From owner-freebsd-security Sun Aug 1 14:24:56 1999 Delivered-To: freebsd-security@freebsd.org Received: from w2xo.pgh.pa.us (w2xo.pgh.pa.us [206.210.70.5]) by hub.freebsd.org (Postfix) with ESMTP id C372414DE2 for ; Sun, 1 Aug 1999 14:24:52 -0700 (PDT) (envelope-from durham@w2xo.pgh.pa.us) Received: from w2xo.pgh.pa.us (shazam.internal [10.0.0.3]) by w2xo.pgh.pa.us (8.9.2/8.9.1) with ESMTP id VAA07339; Sun, 1 Aug 1999 21:23:38 GMT (envelope-from durham@w2xo.pgh.pa.us) Message-ID: <37A4BADC.4CCC3CA0@w2xo.pgh.pa.us> Date: Sun, 01 Aug 1999 17:23:40 -0400 From: "James C. Durham" Organization: dis- X-Mailer: Mozilla 4.61 [en] (X11; U; FreeBSD 3.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Warner Losh Cc: freebsd-security@FreeBSD.ORG Subject: Re: SSH2 Won't forward priviledged ports References: <379E85A1.1E734862@w2xo.pgh.pa.us> <199907310543.XAA86286@harmony.village.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Warner Losh wrote: > > In message <379E85A1.1E734862@w2xo.pgh.pa.us> "James C. Durham" writes: > : I can forward ports > 1024, but not < 1024. > > Feature. Unless you are root, you cannot bind to those ports. > > : Somehow, even though I'm being authenticated as root > : for login purposes, I'm not being authenticated for port > : forwarding. I've made keys for both the client and > : server machines for root. > > Are you root on the client machine, if not then your ssh My apologies. I thought I had posted to this group with the resolution of my problems, but in case I did not, rebooting the server fixed the problem. Several of us discussed this and it seems that something must still have been listening on those ports, even though I had commented out those services in inetd.conf and issued a kill -1 to inetd (at least I *think* I did!). The group's best guess was that I forgot to do the kill -1 . They're probably right... regards, -- Jim Durham To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message