> > I have a server in internet and i want several clients to access to it via > > SSH but i DON'T want they to be able to use SSH from that server. > > > > So i client can access the server via SSH, but s/he CAN NOT ssh to other > > servers from my server... >
in sshd_conf : AllowTcpForwarding no : Specifies whether TCP forwarding is permitted. The default is ``yes''. Note that disabling TCP forwarding does not improve security unless users are also denied shell access, as they can always install their own forwarders. --> man 5 sshd_config for openSSH > If you want to use iptables then allow incoming ssh requests from the > relevant hosts and disallow outgoing ssh request from the server: > > iptables -A INPUT -j ACCEPT -p tcp -s <client_ip/mask> --destination-port 22 > iptables -A INPUT -j REJECT -p tcp --destination-port 22 > iptables -A OUTPUT -j REJECT -p tcp --destination-port 22 __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com