It seems to be a good idea. Thanks for hint.

-----Original Message-----
From: CentrinO [mailto:sadlo007@seznam.cz]
Sent: Tuesday, January 02, 2007 9:29 PM
To: Rajmon, Ond=F8ej
Subject: Re: Is it secure to run a ssh client as root?


Ondrej.Rajmon@cuzk.cz wrote:
> Hello,=20
> I have a question that's rather theoretical than technical. I need to =

forward a privileged local port (80). As described in the ssh's manuall =
page, I need to run my ssh client as root. Can you tell me your opinion =
about security of such solution? What's the probability that somebody =
tries to attack a system thru a ssh client and will be succesfull (I =
mean compared to attacks thru a sshd (server) if it makes some =
differents)? Is such solution advisable for communication thru the =
Internet?=20
> Ondrej=20
>
> =20

what about let the client use port for example 8080 and NAT localy=20
connection to port 80?
something like:
iptables -t nat -I PREROUTING -p tcp -m tcp -d --dport 80 -j=20
DNAT --to-destination 8080

Works fine and it is able to start SSH as unpriviledged user

Have a nice day

--=20
David "CentrinO" Kunes
Mail: centrino@perl.cz
ICQ : 87038956

Nen=ED v=ECt=B9=EDho lichotn=EDka, ne=BE jak=FDm je =E8lov=ECk s=E1m =
sob=EC, a nen=ED lep=B9=EDho l=E9ku proti tomuto lichocen=ED, ne=BE =
up=F8=EDmnost p=F8=EDtele.
-- Francis Bacon