Displaying 20 results from an estimated 700 matches similar to: "[Bug 2038] New: permitopen functionality but for remote forwards"
2017 May 08
2
[Bug 2716] New: [PATCH] Add "permitlisten" support for -R style forward
https://bugzilla.mindrot.org/show_bug.cgi?id=2716
Bug ID: 2716
Summary: [PATCH] Add "permitlisten" support for -R style
forward
Product: Portable OpenSSH
Version: 7.5p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
2017 May 05
3
[Bug 2711] New: Patch to add permitgwport and restrict permitopen to be a default deny
https://bugzilla.mindrot.org/show_bug.cgi?id=2711
Bug ID: 2711
Summary: Patch to add permitgwport and restrict permitopen to
be a default deny
Product: Portable OpenSSH
Version: 7.2p2
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component:
2014 Jun 17
1
Reverse tunnel security settings
I have a number of connections coming in to my host to create a reverse tunnel
from machine 1: ssh -R:19991:192.168.250.251:80 user1 at host.org -N -f
from machine 2: ssh -R:19992:192.168.250.251:80 user2 at host.org -N -f
from machine 3: ssh -R:19993:192.168.250.251:80 user3 at host.org -N -f
You can see that each user has a specific port that they should use.
I would either like to
2017 May 08
2
[PATCH] / permitgwports / permitlisten
Hi Phillipp, developers;
I likewise just submitted a patch for similar. It i buried under the thread named OpenSSH contract development / patch.
At the request of the OpenSSH dev team, I submitted our patch in the mindrot Bugzilla
https://bugzilla.mindrot.org/show_bug.cgi?id=2711
Your patch, I see is available there too
https://bugzilla.mindrot.org/show_bug.cgi?id=2716
Anyhow, just drawing
2020 May 05
1
[Bug 3159] New: authorized_keys: gap in port forwarding restrictions
https://bugzilla.mindrot.org/show_bug.cgi?id=3159
Bug ID: 3159
Summary: authorized_keys: gap in port forwarding restrictions
Product: Portable OpenSSH
Version: 8.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs
2016 Jan 12
5
[Bug 2524] New: config file option to limit the lifetime of added keys
https://bugzilla.mindrot.org/show_bug.cgi?id=2524
Bug ID: 2524
Summary: config file option to limit the lifetime of added keys
Product: Portable OpenSSH
Version: 7.1p1
Hardware: 68k
OS: Mac OS X
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-agent
Assignee:
2022 Oct 04
40
[Bug 3480] New: tracking bug for openssh-9.1
https://bugzilla.mindrot.org/show_bug.cgi?id=3480
Bug ID: 3480
Summary: tracking bug for openssh-9.1
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Linux
Status: NEW
Keywords: meta
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee:
2019 Oct 01
9
Call for testing: OpenSSH 8.1
Hi,
OpenSSH 8.1p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2015 Feb 01
7
[Bug 2347] New: permitopen doesn't work with unix domain sockets
https://bugzilla.mindrot.org/show_bug.cgi?id=2347
Bug ID: 2347
Summary: permitopen doesn't work with unix domain sockets
Product: Portable OpenSSH
Version: 6.7p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs
2019 Oct 09
0
Announce: OpenSSH 8.1 released
OpenSSH 8.1 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested
2020 Feb 11
3
Identify multiple users doing reverse port FWD with their pubkeys
Hello,
I hope it's the correct ML to get support for "advanced" ssh use
(sorry if it's not the case)
And I would be very grateful if someone could help me on this issue.
Here is my challenge :
- I have X devices (around 30) and one SSH server
- Each of them have a unique public key and create one dynamic reverse
port forwarding on the server
- All of them connect with the
2014 Jun 19
0
[PATCH] permitremoteopen - to limit remote port forwarding per user
Hi,
Here is a patch to limit reverse port forwarding(-R) per user/key on the server.
For example add:
permitremoteopen="8023" ssh-dss AAAAB3NzaC1kc3MAAACBAOUE..
in user's ~/.ssh/authorized_keys server will limit -R to port 8023 only.
an example of violation.
ssh -v -R 8022:127.0.0.1:22 -i.ssh/id_dsa foo at 10.0.0.1
debug1: Remote: Server denied remote port forward request.
2018 Jan 02
3
Restricting port forwarding on remote server
> From: Juanito <juam at posteo.net>
>
> If I create a tunnel like this from the client side,
>
> ssh -nNTv -o ServerAliveInterval=60 -o ServerAliveCountMax=3 -o
IdentitiesOnly=yes -o UserKnownHostsFile=$known_hosts_file -i
/etc/sshquare/id_rsa -R $port:localhost:22 $user@$host
>
> would it be possible on the server side to restrict $port to say 10000
> and
2006 Dec 05
3
[Bug 1267] PermitOpen - Multiple forwards don't works
http://bugzilla.mindrot.org/show_bug.cgi?id=1267
Summary: PermitOpen - Multiple forwards don't works
Product: Portable OpenSSH
Version: v4.5p1
Platform: ix86
OS/Version: Cygwin on NT/2k
Status: NEW
Severity: security
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
2008 Aug 27
18
[Bug 1513] New: CIDR address/masklen matching support for permitopen=
https://bugzilla.mindrot.org/show_bug.cgi?id=1513
Summary: CIDR address/masklen matching support for permitopen=
Product: Portable OpenSSH
Version: 5.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
2012 Apr 28
2
[Bug 2001] New: Document PermitOpen none in man page
https://bugzilla.mindrot.org/show_bug.cgi?id=2001
Bug #: 2001
Summary: Document PermitOpen none in man page
Classification: Unclassified
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: OpenBSD
Status: NEW
Severity: trivial
Priority: P2
Component: Documentation
2011 Nov 06
13
[Bug 1949] New: PermitOpen none option
https://bugzilla.mindrot.org/show_bug.cgi?id=1949
Bug #: 1949
Summary: PermitOpen none option
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.9p1
Platform: All
OS/Version: OpenBSD
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo:
2020 Feb 19
2
[Bug 3123] New: PermitOpen does not allow wildcards for hosts despite what docs say
https://bugzilla.mindrot.org/show_bug.cgi?id=3123
Bug ID: 3123
Summary: PermitOpen does not allow wildcards for hosts despite
what docs say
Product: Portable OpenSSH
Version: 7.2p2
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
2016 Jun 05
5
[Bug 2582] New: Allow PermitOpen to use a wildcard hostname with a fixed port
https://bugzilla.mindrot.org/show_bug.cgi?id=2582
Bug ID: 2582
Summary: Allow PermitOpen to use a wildcard hostname with a
fixed port
Product: Portable OpenSSH
Version: 7.2p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
2008 Aug 22
1
CIDR address/masklen matching support for permitopen="host:port" restrictions?
Dear openssh-unix-dev list,
in OpenSSH 5.1 you introduced CIDR address/masklen matching for "Match address" blocks in sshd_config as well as supporting CIDR matching in ~/.ssh/authorized_keys from="..." restrictions in sshd.
I wonder whether CIDR address/masklen matching will be implemented for permitopen="host:port" restrictions in sshd as well, that would be quite