It looks like there is good support for limiting connections on the
server side when the client uses the -L flag. What about support for
server side connections (listens) when the client uses the -R flag?
I am looking for an equivalent to permitopen that says what ports are
valid for the remote host when using the -R flag. As it sits now, an
unscrupulous ssh user can bind to any port above 1024 (on a unix box)
or bind to any port on a windows box.
Does anybody have any ideas? I am working from the 3.0.2p1 release of
the code. It seems like channels.c is the proper place to put this
code if I can develop it. Is there any roadmap to how the code in
connect.c is used or is this a case of UTSL? I just took a cursory
glance through the code and I fail to see any functions in channels.c
that are intended for setting up the reverse forwarded connections.
I assume I will have to add a new check function in:
serverloop.c:server_input_global_request
at:
/* check permissions */
if (!options.allow_tcp_forwarding ||
no_port_forwarding_flag ||
(listen_port < IPPORT_RESERVED && pw->pw_uid
!= 0)) {
success = 0;
packet_send_debug("Server has disabled port
forwarding."
I assumed I could implement a parallel mechanism to the -L port
checking, but I am having trouble figuring out how restriction of the
-L ports is implemented.
Any assistance welcome.
-- rouilj
John Rouillard
==============================================================================My
employers don't acknowledge my existence much less my opinions.