Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Tim Daneliuk
May 10, 2006, 8:43 pm
rate this thread
mechanics as anything, but I discovered this in the course of doing some
ssh work, so ...)
I have an account on an internet-facing FreeBSD machine that is setup
primarily to be used when doing ssh port forwarding. This account
is setup to NOT permit shell access (the shell is setup to
/sbin/nologin). Still, when I do this:
ssh -L port:address:port -N firstname.lastname@example.org
The forwarding works fine. That is, ssh connects to the sshd daemon on
"freebsdmachine", authenticates using "forwarding"'s credentials, and
goes off to properly do the port:address:port forwarding *even though*
"forwarding" has no shell and it exits immediately after any login attempt.
So ... how in the world is this working at all? I'm guessing that the
connection to sshd precedes any login attempt. But I am mystified how,
having presented the credentials for "forwarding", the connection
between ssh client and sshd remains in place, given that true login
is not taking place...
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum