This is a discussion on Re: tunneled ports not working - openssh ; --- "Turner, Carl H [NTNTK wrote: > OpOpenSSH.9 server (packaged by HP - HP-UXUXecure > Shell-A.03.91.002) / > PuPuTTY.56 client / DSDSA024 key... > > Any reason why a tunneled port would work when I use > password auauthand > ...
--- "Turner, Carl H [NTNTK
> OpOpenSSH.9 server (packaged by HP - HP-UXUXecure
> Shell-A.03.91.002) /
> PuPuTTY.56 client / DSDSA024 key...
> Any reason why a tunneled port would work when I use
> password auauthand
> not work when I use public/private keys for auauth
> The use of a key doesn't seem to make a difference
> when using an OpOpenSSH> client, only with
PuPuTTYHere's a snapshot of the
> log file dumped by
In fact this is often used to prevent unauthorized
port redirects. But in order for it to be effective,
you must prohibit password authentication and only
permit key authentication.
At the beginning of the entry in the authorized_key
file, you would have:
So, the first part of the key entry in authorized_keys
Then when the above owner of the key entry connects,
the only port redirect they'd be able to build would
be one where they try to get 127.0.0.1:80.
If they try other port redirects, they will get a
Check what is in the authorized_keys file of the
This is described in section 8 of the sssshdamanpage
Do you Yahoo!?
Yahoo! Small Business - Try our new resources site!