On Wed, 04 May 2011 04:41:32 +0200, Jerome BENOIT wrote: > I am trying to restrict ssh port forwarding to one port on my Squeeze > box: my current understanding is that I may play with the OpenPermit > option in sshd_config.
You meant "PermitOpen", right? :-) > By default OpenPermit is set to `any': if I set > it to 127.0.0.1:12345 , I observed not restriction at all: all port can > still forward. How are you testing this? I think when you set "PermitOpen=host:port" you are limiting your users to use local port forwarding on the specified host and port when they use local port forwading. > On the otherhand, if I set AllowTcpForwarding to `n' , > then OpenPermit permits no port. > > Do I miss something ? AFAIK, "AllowTcpForwarding=no" should disable both, local and remote port forwarding (-L and -R), regardless the value of any other variable. Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/pan.2011.05.04.14.52...@gmail.com
