diff options
| author |   djm <djm@openbsd.org> | 2012-12-02 20:46:11 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2012-12-02 20:46:11 +0000 |
| commit | 328b233bd8342295a391d5ebb0817b22d2e6c68c (patch) | |
| tree | 0985f5f4938559dd61a16db7bef1bbae94c889c3 /usr.bin/ssh/sshd_config.5 | |
| parent | make deleting explicit keys "ssh-add -d" symmetric with adding keys - (diff) | |
| download | wireguard-openbsd-328b233bd8342295a391d5ebb0817b22d2e6c68c.tar.xz wireguard-openbsd-328b233bd8342295a391d5ebb0817b22d2e6c68c.zip | |
make AllowTcpForwarding accept "local" and "remote" in addition to its
current "yes"/"no" to allow the server to specify whether just local or
remote TCP forwarding is enabled. ok markus@
Diffstat (limited to 'usr.bin/ssh/sshd_config.5')
| -rw-r--r-- | usr.bin/ssh/sshd_config.5 | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5 index 91935d0291a..4d16bd35518 100644 --- a/usr.bin/ssh/sshd_config.5 +++ b/usr.bin/ssh/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.149 2012/11/04 11:09:15 djm Exp $ -.Dd $Mdocdate: November 4 2012 $ +.\" $OpenBSD: sshd_config.5,v 1.150 2012/12/02 20:46:11 djm Exp $ +.Dd $Mdocdate: December 2 2012 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -124,6 +124,18 @@ in for more information on patterns. .It Cm AllowTcpForwarding Specifies whether TCP forwarding is permitted. +The available options are +.Dq yes +or +.Dq all +to allow TCP forwarding, +.Dq no +to prevent all TCP forwarding, +.Dq local +to allow local (from the perspective of +.Xr ssh 1 ) forwarding only or +.Dq remote +to allow remote forwarding only. The default is .Dq yes . Note that disabling TCP forwarding does not improve security unless |