restricing port forwarding ports server-side

Vincent Danen vdanen at mandrakesoft.com
Tue Mar 18 15:44:39 EST 2003


On Sun Mar 16, 2003 at 01:00:51AM +1100, Damien Miller wrote:

> >>I know the book is a little dated, but has anything like this
> >>appeared in openssh yet?
> >
> >
> >We've got a proof-of-concept implementation of global and per-user
> >port forwarding control.  We don't use it anymore, so the patches are
> >still against 3.4p1, and they aren't thoroughly tested.
> >
> ><http://cert.uni-stuttgart.de/files/openssh/patches/>
> 
> See also my even older KeyNote policy patches (check the archives). I'll 
> probably revive them post-3.6.

Ok, I'll go digging through the archives.  Sounds intriguing.  =)

-- 
MandrakeSoft Security; http://www.mandrakesecure.net/
Online Security Resource Book; http://linsec.ca/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030317/29432931/attachment.bin 


More information about the openssh-unix-dev mailing list