network/chisel
network/chisel
1
0
Fork 0
mirror of https://github.com/jpillora/chisel synced 2024-10-18 16:02:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
162 commits 23 branches 35 tags 4.3 MiB
Commit graph

5 commits

Author SHA1 Message Date
Noah Williams af38a54d8d Add client reverse example with authentication 2021-03-11 14:32:49 -09:00
Noah Williams e1b0eb9937 Add plain authenticated chisel server (reverse) 2021-03-11 14:25:17 -09:00
Eric Sunshine a11a3dd2dd server: add reverse port forwarding restrictions 
Although reverse port forwarding (sharing client ports with the server)
should not generally leak any resources from the server to the client,
the facility may nevertheless be abused if the client is able to open a
server port which is otherwise meant for some other purpose on the
server. (This might happen, for instance, if a service on the server has
crashed or becomes somehow disabled, thus freeing the port which would
otherwise be occupied by the service.)

To mitigate such potential abuse, disable reverse port forwarding by
default and introduce server option --reverse to enable it explicitly.
Additionally, subject reverse port forwarding remotes to server-side
--authfile restrictions (for instance, "^R:0.0.0.0:7000$").
 2018-12-23 16:25:45 -05:00
Jaime Pillora 1871137e32 ssh working, user auth working, addr whitelisting (mostly) working 2015-03-19 02:41:17 +11:00
Jaime Pillora 68eb79a634 progressing to users and remote address whitelists 2015-03-19 01:25:20 +11:00