Restrict a client port-forward to 1 port
Joseph Spenner
joseph85750 at yahoo.com
Fri Aug 14 05:00:13 EST 2009
--- On Thu, 8/13/09, Adriana Rodean <adrya1984 at gmail.com> wrote:
> Hi again,
>
> Maybe i didn't expressed myself right.
> I want client X to be able to connect with this command:
> ssh -L
> 30300:localhost:8080 -R 1037:localhost:55555
> Client Y to be able to connect with: ssh -L
> 30300:localhost:8080 -R
> 1038:localhost:55555
> and so on
> but client Y should be forbidden to connect with: ssh
> -L
> 30300:localhost:8080 -R 1037:localhost:55555
From what I can tell, your goal is to restrict certain REMOTE port forward values. I do not think it is possible to place restrictions on REMOTE port forwards if port forwarding is enabled in sshd_config. In the authorized_keys, you can list 'permitopen' options, but this only applies to LOCAL port forwards.
More information about the openssh-unix-dev
mailing list