It seems to be a good idea. Thanks for hint.
-----Original Message-----
From: CentrinO [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 02, 2007 9:29 PM
To: Rajmon, Ondřej
Subject: Re: Is it secure to run a ssh client as root?
[EMAIL PROTECTED] wrote:
> Hello,
> I have a question that's rather theoretical than technical. I need to forward
> a privileged local port (80). As described in the ssh's manuall page, I need
> to run my ssh client as root. Can you tell me your opinion about security of
> such solution? What's the probability that somebody tries to attack a system
> thru a ssh client and will be succesfull (I mean compared to attacks thru a
> sshd (server) if it makes some differents)? Is such solution advisable for
> communication thru the Internet?
> Ondrej
>
>
what about let the client use port for example 8080 and NAT localy
connection to port 80?
something like:
iptables -t nat -I PREROUTING -p tcp -m tcp -d <Your IP> --dport 80 -j
DNAT --to-destination 8080
Works fine and it is able to start SSH as unpriviledged user
Have a nice day
--
David "CentrinO" Kunes
Mail: [EMAIL PROTECTED]
ICQ : 87038956
Není většího lichotníka, než jakým je člověk sám sobě, a není lepšího léku
proti tomuto lichocení, než upřímnost přítele.
-- Francis Bacon
