Security suggestion concering SSH and port forwarding.
Damien Miller
djm at mindrot.org
Tue Jan 20 13:46:49 EST 2004
Ben Lindstrom wrote:
>>scponly does sort of imply, um, scp only. Perhaps supporting the pubkey
>>permissions flags in sshd_config on a per-user basis might be feasible?
>
> It is my understanding that such a patch exists in a form of linking
> OpenSSH to Keynotes. However, I've never played with it. <shrug> Like
> with most open source projects.. One hacks what affects them and what they
> enjoy hacking on.
I wrote a patch to add systemwide and per-user KeyNote policies a few
years ago. It would need a lot of cleanup to work in today's privilege
separated world.
-d
More information about the openssh-unix-dev
mailing list