Date: Fri, 22 Jul 2005 15:13:12 -0500 From: Trevor Sullivan <pcgeek86@gmail.com> To: Hornet <hornetmadness@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Restrict Tunneling thru SSH Message-ID: <42E15358.7010709@gmail.com> In-Reply-To: <f42935a6050721194824d33861@mail.gmail.com> References: <42E04707.5050405@gmail.com> <f42935a6050721194824d33861@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hornet wrote: > On 7/21/05, Trevor Sullivan <pcgeek86@gmail.com> wrote: > >> Hello list, I am curious as to whether or not it is possible to >> restrict certain users from tunneling traffic through SSH. I >> would like to be able to tunnel my own traffic, but provide user >> logins that are restricted from accessing the rest of my inside >> network. Is it possible to restrict this by user? Thanks >> >> Trevor > > I'm pretty sure it is an all or nothing config option in sshd.conf > in the global sense. But you can make specific options for specific > hosts. > So could I possibly restrict SSH tunneling by IP (host)? I guess my concern is that if I create a user account, it will be able to tunnel to other machines on my network w/o restriction. Is the way to do this maybe a DMZ or separate VLAN? Trevor -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) iD8DBQFC4VNYoGycRpOgdeERA319AJ0Q44VnovrE/nqGuTnB3NfAnb42IgCfRPot OL28pYsfdGzXBe7oF9OuLSE= =AcY1 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42E15358.7010709>