diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-09-12 17:54:24 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-09-12 17:54:24 +0000 |
commit | 19ceb17040ba3c93833d4219d83f2002d25fd3fa (patch) | |
tree | 3676cfbabd3a6c6a41f178b1109acee58c1edbcb | |
parent | 6f672c09545b730a8763b42bf5418463f6ae2679 (diff) |
- stevesk@cvs.openbsd.org 2001/08/29 23:13:10
[ssh.1 ssh.c]
document -D and DynamicForward; ok markus
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | ssh.1 | 27 | ||||
-rw-r--r-- | ssh.c | 3 |
3 files changed, 32 insertions, 3 deletions
@@ -49,6 +49,9 @@ | |||
49 | - stevesk@cvs.openbsd.org 2001/08/29 23:02:21 | 49 | - stevesk@cvs.openbsd.org 2001/08/29 23:02:21 |
50 | [sshd.8] | 50 | [sshd.8] |
51 | add text about -u0 preventing DNS requests; ok markus@ | 51 | add text about -u0 preventing DNS requests; ok markus@ |
52 | - stevesk@cvs.openbsd.org 2001/08/29 23:13:10 | ||
53 | [ssh.1 ssh.c] | ||
54 | document -D and DynamicForward; ok markus@ | ||
52 | 55 | ||
53 | 20010815 | 56 | 20010815 |
54 | - (bal) Fixed stray code in readconf.c that went in by mistake. | 57 | - (bal) Fixed stray code in readconf.c that went in by mistake. |
@@ -6372,4 +6375,4 @@ | |||
6372 | - Wrote replacements for strlcpy and mkdtemp | 6375 | - Wrote replacements for strlcpy and mkdtemp |
6373 | - Released 1.0pre1 | 6376 | - Released 1.0pre1 |
6374 | 6377 | ||
6375 | $Id: ChangeLog,v 1.1499 2001/09/12 17:51:55 mouring Exp $ | 6378 | $Id: ChangeLog,v 1.1500 2001/09/12 17:54:24 mouring Exp $ |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: ssh.1,v 1.132 2001/08/28 15:39:48 markus Exp $ | 37 | .\" $OpenBSD: ssh.1,v 1.133 2001/08/29 23:13:11 stevesk Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSH 1 | 39 | .Dt SSH 1 |
40 | .Os | 40 | .Os |
@@ -606,6 +606,20 @@ Privileged ports can be forwarded only when | |||
606 | logging in as root on the remote machine. | 606 | logging in as root on the remote machine. |
607 | IPv6 addresses can be specified with an alternative syntax: | 607 | IPv6 addresses can be specified with an alternative syntax: |
608 | .Ar port/host/hostport | 608 | .Ar port/host/hostport |
609 | .It Fl D Ar port | ||
610 | Specifies a local | ||
611 | .Dq dynamic | ||
612 | application-level port forwarding. | ||
613 | This works by allocating a socket to listen to | ||
614 | .Ar port | ||
615 | on the local side, and whenever a connection is made to this port, the | ||
616 | connection is forwarded over the secure channel, and the application | ||
617 | protocol is then used to determine where to connect to from the | ||
618 | remote machine. Currently the SOCKS4 protocol is supported, and | ||
619 | .Nm | ||
620 | will act as a SOCKS4 server. | ||
621 | Only root can forward privileged ports. | ||
622 | Dynamic port forwardings can also be specified in the configuration file. | ||
609 | .It Fl 1 | 623 | .It Fl 1 |
610 | Forces | 624 | Forces |
611 | .Nm | 625 | .Nm |
@@ -773,6 +787,17 @@ back to rsh or exiting. | |||
773 | The argument must be an integer. | 787 | The argument must be an integer. |
774 | This may be useful in scripts if the connection sometimes fails. | 788 | This may be useful in scripts if the connection sometimes fails. |
775 | The default is 1. | 789 | The default is 1. |
790 | .It Cm DynamicForward | ||
791 | Specifies that a TCP/IP port on the local machine be forwarded | ||
792 | over the secure channel, and the application | ||
793 | protocol is then used to determine where to connect to from the | ||
794 | remote machine. The argument must be a port number. | ||
795 | Currently the SOCKS4 protocol is supported, and | ||
796 | .Nm | ||
797 | will act as a SOCKS4 server. | ||
798 | Multiple forwardings may be specified, and | ||
799 | additional forwardings can be given on the command line. Only | ||
800 | the superuser can forward privileged ports. | ||
776 | .It Cm EscapeChar | 801 | .It Cm EscapeChar |
777 | Sets the escape character (default: | 802 | Sets the escape character (default: |
778 | .Ql ~ ) . | 803 | .Ql ~ ) . |
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: ssh.c,v 1.139 2001/08/28 15:39:48 markus Exp $"); | 42 | RCSID("$OpenBSD: ssh.c,v 1.140 2001/08/29 23:13:10 stevesk Exp $"); |
43 | 43 | ||
44 | #include <openssl/evp.h> | 44 | #include <openssl/evp.h> |
45 | #include <openssl/err.h> | 45 | #include <openssl/err.h> |
@@ -194,6 +194,7 @@ usage(void) | |||
194 | fprintf(stderr, " -R listen-port:host:port Forward remote port to local address\n"); | 194 | fprintf(stderr, " -R listen-port:host:port Forward remote port to local address\n"); |
195 | fprintf(stderr, " These cause %s to listen for connections on a port, and\n", __progname); | 195 | fprintf(stderr, " These cause %s to listen for connections on a port, and\n", __progname); |
196 | fprintf(stderr, " forward them to the other side by connecting to host:port.\n"); | 196 | fprintf(stderr, " forward them to the other side by connecting to host:port.\n"); |
197 | fprintf(stderr, " -D port Enable dynamic application-level port forwarding.\n"); | ||
197 | fprintf(stderr, " -C Enable compression.\n"); | 198 | fprintf(stderr, " -C Enable compression.\n"); |
198 | fprintf(stderr, " -N Do not execute a shell or command.\n"); | 199 | fprintf(stderr, " -N Do not execute a shell or command.\n"); |
199 | fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n"); | 200 | fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n"); |