Date: Thu, 1 Mar 2001 09:58:38 -0700 (MST) From: Nate Williams <nate@yogotech.com> To: Kris Kennaway <kris@obsecurity.org> Cc: Nate Williams <nate@yogotech.com>, "Aaron D.Gifford" <agifford@infowest.com>, freebsd-security@FreeBSD.ORG Subject: Re: ssh tricks (was Re: ssh -t <host> /bin/sh trick (was Re: ftp Message-ID: <15006.32702.776614.341183@nomad.yogotech.com> In-Reply-To: <20010301004422.B14501@mollari.cthul.hu> References: <01022819094900.04839@jardan.infowest.com> <15005.49602.104109.812735@nomad.yogotech.com> <20010301004422.B14501@mollari.cthul.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Are you aware that the FreeBSD SSH installation by default has TCP > > > forwarding enabled? > > > > Yep. Note, the commercial version SSH1 had the ability to turn on/off > > port forwarding on a per-user and/or a per-port options. > > > > So, you could disable/enable all ports but one, and then enable/disable > > the particular port for certain users. > > > > It was pretty nice for setting up 'truly' secure systems that still > > allowed some flexibility. > > > > Too bad this doesn't exist in OpenSSH (or if it does, I haven't found > > it). > > I can't even find mention of this in the ssh.com version - can you > point me to it? It was in the commercial version of their SSH1 product. This was from at least 2 years ago, although I think I still have the product somewhere around here. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15006.32702.776614.341183>