diff options
| author | Damien Miller <djm@mindrot.org> | 2001-03-19 23:16:08 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2001-03-19 23:16:08 +1100 |
| commit | a243fde4773f4257feeeaf4f9a7a2e01bf68ca37 (patch) | |
| tree | 1286758f4de154513f6f8cc3e4b2c05c394b11cd | |
| parent | c2c5d9fd3b56b3209a19e5e6b3de0528812a2e7d (diff) | |
- djm@cvs.openbsd.org 2001/03/19 12:10:17
[sshd.8]
Document permitopen authorized_keys option; ok markus@
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | sshd.8 | 13 |
2 files changed, 14 insertions, 2 deletions
@@ -22,6 +22,7 @@ specifically version match on ssh scanners. do not log scan information to the console - djm@cvs.openbsd.org 2001/03/19 12:10:17 + [sshd.8] Document permitopen authorized_keys option; ok markus@ 20010318 @@ -4622,4 +4623,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.982 2001/03/19 12:16:08 djm Exp $ +$Id: ChangeLog,v 1.983 2001/03/19 12:16:14 djm Exp $ @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.106 2001/03/07 01:19:06 deraadt Exp $ +.\" $OpenBSD: sshd.8,v 1.107 2001/03/19 12:10:17 djm Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -852,6 +852,15 @@ Forbids authentication agent forwarding when this key is used for authentication. .It Cm no-pty Prevents tty allocation (a request to allocate a pty will fail). +.It Cm permitopen="host:port" +Limit local +.Li ``ssh -L'' +port-forwading such that it may only connect to the specified host and +port. Multiple +.Cm permitopen +options may be applied seperated by commas. No pattern matching is +performed on the specified hostnames, they must be literal domains or +addresses. .El .Ss Examples 1024 33 12121.\|.\|.\|312314325 ylo@foo.bar @@ -859,6 +868,8 @@ Prevents tty allocation (a request to allocate a pty will fail). from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula .Pp command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi +.Pp +permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323 .Sh SSH_KNOWN_HOSTS FILE FORMAT The .Pa /etc/ssh_known_hosts , |