From owner-freebsd-security Fri Jul 30 22:41:55 1999 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id CE74D151B3 for ; Fri, 30 Jul 1999 22:41:52 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id XAA78435; Fri, 30 Jul 1999 23:41:51 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id XAA86286; Fri, 30 Jul 1999 23:43:47 -0600 (MDT) Message-Id: <199907310543.XAA86286@harmony.village.org> To: "James C. Durham" Subject: Re: SSH2 Won't forward priviledged ports Cc: freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Wed, 28 Jul 1999 00:22:57 EDT." <379E85A1.1E734862@w2xo.pgh.pa.us> References: <379E85A1.1E734862@w2xo.pgh.pa.us> Date: Fri, 30 Jul 1999 23:43:47 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <379E85A1.1E734862@w2xo.pgh.pa.us> "James C. Durham" writes: : I can forward ports > 1024, but not < 1024. Feature. Unless you are root, you cannot bind to those ports. : Somehow, even though I'm being authenticated as root : for login purposes, I'm not being authenticated for port : forwarding. I've made keys for both the client and : server machines for root. Are you root on the client machine, if not then your ssh process cannot bind to low numbered ports. The kernel will not allow it. If you are root when you run the ssh to the remote machine (and not merely be authorized for root login on the remote machine), then you have found a bug in ssh. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message