Created attachment 3024 [details] patch exported from github pull request restricts which ports are available for a given user on a remote server when opening remote forwarding ports. use case: NAT traversing limited to a specified port for each user on the remote server. on the users .ssh/authorized_keys , add: permitopen="host:port" and user's public key. it helps mitigate a DoS in case a user's private key is lost ** if no permitopen is found for the user, all ports are allowed as usual useful to limit tunneling for nat traversing to a specified port on a by user base
*** This bug has been marked as a duplicate of bug 2038 ***
closing resolved bugs as of 8.6p1 release