openssh-unix-dev October 2011 archive
Main Archive Page > Month Archives  > openssh-unix-dev archives
openssh-unix-dev: Re: Determining the port assigned by -R 0

Re: Determining the port assigned by -R 0

From: Glenn Maynard <glenn_at_nospam>
Date: Sun Oct 23 2011 - 14:05:38 GMT

On Fri, Oct 14, 2011 at 7:13 PM, Damien Miller <> wrote:

> It's easier if you use the multiplexing socket.
> ssh -O forward -R0:xxx:yyy host
> will print the allocated port to stdout on success.

I suppose that works, but it'd be better to do this server-side. That way,
the script run on the server doesn't have to trust the client to pass along
correct information. For example, if a client tries forwarding thousands of
ports, the script could reliably detect that and close the connection.
(This is a remote diagnostics script; the remote client is untrusted.)

By the way, it'd be helpful to be able to specify eg. "PermitOpen none"; I
ended up arriving at the same hack that this guy used: It's minor, but
it'd be nice to be able to do this correctly.

-- Glenn Maynard _______________________________________________ openssh-unix-dev mailing list