permitopen flag in authorized_keys file
Markus Friedl
markus at openbsd.org
Wed Sep 12 20:29:15 EST 2001
On Mon, Aug 27, 2001 at 08:35:18PM +0200, Florian Weimer wrote:
> I've just discovered the permitopen flag. We need such a feature for
> our poor man's VPN services, but this flag seems to be usable only if
> you generate your authorized_keys file from a database or something
> like that: keeping a long list of host/port combinations up to date
> for several users and keys is no fun.
>
> As announced before, we have developed a far more powerful mechanism
> for controlling port forwarding, see:
>
> http://cert.uni-stuttgart.de/projects/openssh.php
>
> (I'm currenty porting it to the most recent portable OpenSSH version.)
>
> Why haven't you used this already existing code?
already existing code was used.
More information about the openssh-unix-dev
mailing list