thr3ads.net - openssh bugs - [Bug 2751] New: permitopen but for -R option [Jul 2017]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at bugzilla.mindrot.org

2017-Jul-28 13:29 UTC

[Bug 2751] New: permitopen but for -R option

https://bugzilla.mindrot.org/show_bug.cgi?id=2751

            Bug ID: 2751
           Summary: permitopen but for -R option
           Product: Portable OpenSSH
           Version: 7.5p1
          Hardware: Other
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: biagioni84 at gmail.com

Created attachment 3024
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3024&action=edit
patch exported from github pull request

restricts which ports are available for a given user on a remote server
when opening remote forwarding ports.

use case: NAT traversing limited to a specified port for each user
on the remote server.
on the users .ssh/authorized_keys , add: permitopen="host:port" and
user's public key. it helps mitigate a DoS in case a user's private key
is lost
** if no permitopen is found for the user, all ports are allowed as
usual
useful to limit tunneling for nat traversing to a specified port on a
by user base

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2018-May-25 03:34 UTC

head link

[Bug 2751] permitopen but for -R option

https://bugzilla.mindrot.org/show_bug.cgi?id=2751

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Status|NEW                         |RESOLVED
         Resolution|---                         |DUPLICATE

--- Comment #1 from Damien Miller <djm at mindrot.org> ---


*** This bug has been marked as a duplicate of bug 2038 ***

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

bugzilla-daemon at mindrot.org

2021-Apr-23 05:01 UTC

head link

[Bug 2751] permitopen but for -R option

https://bugzilla.mindrot.org/show_bug.cgi?id=2751

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

openssh bugs - Jul 2017 - [Bug 2751] New: permitopen but for -R option

[Bug 2751] New: permitopen but for -R option

[Bug 2751] permitopen but for -R option

[Bug 2751] permitopen but for -R option