Suggestion for -G option for remote ports to be forwarded, analogous to -g option for local ports (-L) to be forwarded.

Michael Mess michael at michaelmess.de
Tue Oct 26 21:35:40 EST 2010


When forwarding local ports with -L these ports can be made accessible
to the local net with the -g option.

For remote ports, forwarded with -R this option does not apply. It would
be nice to have a -G option which does the same on the remote machine
for the remote net, depending on the remote users rights.

On the server site it should be configurable, on which
networks/addresses the forwarded ports should be (un)available if the -G
option is specified, this should default to the remote users rights:
If the remote user (the user logged in on the remote site) can do a "ssh
-g", the local user should be able to use the -G option.
This would make sense, because a logged in remote user who can do "ssh
-g" could login to itself with "ssh -g", forwarding another port,
accessible by everywhere to the only local accessable port already
forwarded by the ssh session created when logging in from local to remote.

Cheers,

Michael


More information about the openssh-unix-dev mailing list