Hosting Provided By

Re: Question about config SSH server, to restrict Port Forwarding

From: Brian Hatch <secure-shell(at)ifokr.org>
Date: Sun Aug 03 2003 - 14:28:31 EDT

In OpenSSH, this is the default. The port on bob will listen only on localhost, so you'd only be able to connect to it from bob.

desktop$ ssh -R 9001:whatever:5900 bob
...

bob$ netstat -natp|grep 9001
(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp 0 0 127.0.0.1:9001 0.0.0.0:* LISTEN -

desktop$ telnet bob:9001
telnet: Unable to connect to remote host: Connection refused

--
Brian Hatch                  "Packet-Filtering Barbie."
   Systems and               - Failed attempt by Mattel
   Security Engineer           to get into the computer
http://www.ifokr.org/bri/      security world, before
                               buying CyberPatrol.
Every message PGP signed

application/pgp-signature attachment: stored

Received on Sun Aug 3 17:10:47 2003

Do you need help?

This message: [ Message body ]
Next message: Bob & Rosann: "Re: Why is ssh 2 server secret key not passphrase protected ??"
Previous message: Russell Morrison: "RE: sftp directory restriction"
In reply to Jie C. Huang: "Question about config SSH server, to restrict Port Forwarding"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:01 EDT