Restrict Tunneling thru SSH

Trevor Sullivan pcgeek86 at gmail.com
Fri Jul 22 20:02:28 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
 
Hornet wrote:

> On 7/21/05, Trevor Sullivan <pcgeek86 at gmail.com> wrote:
>
>> Hello list, I am curious as to whether or not it is possible to
>> restrict certain users from tunneling traffic through SSH. I
>> would like to be able to tunnel my own traffic, but provide user
>> logins that are restricted from accessing the rest of my inside
>> network. Is it possible to restrict this by user? Thanks
>>
>> Trevor
>
> I'm pretty sure it is an all or nothing config option in sshd.conf
> in the global sense. But you can make specific options for specific
> hosts.
>
So could I possibly restrict SSH tunneling by IP (host)? I guess my
concern is that if I create a user account, it will be able to tunnel
to other machines on my network w/o restriction. Is the way to do this
maybe a DMZ or separate VLAN?

Trevor
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
 
iD8DBQFC4VNYoGycRpOgdeERA319AJ0Q44VnovrE/nqGuTnB3NfAnb42IgCfRPot
OL28pYsfdGzXBe7oF9OuLSE=
=AcY1
-----END PGP SIGNATURE-----



More information about the freebsd-questions mailing list