On Tue, Jan 04, 2005 at 12:04:06PM +0100, Mathieu Roy wrote: > > Incidentally, one can use port forwarding at Gna!, hence make Gna! do > > unwanted connections, for example: > > > > $ ssh [EMAIL PROTECTED] -L 8080:www.gnu.org:80 "cvs server" > > $ links http://localhost:8080 > > > > So, the feature has some usefulness, allowing to make a kind of > > special sshd_config for Savane-managed users, but I hesitate about > > including it. > > Hum, as we provide ssh access, I guess we can assume that using -L is > ok. Shouldn't we?
Not sure; especially in the case where Gna! is used that way as a gateway to perform an attack or other nasty things. Likewise, we provide SSH but we do not provide shell access. What do you think? > > - SSH keys are recreated: > > > > * if the user_name contains a comma (,) - I'll fix this after the > > branch is merged, as promised some months ago > > But if user_name contain a comma, there's a bug, as it is not > legitimate in a unix name, is it? *cough* If the _realname_ contains a comma (eg Thomas Bushnell, BSG). -- Sylvain
