|
|
|
|
|
|
by egberts1
1658 days ago
|
|
|
Bastion SSH? This new-finagle “airgapt” makes GatewayPorts sshd_option setting of OpenSSL kinda useless? My code review notes says: # GatewayPorts specifies whether remote hosts are
# allowed to connect to ports forwarded for the
# client. By default, sshd(8) binds remote port
# forwardings to the loopback address. This prevents
# other remote hosts from connecting to forwarded
# ports. GatewayPorts can be used to specify that sshd
# should allow remote port forwardings to bind to
# non-loopback addresses, thus allowing other hosts to
# connect. The argument may be no to force remote port
# forwardings to be available to the local host only,
# yes to force remote port forwardings to bind to the
# wildcard address, or clientspecified to allow the
# client to select the address to which the forwarding
# is bound.
#
# CLI option: -o
# options.fwd_opts.gateway_ports/channel_fwd_bind_addr()/channel_setup_fwd_listener_tcpip()/channel_setup_remote_fwd_listener()
# options.fwd_opts.gateway_ports/channel_fwd_bind_addr()/channel_setup_fwd_listener_tcpip()/channel_setup_local_fwd_listener()
# GatewayPorts defaults to 'no'.
|
|
|
Thank you for the feedback!
https://github.com/AkselAllas/airgapt/issues/1