diff options
author | Damien Miller <djm@mindrot.org> | 2006-07-24 14:04:00 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2006-07-24 14:04:00 +1000 |
commit | 9b439df18a9d56683584811ce38dcf72acd4cb20 (patch) | |
tree | dc7d64d4ae9ce7c47d52804671e8b5d2aedddae3 /ChangeLog | |
parent | 98299261eb970688a7bad346491cffdf2a7f6072 (diff) |
- dtucker@cvs.openbsd.org 2006/07/17 12:06:00
[channels.c channels.h servconf.c sshd_config.5]
Add PermitOpen directive to sshd_config which is equivalent to the
"permitopen" key option. Allows server admin to allow TCP port
forwarding only two specific host/port pairs. Useful when combined
with Match.
If permitopen is used in both sshd_config and a key option, both
must allow a given connection before it will be permitted.
Note that users can still use external forwarders such as netcat,
so to be those must be controlled too for the limits to be effective.
Feedback & ok djm@, man page corrections & ok jmc@.
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 13 |
1 files changed, 12 insertions, 1 deletions
@@ -26,6 +26,17 @@ | |||
26 | - dtucker@cvs.openbsd.org 2006/07/17 12:02:24 | 26 | - dtucker@cvs.openbsd.org 2006/07/17 12:02:24 |
27 | [auth-options.c] | 27 | [auth-options.c] |
28 | Use '\0' rather than 0 to terminates strings; ok djm@ | 28 | Use '\0' rather than 0 to terminates strings; ok djm@ |
29 | - dtucker@cvs.openbsd.org 2006/07/17 12:06:00 | ||
30 | [channels.c channels.h servconf.c sshd_config.5] | ||
31 | Add PermitOpen directive to sshd_config which is equivalent to the | ||
32 | "permitopen" key option. Allows server admin to allow TCP port | ||
33 | forwarding only two specific host/port pairs. Useful when combined | ||
34 | with Match. | ||
35 | If permitopen is used in both sshd_config and a key option, both | ||
36 | must allow a given connection before it will be permitted. | ||
37 | Note that users can still use external forwarders such as netcat, | ||
38 | so to be those must be controlled too for the limits to be effective. | ||
39 | Feedback & ok djm@, man page corrections & ok jmc@. | ||
29 | 40 | ||
30 | 20060713 | 41 | 20060713 |
31 | - (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h | 42 | - (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h |
@@ -4944,4 +4955,4 @@ | |||
4944 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 4955 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
4945 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 4956 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
4946 | 4957 | ||
4947 | $Id: ChangeLog,v 1.4414 2006/07/24 04:01:43 djm Exp $ | 4958 | $Id: ChangeLog,v 1.4415 2006/07/24 04:04:00 djm Exp $ |