wow, thanks for the reply!
"At the time I was running an AnonCVS server and I had realized that the anonymously connecting clients could use port forwarding to bounce TCP connections off the server." was this fixed meanwhile? Sent: Tuesday, October 18, 2016 at 5:01 PM From: "Christian Weisgerber" <[email protected]> To: [email protected] Subject: Re: SSHowDowN On 2016-10-18, "Peter Janos" <[email protected]> wrote: > so having AllowTcpForwarding=NO would help. > > Why is it yes by default? someone requested it to be yes? does anybody know? It has always been like this. OpenSSH inherited it from Ylønen-SSH. In the beginning, OpenSSH didn't even have a configuration option to disable port forwarding. Sixteen years ago Markus committed the diff I had submitted that added the AllowTcpForwarding option. -------------------> CVSROOT: /cvs Module name: src Changes by: [email protected] 2000/10/14 06:12:09 Modified files: usr.bin/ssh : servconf.c servconf.h serverloop.c session.c sshd.8 Log message: AllowTcpForwarding; from naddy@ <------------------- At the time I was running an AnonCVS server and I had realized that the anonymously connecting clients could use port forwarding to bounce TCP connections off the server. -- Christian "naddy" Weisgerber [email protected]
