LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Restrict openssh REMOTE port-forward
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 08-14-2009, 04:39 AM   #1
adrya
LQ Newbie
 
Registered: Aug 2009
Posts: 1

Rep: Reputation: 0
Question Restrict openssh REMOTE port-forward

Hi,

I want client X to be able to connect with this command: ssh -L 30300:localhost:8080 -R 1037:localhost:55555
Client Y to be able to connect with: ssh -L 30300:localhost:8080 -R
1038:localhost:55555
and so on
but client Y should be forbidden to connect with: ssh -L
30300:localhost:8080 -R 1037:localhost:55555

If client X has remote port 1037 on the server then client Y should be
forbidden to do remote port-forwarding on port 1037 if client X is not
connected.

Can't it be restricted somehow with some Linux commands, or openssh configuration?

I mean restrict only client X (which is behind a certain ip address)
to listen to port 1037 on the server.

I'm not Linux user, and have minimal knowledge about Linux, but maybe
someone knows...

Thank you,
Adriana
 
Old 08-16-2009, 02:28 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 39,855

Rep: Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121
No, SSH doesn't provide that level of flexibility, but you could possibly run two seperate instances of sshd and control which clients are allowed to connect to it in the first place using tcpwrappers.
 
  


Reply

Tags
openssh, port forwarding


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
If I forward a port in iptables, does the port have to be open on the firewall? qwertyjjj Linux - Server 4 08-06-2009 09:22 AM
openssh & vnc (secure remote access) O(V)eGA_l2el) Fedora 1 10-18-2006 05:08 AM
openssh and port forwarding rm103 Linux - Security 2 07-08-2003 12:18 AM
Maximum tcp port for OPENSSH yuzuohong Linux - General 1 04-04-2003 04:27 PM
Forward port port 80 to lan web server dulaus Linux - Networking 9 10-04-2002 03:45 AM


All times are GMT -5. The time now is 11:19 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration