[scponly] port forwarding
David Ramsden
david at hexstream.eu.org
Sun Jun 20 20:51:04 EDT 2004
On Fri, Jun 18, 2004 at 10:09:08PM +0200, ruby at eq.cz wrote:
> hi,
Hi.
> i've tried to do a port forwarding on scponly account (scponly on target
> computer) via 'ssh -N -L ...' command and was happy that it works. well,
> now i would like to know if it is possible to restrict some accounts so
> that it won't be possible.
This is not possible via scponly as this is just the "session shell".
Port forwarding is controlled by the SSH daemon itself.
See the AllowTcpForwarding option for sshd_config - Although this can
only be "yes" or "no" and not UID/GID specific it may be of some
interest to you.
> thanks,
> r.
>
Hope this helps.
David.
--
.''`. David Ramsden <david at hexstream.eu.org>
: :' : http://david.hexstream.eu.org/
`. `'` PGP key ID: 507B379B on wwwkeys.pgp.net
`- Debian - when you have better things to do than to fix a system.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20040621/0bf0b366/attachment.bin
More information about the scponly
mailing list