Package: openssh-server Version: 1:5.1p1-7 Severity: wishlist I'm trying to setup a reverse SSH box (i.e. one where people stuck behind NAT can SSH in and initiate a tunnel back to their machine). They use this something like this:
ssh lo...@box -R 2000:localhost:22 I'm trying to lock this down as far as possible - in particular I'd like to disable AllowTcpForwarding, however if I do this it prevents both local _and_ remote tunnels. Leaving AllowTcpForwarding open and setting "PermitOpen 127.0.0.1:65535" gets close - all the reverse tunnels work, but the only local tunnel that will work is "ssh lo...@box -L xxxx:localhost:65535". I'd like to use "PermitOpen none" (or just blank) however sshd doesn't allow this (just checked the source code). Thanks, Adrian -- Email: [email protected] -*- GPG key available on public key servers Debian GNU/Linux - the maintainable distribution -*- www.debian.org -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
