Re: Restrict a client port-forward to 1 port

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

Thank you so much for the reply :)

Yes that's exactly what i want, restrict certain REMOTE port forward values.
If client X has remote port 1037 on the server then client Y should be
forbidden to do remote port-forwarding on port 1037 if client X is not
connected.
Can't it be restricted somehow with iptables or with some Linux commands?
If ssh can't i'm thinking maybe Linux can...
I mean restrict only client X (which is behind a certain ip address)
to listen to port 1037 on the server.

I'm not Linux user, and have minimal knowledge about Linux, but maybe
someone knows...

Thank you again,
Adriana

On Thu, Aug 13, 2009 at 22:00, Joseph Spenner<joseph85750@xxxxxxxxx> wrote:
> --- On Thu, 8/13/09, Adriana Rodean <adrya1984@xxxxxxxxx> wrote:
>
>> Hi again,
>>
>> Maybe i didn't expressed myself right.
>> I want client X to be able to connect with this command:
>> ssh -L
>> 30300:localhost:8080 -R 1037:localhost:55555
>> Client Y to be able to connect with: ssh -L
>> 30300:localhost:8080 -R
>> 1038:localhost:55555
>> and so on
>> but client Y should be forbidden to connect with:  ssh
>> -L
>> 30300:localhost:8080 -R 1037:localhost:55555
>
> From what I can tell, your goal is to restrict certain REMOTE port forward values.  I do not think it is possible to place restrictions on REMOTE port forwards if port forwarding is enabled in sshd_config.  In the authorized_keys, you can list 'permitopen' options, but this only applies to LOCAL port forwards.
>
>
>
>
>


[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux