- pyr@cvs.openbsd.org 2008/05/07 05:49:37

[servconf.c servconf.h session.c sshd_config.5] Enable the AllowAgentForwarding option in sshd_config (global and match context), to specify if agents should be permitted on the server. As the man page states: ``Note that disabling Agent forwarding does not improve security unless users are also denied shell access, as they can always install their own forwarders.'' ok djm@, ok and a mild frown markus@
author: Damien Miller <djm@mindrot.org> 2008-05-19 14:57:41 +1000
committer: Damien Miller <djm@mindrot.org> 2008-05-19 14:57:41 +1000
commit: 4f755cdc05f5c6dee7cb1894f8d3bcaee33443d0 (patch)
tree: 73c05a3429a9d63d32b373fd3bd92900d43883da /servconf.h
parent: bacb7fbd7e7716a4d3148769d43d8896cbfb2c54 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/servconf.h b/servconf.h
index 5b88067db..aaf87cd18 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.82 2008/02/13 22:38:17 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.83 2008/05/07 05:49:37 pyr Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -101,6 +101,7 @@ typedef struct {
        int     use_login;      /* If true, login(1) is used */
        int     compression;    /* If true, compression is allowed */
        int     allow_tcp_forwarding;
+        int     allow_agent_forwarding;
        u_int num_allow_users;
        char   *allow_users[MAX_ALLOW_USERS];
        u_int num_deny_users;
author	Damien Miller <djm@mindrot.org>	2008-05-19 14:57:41 +1000
committer	Damien Miller <djm@mindrot.org>	2008-05-19 14:57:41 +1000
commit	4f755cdc05f5c6dee7cb1894f8d3bcaee33443d0 (patch)
tree	73c05a3429a9d63d32b373fd3bd92900d43883da /servconf.h
parent	bacb7fbd7e7716a4d3148769d43d8896cbfb2c54 (diff)