|Main Archive Page > Month Archives > openssh-unix-dev archives|
On Fri, Oct 14, 2011 at 7:13 PM, Damien Miller <firstname.lastname@example.org> wrote:
> It's easier if you use the multiplexing socket.
> ssh -O forward -R0:xxx:yyy host
> will print the allocated port to stdout on success.
I suppose that works, but it'd be better to do this server-side. That way,
the script run on the server doesn't have to trust the client to pass along
correct information. For example, if a client tries forwarding thousands of
ports, the script could reliably detect that and close the connection.
(This is a remote diagnostics script; the remote client is untrusted.)
By the way, it'd be helpful to be able to specify eg. "PermitOpen none"; I
ended up arriving at the same hack that this guy used:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543683. It's minor, but
it'd be nice to be able to do this correctly.
-- Glenn Maynard _______________________________________________ openssh-unix-dev mailing list email@example.com https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev