgrade is
-- [*Thomas Themel*] one with nintendo [extended contact] halcyon symbiosis [info provided in] hand thinks for itself [*message header*] -- D. A. Koronakos and B. Roberts; "High-tech Haikus"