Huie-Ying Lee wrote: > James Carlson wrote: >> Wyllys Ingersoll writes: >> >>> I filed the "ssh config update" fast track for Huie-Ying Lee. The >>> timer expires on 6/19/2009 >>> >> >> Previously, the configuration file had a list of all(?) the >> configuration options along with comments that described each one. >> Why is this one being deleted? Is it no longer accepted as an option? >> (That is, is it now impossible to disable TCP port forwarding?) >> >> > The current SunSSH sshd_config file does not list all the > configuration options. This is the reason that I added a "(see also > sshd_config(4)" note in the new sshd_config file (see line 5). > > The "AllowTcpForwarding" option is still accepted as an option. An > administrator can disable it by adding "AllowTcpForwarding=no" to the > configuration file. > > I can change the relevant lines as below, if that looks better. > > #Port forwarding > #AllowTcpForwarding yes > >> Why not just change the way it installs, so that it installs as >> "AllowTcpForwarding yes" by default, and leaves it unchanged on >> upgrade or patch? >> >> > Right, that's our goal also. What would be the right release binding ? >>> The release binding is micro (patch). >>> >> >> Changing defaults in a patch seems a bit surprising. Are you sure you >> want to do that? >> >> > No, we don't want to do that.
The bit release binding statement was my fault, I added it out of habit. -Wyllys
