From 60d82be9f31bfdfdd40034ff1f920467766b1eab Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Wed, 12 Sep 2001 17:58:15 +0000 Subject: [PATCH] - stevesk@cvs.openbsd.org 2001/08/29 23:39:40 [ssh.1 sshd.8] additional documentation for GatewayPorts; ok markus@ --- ChangeLog | 5 ++++- ssh.1 | 11 ++++++++++- sshd.8 | 11 ++++++++++- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9d14eab10..fc5a0ceb6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -55,6 +55,9 @@ - stevesk@cvs.openbsd.org 2001/08/29 23:27:23 [ssh.c] validate ports for -L/-R; ok markus@ + - stevesk@cvs.openbsd.org 2001/08/29 23:39:40 + [ssh.1 sshd.8] + additional documentation for GatewayPorts; ok markus@ 20010815 - (bal) Fixed stray code in readconf.c that went in by mistake. @@ -6378,4 +6381,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1501 2001/09/12 17:56:15 mouring Exp $ +$Id: ChangeLog,v 1.1502 2001/09/12 17:58:15 mouring Exp $ diff --git a/ssh.1 b/ssh.1 index dfd38a6b8..14e2925cf 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.133 2001/08/29 23:13:11 stevesk Exp $ +.\" $OpenBSD: ssh.1,v 1.134 2001/08/29 23:39:40 stevesk Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -848,6 +848,15 @@ The default is .It Cm GatewayPorts Specifies whether remote hosts are allowed to connect to local forwarded ports. +By default, +.Nm +binds local port forwardings to the loopback addresss. This +prevents other remote hosts from connecting to forwarded ports. +.Cm GatewayPorts +can be used to specify that +.Nm +should bind local port forwardings to the wildcard address, +thus allowing remote hosts to connect to forwarded ports. The argument must be .Dq yes or diff --git a/sshd.8 b/sshd.8 index e98cfdd61..ff3717b0c 100644 --- a/sshd.8 +++ b/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.144 2001/08/29 23:02:21 stevesk Exp $ +.\" $OpenBSD: sshd.8,v 1.145 2001/08/29 23:39:40 stevesk Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -442,6 +442,15 @@ By default login is allowed regardless of the user name. .It Cm GatewayPorts Specifies whether remote hosts are allowed to connect to ports forwarded for the client. +By default, +.Nm +binds remote port forwardings to the loopback addresss. This +prevents other remote hosts from connecting to forwarded ports. +.Cm GatewayPorts +can be used to specify that +.Nm +should bind remote port forwardings to the wildcard address, +thus allowing remote hosts to connect to forwarded ports. The argument must be .Dq yes or