diff options
author | jmc <jmc@openbsd.org> | 2006-01-07 16:42:16 +0000 |
---|---|---|
committer | jmc <jmc@openbsd.org> | 2006-01-07 16:42:16 +0000 |
commit | 76fa9c97a44c2f1e7613e8c486b979ec9fe33b25 (patch) | |
tree | de0fa6c903f9b462328bd78e5aa3cd7ff545cf47 /usr.sbin/authpf | |
parent | kill trailing whitespace; (diff) | |
download | wireguard-openbsd-76fa9c97a44c2f1e7613e8c486b979ec9fe33b25.tar.xz wireguard-openbsd-76fa9c97a44c2f1e7613e8c486b979ec9fe33b25.zip |
expand the section on ssh tunnelling machanisms;
from michael knudsen
Diffstat (limited to 'usr.sbin/authpf')
-rw-r--r-- | usr.sbin/authpf/authpf.8 | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/usr.sbin/authpf/authpf.8 b/usr.sbin/authpf/authpf.8 index 2e95e37d980..5a15b8c8e07 100644 --- a/usr.sbin/authpf/authpf.8 +++ b/usr.sbin/authpf/authpf.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: authpf.8,v 1.40 2005/09/23 14:36:46 jmc Exp $ +.\" $OpenBSD: authpf.8,v 1.41 2006/01/07 16:42:16 jmc Exp $ .\" .\" Copyright (c) 2002 Bob Beck (beck@openbsd.org>. All rights reserved. .\" @@ -225,8 +225,11 @@ it becomes unresponsive, or if arp or address spoofing is used to hijack the session. Note that TCP keepalives are not sufficient for this, since they are not secure. -Also note that +Also note that the various SSH tunnelling mechanisms, +such as .Ar AllowTcpForwarding +and +.Ar PermitTunnel , should be disabled for .Nm users to prevent them from circumventing restrictions imposed by the |