diff options
| author | Damien Miller <djm@mindrot.org> | 2005-12-13 19:29:02 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2005-12-13 19:29:02 +1100 |
| commit | d27b947178df3689bfb7fdfb62a5f1337ef73481 (patch) | |
| tree | c8678325c355b3602bdabca16da1baa8707818eb /sshd.8 | |
| parent | 6dbdb6afeec1820b2799c2693fc8e8b364be8228 (diff) | |
- reyk@cvs.openbsd.org 2005/12/06 22:38:28
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
[misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
[serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
[sshconnect.h sshd.8 sshd_config sshd_config.5]
Add support for tun(4) forwarding over OpenSSH, based on an idea and
initial channel code bits by markus@. This is a simple and easy way to
use OpenSSH for ad hoc virtual private network connections, e.g.
administrative tunnels or secure wireless access. It's based on a new
ssh channel and works similar to the existing TCP forwarding support,
except that it depends on the tun(4) network interface on both ends of
the connection for layer 2 or layer 3 tunneling. This diff also adds
support for LocalCommand in the ssh(1) client.
ok djm@, markus@, jmc@ (manpages), tested and discussed with others
Diffstat (limited to 'sshd.8')
| -rw-r--r-- | sshd.8 | 10 |
1 files changed, 9 insertions, 1 deletions
| @@ -34,7 +34,7 @@ | |||
| 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 36 | .\" | 36 | .\" |
| 37 | .\" $OpenBSD: sshd.8,v 1.208 2005/06/08 03:50:00 djm Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.209 2005/12/06 22:38:28 reyk Exp $ |
| 38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
| 39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
| 40 | .Os | 40 | .Os |
| @@ -518,6 +518,12 @@ Multiple | |||
| 518 | options may be applied separated by commas. | 518 | options may be applied separated by commas. |
| 519 | No pattern matching is performed on the specified hostnames, | 519 | No pattern matching is performed on the specified hostnames, |
| 520 | they must be literal domains or addresses. | 520 | they must be literal domains or addresses. |
| 521 | .It Cm tunnel="n" | ||
| 522 | Force a | ||
| 523 | .Xr tun 4 | ||
| 524 | device on the server. | ||
| 525 | Without this option, the next available device will be used if | ||
| 526 | the client requests a tunnel. | ||
| 521 | .El | 527 | .El |
| 522 | .Ss Examples | 528 | .Ss Examples |
| 523 | 1024 33 12121...312314325 ylo@foo.bar | 529 | 1024 33 12121...312314325 ylo@foo.bar |
| @@ -527,6 +533,8 @@ from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula | |||
| 527 | command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 backup.hut.fi | 533 | command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 backup.hut.fi |
| 528 | .Pp | 534 | .Pp |
| 529 | permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323 | 535 | permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323 |
| 536 | .Pp | ||
| 537 | tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== reyk@openbsd.org | ||
| 530 | .Sh SSH_KNOWN_HOSTS FILE FORMAT | 538 | .Sh SSH_KNOWN_HOSTS FILE FORMAT |
| 531 | The | 539 | The |
| 532 | .Pa /etc/ssh/ssh_known_hosts | 540 | .Pa /etc/ssh/ssh_known_hosts |