Hello, I have a question regarding the dynamic port forward feature of ssh. I quite often use this feature to use mail and web over unsecure networks. Now, my question is, if the remote end with ssh should be compromised, is theoretically any way to go over the open ssh connection to access the client side of the computer, by using a buffer overflow or bug in ssh to execute code or access the local network. Can sshd initiate connections the opposite way in such a configuration or is it only ssh that initiates all connections to the sshd endpoint? Since this tunnel can be open for quite some time, it could be a possible way back into the client system, or am i just too paranoid? Any views on this is greatly appreciated. Regards Johan