On Wed, 28 Feb 2001 09:52:31 -0500 Tom Limoncelli <[EMAIL PROTECTED]> asks: > > Is it possible to configure sshd so that incoming connections can only > make certain tunnels or restrict which hosts tunnels can be directed > at? (Say, only to the imap4 server and smtp, or restrict tunnels from > going to a certain host) > > I can't find anything like this in the sshd man page. Maybe something > creative can be done with the use of entries in authorized_keys. I tunnel pppd through ssha nd heres what I do: I have the initiating side ssh to a particular user. That user has the right key set so that the initiating system can get in without any password. The account on the client side (not the in server/initiator side) is set up to run a restricted shell. It can only execute a minumum of commands, in this case sudo. Sudo is set up so that this account can execute pppd. pppd can then demand what ever authentication you want it to do. You should be able to to do something similar with imap or what ever you want to use. Hope that is of some use to you, Paul
