[Bug 2038] New: permitopen functionality but for remote forwards

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Aug 29 12:05:53 EST 2012


          Priority: P5
            Bug ID: 2038
          Assignee: unassigned-bugs at mindrot.org
           Summary: permitopen functionality but for remote forwards
          Severity: enhancement
    Classification: Unclassified
                OS: Other
          Reporter: damonswirled at gmail.com
          Hardware: Other
            Status: NEW
           Version: 6.0p1
         Component: sshd
           Product: Portable OpenSSH

i have a very similar use case to bug 1949 where i would like to create
a reverse ssh box using:

ssh login at box -R 2000:localhost:22

however i would like to be able to specify on the remote server what
port/s are able to be forwarded back to the client e.g. only 2000 in
this case. this might be accomplished in the same way that permitOpen
is used to limit the local forwards allowable on the server: in the
sshd_config and/or in the authorized_keys file.

in my case the remote server would be a backup machine that allows
remote backups from the field, even from behind firewalls, but trusting
the client the least amount possible. in the server configuration all
the client would be allowed to do is connect to the server and forward
a predetermined (set of) port/s back to itself, by which the server
could then initiate a remote backup.


You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list