Dear Damien, On Wed, Jul 28, 2021 at 1:19 AM Damien Miller <djm@xxxxxxxxxxx> wrote: > On Tue, 27 Jul 2021, Dmitry Belyavskiy wrote: > > Perhaps make ip_nonlocal_bind=2 allow root to bind non-locally without > restriction. That might solve the problem for sshd and all other network > daemons? > Yes. It's one of the currently recommended workarounds. If SO_BINDANY does turn out to be cross platform without heavy caveats, > then perhaps a flag on this existing Listen directive would be more > acceptable, e.g. "Listen 111.222.33.44 bindany" - there is prior art > for such flags in the existing "rdomain" one. > Yes, it's the reasonable syntax for this purpose. Many thanks for the clue! -- Dmitry Belyavskiy _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
