AllowTcpForwarding openssh v4.5p1-6 (fedora 7) - openssh

This is a discussion on AllowTcpForwarding openssh v4.5p1-6 (fedora 7) - openssh ; Hi ! I was wandering if there's any way to enable tcp forwarding ( for ssh tunnels ) only for specified users, denying all the rest. Thanks. Best regards David...

+ Reply to Thread
Results 1 to 4 of 4

Thread: AllowTcpForwarding openssh v4.5p1-6 (fedora 7)

  1. AllowTcpForwarding openssh v4.5p1-6 (fedora 7)


    Hi !
    I was wandering if there's any way to enable tcp forwarding ( for ssh
    tunnels ) only for specified users, denying all the rest.
    Thanks.
    Best regards
    David


  2. Re: AllowTcpForwarding openssh v4.5p1-6 (fedora 7)

    David Carvalho wrote:
    > I was wandering if there's any way to enable tcp forwarding ( for ssh
    > tunnels ) only for specified users, denying all the rest.


    Look for the Match keyword in sshd_config(5). eg

    AllowTcpForwarding no
    Match User someuser
    AllowTcpForwarding yes

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.


  3. RE: AllowTcpForwarding openssh v4.5p1-6 (fedora 7)

    Thanks. I'll try this.
    Regards
    David


    -----Original Message-----
    From: Darren Tucker [mailto:dtucker@zip.com.au]
    Sent: sexta-feira, 10 de Outubro de 2008 2:52
    To: David Carvalho
    Cc: secureshell@securityfocus.com
    Subject: Re: AllowTcpForwarding openssh v4.5p1-6 (fedora 7)

    David Carvalho wrote:
    > I was wandering if there's any way to enable tcp forwarding ( for ssh
    > tunnels ) only for specified users, denying all the rest.


    Look for the Match keyword in sshd_config(5). eg

    AllowTcpForwarding no
    Match User someuser
    AllowTcpForwarding yes

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.


  4. Re: AllowTcpForwarding openssh v4.5p1-6 (fedora 7)

    "David Carvalho" writes:

    > Hi !
    > I was wandering if there's any way to enable tcp forwarding ( for ssh
    > tunnels ) only for specified users, denying all the rest.



    AllowTcpForwarding can be specified in a Match block.

    HTH

    --
    Dominique Dumont
    "Delivering successful solutions requires giving people what they
    need, not what they want." Kurt Bittner


+ Reply to Thread