bugzilla-daemon at mindrot.org
2015-Feb-01 19:32 UTC
[Bug 2347] New: permitopen doesn't work with unix domain sockets
https://bugzilla.mindrot.org/show_bug.cgi?id=2347 Bug ID: 2347 Summary: permitopen doesn't work with unix domain sockets Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: mail at mpopp.eu Hi, thank you for the 6.7 release and the nifty feature to support binding remote tunnels to unix domain sockets. Unfortunately the permitopen command doesn't support domain sockets as well. If I put the following in my /home/user/.ssh/authorized_keys file: permitopen="/tmp/asdf" ssh-ed25519 AAAA... I get the following error message: Feb 1 19:20:54 client sshd[62063]: Bad options in /home/user/.ssh/authorized_keys file, line 1: ssh-ed25519 AAAA.. It would be great, if could have a look at the code and add support for using unix domain sockets together with permitopen. I have had a look at the code, but I couldn't provide a fix :-( Regards Marcus P.S. Greetings Markus from your old fellow :-) -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Feb-02 11:57 UTC
[Bug 2347] permitopen doesn't work with unix domain sockets
https://bugzilla.mindrot.org/show_bug.cgi?id=2347 Marcus Popp <mail at mpopp.eu> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #1 from Marcus Popp <mail at mpopp.eu> --- *** This bug has been marked as a duplicate of bug 2038 *** -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Feb-02 12:09 UTC
[Bug 2347] permitopen doesn't work with unix domain sockets
https://bugzilla.mindrot.org/show_bug.cgi?id=2347 Marcus Popp <mail at mpopp.eu> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|DUPLICATE |--- Status|RESOLVED |REOPENED -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-Oct-19 20:22 UTC
[Bug 2347] permitopen doesn't work with unix domain sockets
https://bugzilla.mindrot.org/show_bug.cgi?id=2347 openssh at funkthat.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |openssh at funkthat.com --- Comment #2 from openssh at funkthat.com --- Please implement this feature. I tried to do this myself, but getting testing and what looks like threading support through all the calls that need it is too complicated for someone who doesn't know the code base w/o possibly opening up a security hole. The unix domain sockets feature is not completely w/o this. For my use case, w/o this support, there is no point is using this, and I'll be looking at another tool. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Jun-12 20:31 UTC
[Bug 2347] permitopen doesn't work with unix domain sockets
https://bugzilla.mindrot.org/show_bug.cgi?id=2347 Jernej Jakob <jernej.jakob at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Version|6.7p1 |9.3p1 CC| |jernej.jakob at gmail.com -- You are receiving this mail because: You are watching the assignee of the bug.
Maybe Matching Threads
- [Bug 2038] New: permitopen functionality but for remote forwards
- [Bug 2355] New: general protection / segfaults when PermitOpen=none
- [Bug 1267] PermitOpen - Multiple forwards don't works
- [Bug 2711] New: Patch to add permitgwport and restrict permitopen to be a default deny
- [Bug 2001] New: Document PermitOpen none in man page