Boyle, Sean wrote:
[...]
The problem:
If ChrootDirectory is set for a given end user, port forwarding no
longer works. The love letter from ssh is that it is "administratively
prohibited". I tried using match blocks and specifying the port
forwarding and ChrootDirectory in various combinations and still it does
not work.
[...]
PermitOpen localhost:5901
I suspect the problem is that the process inside the chroot can't
resolve "localhost" to an IP address. If you change this to
"127.0.0.1:5901" does it make a difference?
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
