How disable forwarding-only connections (i.e. non-shell/command non-sftp connections)? (Maybe this is a feature request!)

Tinker tinkr at
Thu Nov 26 02:59:14 AEDT 2015


I tried with all available options to disable forwarding-only 
connections, by:

"AllowAgentForwarding no
AllowTcpForwarding no"

This had no effect, so what I got in effect was dummy connections.

I would like to disable this "class" of connections altogether. The 
outcome will be that all authenticated connections will lead to a 
command, be it /usr/libexec/sftp-server or other.

So something like "ForwardingOnlyConnections on/off".

Would you be interested in adding this to your next release?


More information about the openssh-unix-dev mailing list