OpenSSH-Client without reverse tunnel ability
Philipp Marek
philipp at marek.priv.at
Wed Apr 4 22:21:27 AEST 2018
> Thank you for your quick response, but I want to restrict the
> SSH-*client* from establishing reverse tunnels to the *outer* world.
> (As
> I cannot control all the SSH servers out there.)
Oh sorry, I misunderstood.
Well, then have a local SSH server that _must_ be used to get to outside
servers (a jumphost, and the firewall inhibits other SSH connections),
and allow only a shell and your chosen /usr/bin/ssh on that one.
Good luck on that, BTW.
Exfiltrating data can be done in so many ways...
More information about the openssh-unix-dev
mailing list