LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-14-2009, 04:39 AM   #1
adrya
LQ Newbie
 
Registered: Aug 2009
Posts: 1

Rep: Reputation: 0
Question Restrict openssh REMOTE port-forward


Hi,

I want client X to be able to connect with this command: ssh -L 30300:localhost:8080 -R 1037:localhost:55555
Client Y to be able to connect with: ssh -L 30300:localhost:8080 -R
1038:localhost:55555
and so on
but client Y should be forbidden to connect with: ssh -L
30300:localhost:8080 -R 1037:localhost:55555

If client X has remote port 1037 on the server then client Y should be
forbidden to do remote port-forwarding on port 1037 if client X is not
connected.

Can't it be restricted somehow with some Linux commands, or openssh configuration?

I mean restrict only client X (which is behind a certain ip address)
to listen to port 1037 on the server.

I'm not Linux user, and have minimal knowledge about Linux, but maybe
someone knows...

Thank you,
Adriana
 
Old 08-16-2009, 02:28 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,397

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
No, SSH doesn't provide that level of flexibility, but you could possibly run two seperate instances of sshd and control which clients are allowed to connect to it in the first place using tcpwrappers.
 
  


Reply

Tags
openssh, port forwarding


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
If I forward a port in iptables, does the port have to be open on the firewall? qwertyjjj Linux - Server 4 08-06-2009 09:22 AM
openssh & vnc (secure remote access) O(V)eGA_l2el) Fedora 1 10-18-2006 05:08 AM
openssh and port forwarding rm103 Linux - Security 2 07-08-2003 12:18 AM
Maximum tcp port for OPENSSH yuzuohong Linux - General 1 04-04-2003 04:27 PM
Forward port port 80 to lan web server dulaus Linux - Networking 9 10-04-2002 03:45 AM


All times are GMT -5. The time now is 01:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration