Is there any way to hook the point when channel port listener accepts a new connection?
yingyuan cheng
yingyuan.cheng at gmail.com
Fri Jan 22 18:15:15 EST 2010
Thank you Peter.
To correlate forwarding channel to login shell, sshd may provide user
an external optional command, executed when the port forward channel
receives a forwarding request. If the external command exits with
status 0, the request can go on, else forbide the request. So I can
configure system account shell with my customized program, which
directs the forwarding channel.
Is it difficult to do so if I modify sshd source?
Best Regards,
Leo
2010/1/22 Peter Stuge <peter at stuge.se>:
> It seems that you control the server side here, so you could add an
> optional kbd-int authentication to be performed at initial login, and
> add code to test the result of this auth when the port forward
> channel open request comes. I know it's not perfect but I suspect
> it's the best you can do. :\
>
>
> //Peter
More information about the openssh-unix-dev
mailing list