authorized_keys options for remote forwarding

Peter Stuge stuge-openssh-unix-dev at cdy.org
Fri Sep 5 21:19:47 EST 2003


On Fri, Aug 29, 2003 at 02:06:02PM +0200, Thomas Themel wrote:
> Hi,
> 
> I've recently run into a situation where it I want clients (or certain
> keys) to connect to an OpenSSH server and set up a remote port
> forwarding channel (-R) without allowing them to do anything else.

Hmm, do you mean like this?

command="/usr/bin/cat",no-X11-forwarding,no-agent-forwarding,\
permitopen="ip1:port1",permitopen="ip2:port2" ssh-rsa AAAA...

This works very well for me, although I should at least point cat to
/dev/null, or even better code up a client that _only_ does the forwarding.


//Peter




More information about the openssh-unix-dev mailing list