[openssh-commits] [openssh] branch master updated: upstream: mention that LocalForward and RemoteForward can accept Unix

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Oct 18 16:54:00 AEDT 2024 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

The following commit(s) were added to refs/heads/master by this push:
     new fe4305c3 upstream: mention that LocalForward and RemoteForward can accept Unix
fe4305c3 is described below

commit fe4305c37ffe53540a67586854e25f05cf615849
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Fri Oct 18 05:53:26 2024 +0000

    upstream: mention that LocalForward and RemoteForward can accept Unix
    
    domain socket paths; GHPR115
    
    OpenBSD-Commit-ID: a8a34d0a0c51a9ddab3dfce615f9878fa76ef842
---
 ssh_config.5 | 27 ++++++++++++++++++++-------
 1 file changed, 20 insertions(+), 7 deletions(-)

diff --git a/ssh_config.5 b/ssh_config.5
index 46ac6521..08c823ab 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.403 2024/09/25 06:13:01 jmc Exp $
-.Dd $Mdocdate: September 25 2024 $
+.\" $OpenBSD: ssh_config.5,v 1.404 2024/10/18 05:53:26 djm Exp $
+.Dd $Mdocdate: October 18 2024 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -1344,9 +1344,11 @@ This directive is ignored unless
 .Cm PermitLocalCommand
 has been enabled.
 .It Cm LocalForward
-Specifies that a TCP port on the local machine be forwarded over
-the secure channel to the specified host and port from the remote machine.
-The first argument specifies the listener and may be
+Specifies that a TCP port or Unix-domain socket on the local machine
+be forwarded over
+the secure channel to the specified host and port (or Unix-domain socket)
+from the remote machine.
+For a TCP port, the first argument must be
 .Sm off
 .Oo Ar bind_address : Oc Ar port
 .Sm on
@@ -1356,6 +1358,11 @@ The second argument is the destination and may be
 or a Unix domain socket path if the remote host supports it.
 .Pp
 IPv6 addresses can be specified by enclosing addresses in square brackets.
+.Pp
+If either argument contains a '/' in it, that argument will be
+interpreted as a Unix-domain socket (on the corresponding host) rather
+than a TCP port.
+.Pp
 Multiple forwardings may be specified, and additional forwardings can be
 given on the command line.
 Only the superuser can forward privileged ports.
@@ -1705,9 +1712,10 @@ accept the tokens described in the
 .Sx TOKENS
 section.
 .It Cm RemoteForward
-Specifies that a TCP port on the remote machine be forwarded over
-the secure channel.
+Specifies that a TCP port or Unix-domain socket on the remote machine
+be forwarded over the secure channel.
 The remote port may either be forwarded to a specified host and port
+or Unix-domain socket
 from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote
 client to connect to arbitrary destinations from the local machine.
 The first argument is the listening specification and may be
@@ -1725,6 +1733,11 @@ restricted by
 .Cm PermitRemoteOpen .
 .Pp
 IPv6 addresses can be specified by enclosing addresses in square brackets.
+.Pp
+If either argument contains a '/' in it, that argument will be
+interpreted as a Unix-domain socket (on the corresponding host) rather
+than a TCP port.
+.Pp
 Multiple forwardings may be specified, and additional
 forwardings can be given on the command line.
 Privileged ports can be forwarded only when

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list