Re: No shell only forwarding
phyzlo_at_yahoo.com
Date: 09/19/05
- Previous message: Richard E. Silverman: "Re: Is a SSH tunnel for accessing POP3 over SSL really a safe solution?"
- In reply to: Darren Tucker: "Re: No shell only forwarding"
- Next in thread: Alan Hadsell: "Re: No shell only forwarding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 19 Sep 2005 11:20:53 -0700
Thanks for the reply!
>
> It would help if you mentioned what OS and SSH software you're using.
>
> With OpenSSH, if you set the user's shell to something that is listed
> in /etc/shells but exits immediately (eg /bin/true) then the user will
> still be able to forward ports with something like:
>
> ssh -N -L 1234:foo.example.com:1234 bar.example.com
>
Sorry for that. I'm using OpenSSH server on my Linux machine but I
would like the client machines on windows (using putty or any other ssh
client) not have shell access.
I tried the -N parameter and it seems to work, but then it is the
client who's requesting not to access the shell. I would like to do
this on the server side.
Maybe if I could hang the shell into some kind of loop ? So that it
does not disconnect but also not let you in ?
Thanks again!
- Previous message: Richard E. Silverman: "Re: Is a SSH tunnel for accessing POP3 over SSL really a safe solution?"
- In reply to: Darren Tucker: "Re: No shell only forwarding"
- Next in thread: Alan Hadsell: "Re: No shell only forwarding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
