Single-Purpose SSH account, exclusively for Reverse Port Forwarding
Posted
by drfloob
on Server Fault
See other posts from Server Fault
or by drfloob
Published on 2010-04-02T23:20:34Z
Indexed on
2010/04/02
23:23 UTC
Read the original article
Hit count: 553
On my Debian system, I'd like to create a user that is only allowed to do a Reverse Port Forward from their machine to my server, but I'm not sure how to create a limited user specifically for this purpose.
For example, we'll call my server 'Sam' and my laptop 'Luke'. I'd like a user on Luke to be able to execute a reverse port forward ssh command to Sam, so that port 4321 on Sam is tunneled to port 4321 on Luke. For example:
ssh -fnR 4321:localhost:4321 -l limitedUser Sam
How can I create a user on Sam that is only allowed to execute this command?
© Server Fault or respective owner