I use RedHat 7.2 and the SSL version which ships with this. SSHD seams to have an annoying feature/bug which does not honour /etc/services. There is a program which periodically starts up on the server and when running, listens on a port registered in /etc/servives. However, when one ssh to the server, I have now witnessed sshd 'stealing' this port and the application fails to start up as the port is already bound. Is there a way of telling sshd to honour the reserved ports (man page seems not to give any such clues). If not, I would say it would be a welcomed enhancement if it could do this.
First, I assume you mean "the SSH version which ships". You're referring to port forwarding? If I'm following here you mean that sshd permits remote forwarding of otherwise unbound ports below port 1024? That should only be possible if you're logging is as root. The ssh man page says "Privileged ports can be forwarded only when logging in as root on the remote machine." Or do you mean something else?
Further info supplied via email: > I use ssh to access a certain machine. On this machine is installed another > program which periodically runs and whenever it starts up, it exports > services on port 6010 which is documented so in /etc/services on the machine. > For some reason which I don't understand as I am not familiar with ssh well > enough, sshd 'stole' the port 6010 Ah, OK, you should have put that in the bug report. 6010 is by default the first X11 forwarding port. You can turn it off with "X11Forwarding no" or change the port with "X11DisplayOffset [number]" (both in sshd_config). The number by default is "10" and is added to the normal X11 port (6000) to give the first X11 forwarding port. Your best bet is probably to set "X11DisplayOffset 20". /etc/services is not a reservation system at all, it is merely a way to map port numbers to service names and vice versa.
Mass change of RESOLVED bugs to CLOSED