ServerSide ACLs for -L type port forwarding

Markus Friedl markus.friedl at
Tue Jun 26 14:59:00 EST 2001


             Limit local ``ssh -L'' port forwarding such that it may only con-
             nect to the specified host and port. Multiple permitopen options
             may be applied separated by commas. No pattern matching is per-
             formed on the specified hostnames, they must be literal domains
             or addresses.

On Mon, Jun 25, 2001 at 11:49:45AM -0700, Reza Naima wrote:
> I have a need to add some server-side ACL functionality to the way ssh
> handles port forwarding.  For a first pass, I want to be able to
> restrict -L port forwarding to localhost on the server only and I want
> to be able to specify the ports on Server.
> I was wondering if there would be any desire to incorporate said changes
> back into the main development tree?  If so, are there coding guildlines
> available somewere.
> Thanks,
> Reza
> p.s. I havn't yet subscribed to the list, so please Cc me with any
> replies
> --
> /"\
> \ /  ASCII Ribbon Campaign
>  X   Against HTML Mail
> / \  and Postings

More information about the openssh-unix-dev mailing list