openssh and port forwarding as root

Jarno Huuskonen Jarno.Huuskonen at uku.fi
Wed Jun 20 23:43:15 EST 2001


On Wed, Jun 20, Markus Friedl wrote:
> i think it was decided that identd is not worth the trouble
> of trying to acheive this in a portable way.

Probably the only reason for implementing this might be that inside your
own org. identd could give some (weak) auditing/log information.
Hmm, how portable is the open socket as user -> identd shows user owns
the connection ?

> On Wed, Jun 20, 2001 at 01:32:41PM +0300, Jarno Huuskonen wrote:
> > Openssh sshd opens the socket that forwards users requested port
> > forwards as root, so the connection seems to come from root. Is it
> > enough to open the socket as normal user so the connection would appear
> > to come from that user ? (On Linux this seems to work, but what about
> > other OS's ?)

-Jarno

-- 
Jarno Huuskonen - System Administrator   |  Jarno.Huuskonen at uku.fi
University of Kuopio - Computer Center   |  Work:   +358 17 162822
PO BOX 1627, 70211 Kuopio, Finland       |  Mobile: +358 40 5388169



More information about the openssh-unix-dev mailing list