version 1.301, 2018/06/07 11:26:14 |
version 1.302, 2018/06/19 02:59:41 |
|
|
.It Cm no-X11-forwarding |
.It Cm no-X11-forwarding |
Forbids X11 forwarding when this key is used for authentication. |
Forbids X11 forwarding when this key is used for authentication. |
Any X11 forward requests by the client will return an error. |
Any X11 forward requests by the client will return an error. |
.It Cm permitlisten="host:port" |
.It Cm permitlisten="[host:]port" |
Limit remote port forwarding with the |
Limit remote port forwarding with the |
.Xr ssh 1 |
.Xr ssh 1 |
.Fl R |
.Fl R |
option such that it may only listen on the specified host and port. |
option such that it may only listen on the specified host (optional) and port. |
IPv6 addresses can be specified by enclosing the address in square brackets. |
IPv6 addresses can be specified by enclosing the address in square brackets. |
Multiple |
Multiple |
.Cm permitlisten |
.Cm permitlisten |
|
|
Note that the setting of |
Note that the setting of |
.Cm GatewayPorts |
.Cm GatewayPorts |
may further restrict listen addresses. |
may further restrict listen addresses. |
|
Note that |
|
.Xr ssh 1 |
|
will send a hostname of |
|
.Dq localhost |
|
if a listen host was not specified when the forwarding was requested, and |
|
that his name is treated differently to the explicit localhost addresses |
|
.Dq 127.0.0.1 |
|
and |
|
.Dq ::1 . |
.It Cm permitopen="host:port" |
.It Cm permitopen="host:port" |
Limit local port forwarding with the |
Limit local port forwarding with the |
.Xr ssh 1 |
.Xr ssh 1 |
|
|
command="dump /home",no-pty,no-port-forwarding ssh-dss |
command="dump /home",no-pty,no-port-forwarding ssh-dss |
AAAAC3...51R== example.net |
AAAAC3...51R== example.net |
permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss |
permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss |
|
AAAAB5...21S== |
|
permitlisten="localhost:8080",permitopen="localhost:22000" ssh-dss |
AAAAB5...21S== |
AAAAB5...21S== |
tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== |
tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== |
jane@example.net |
jane@example.net |