Hello Devin, it seems I haven't done my homework, and wrote a patch without properly checking bugzilla ... > Anyhow, just drawing attention of these 2 patches together – they’re > similar, though not identical. [..] Your approaches looks > very familiar, it felt like deja vu. The patches are indeed very, very similar. I think that does underline the need for such an option. I must admit I was pretty surprised that it did not exist already. > Ours also changes the behavior of permitopen. While I generally agree with having to explicitly whitelist "permitopen" host/port pairs, it does change the default behavior and would probably break configuration in the wild. Or am I mistaken here? Best Philipp _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev