Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 04 Mar 2001 00:17:34 -0600
From:      "Jim C. Nasby" <jim@nasby.net>
To:        freebsd-stable@freebsd.org
Subject:   SSH using un-privileged ports
Message-ID:  <3AA1DDFE.B9DDD347@nasby.net>

next in thread | raw e-mail | index | archive | help
Has OpenSSH in -stable changed recently to cause it not to connect from
a privileged port? My old firewall rules have suddenly stopped working,
and netstat reveals that ssh is now creating outbound connections from
ports >1023. I've verified that /etc/ssh/ssh_config has
UsePrivilegedPort yes, and have even tried doing 'ssh -o
"UsePrivilegedPort yes" hostname'.

The only reason I really care is that it seems to be marginally safer to
allow from any 0-1023 to any 22 than from any to any 22, but maybe I'm
just dreaming here... :) In any case, this does seem to be at odds with
the way OpenSSH is supposed to work, according to the man page.

my /etc/ssh/ssh_config:
Host *
        ForwardAgent yes
        UsePrivilegedPort yes

-- 
Jim C. Nasby (aka Decibel!)                                  /^\ 
jim@nasby.net                                               /___\
Freelance lighting designer and database developer         /  |  \
Member: Triangle Fraternity, Sports Car Club of America   /___|___\

Give your computer some brain candy! www.distributed.net Team #1828
Get paid to surf!! http://www.enteract.com/~nasby/alladvantage.html

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AA1DDFE.B9DDD347>