From owner-freebsd-stable Tue Nov 14 10:42:16 2000 Delivered-To: freebsd-stable@freebsd.org Received: from earth.backplane.com (placeholder-dcat-1076843399.broadbandoffice.net [64.47.83.135]) by hub.freebsd.org (Postfix) with ESMTP id EE15037B4D7; Tue, 14 Nov 2000 10:42:09 -0800 (PST) Received: (from dillon@localhost) by earth.backplane.com (8.11.1/8.9.3) id eAEIg1Q48292; Tue, 14 Nov 2000 10:42:01 -0800 (PST) (envelope-from dillon) Date: Tue, 14 Nov 2000 10:42:01 -0800 (PST) From: Matt Dillon Message-Id: <200011141842.eAEIg1Q48292@earth.backplane.com> To: Josef Karthauser Cc: "Chad R. Larson" , freebsd-stable@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: source IP address References: <200011132148.OAA09159@freeway.dcfinc.com> <200011140259.eAE2xDZ43286@earth.backplane.com> <20001114111341.E48364@pavilion.net> Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG : :On Mon, Nov 13, 2000 at 06:59:13PM -0800, Matt Dillon wrote: :> :> Some programs, such as ping and traceroute, allow you to bind :> to a specific source IP address. Most programs don't, though. :> :> -Matt : :Telnet does. It would be really used if ssh did also. : :Joe :-- :Josef Karthauser FreeBSD: How many times have you booted today? :Technical Manager Viagra for your server (http://www.uk.freebsd.org) :Pavilion Internet plc. [joe@pavilion.net, joe@uk.freebsd.org, joe@tao.org.uk] Yah, it would be really nice if ssh did too... I have a box with five IP addresses on it, some externally routed, some NAT'd, some internal, and ssh'ing out from it without being able to bind to a specific IP makes setting up security difficult. It's utterly trivial to add, but I don't have time myself. It is possible to use a jail to force the source IP address, but jail's do not appear to work well with interactive tty's. ssh gets really confused when run from a jail. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message