Secure Shell
Re: Port forwarding and access restriction Feb 01 2010 08:10PM
Michael Goffioul (michael goffioul lincor com) (1 replies)
Re: Port forwarding and access restriction Feb 02 2010 10:20PM
Derek Martin (code pizzashack org)
On Mon, Feb 01, 2010 at 08:10:36PM +0000, Michael Goffioul wrote:
> Now the user uses a VNC client to connect to A:36725. What I'd like
> to know is whether I can impose access restriction on A:36725, for
> instance by limiting the number of accepted connections.

As someone else already mentioned, you can't do this with OpenSSH.
You can, however, do it with some sort of firewall software. They
posted instructions for using Linux's kernel-based firewall software;
if you're not using Linux, there should be a similar thing available
for your OS (though if it's a commercial OS, you will likely need
commercial software).

> In your answer, you mention settings in sshd_config. These are for
> the SSH daemon, right?

Yes, sshd_config controls the ssh daemon.

> Do these also apply to the SSH client that is doing port forwarding?

No; or more exactly, only to the extent that the SSH server exerts
control over connecting clients (but generally no).

Derek D. Martin
GPG Key ID: 0x81CFE75D

Version: GnuPG v1.4.5 (GNU/Linux)


[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus