Bug#310431: sshd_config should warn about GatewayPorts workaround
Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Severity: normal
The manpage for sshd_config should warn that 'GatewayPorts no' doesn't
protect entirely against remote forwarding ports that are globally
accessible. For exemple with:
ssh -R <port>:localhost:<localport> -- ssh -gL \
<port>:localhost:<port> localhost
the <port> on remote host will be forwarded to <localport> on the local
host, unless some other restrictions beyond 'GatewayPorts no' like denying
shell access.
A note should be added to "GatewayPorts" entry like this:
"Note that disabling GatewayPorts does not improve security unless users
are also denied shell access, as they can always install their own
forwarders."
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.11.7-unicode
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Versions of packages ssh depends on:
ii adduser 3.63 Add and remove users and groups
ii debconf 1.4.30.13 Debian configuration management sy
ii dpkg 1.10.27 Package maintenance system for Deb
ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an
ii libpam-modules 0.76-22 Pluggable Authentication Modules f
ii libpam-runtime 0.76-22 Runtime support for the PAM librar
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.2.2-4 compression library - runtime
-- debconf information:
ssh/insecure_rshd:
ssh/user_environment_tell:
* ssh/forward_warning:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/SUID_client: true
* ssh/disable_cr_auth: false
ssh/ssh2_keys_merged:
* ssh/protocol2_only: true
ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true
Reply to: