Join Log in
Score:2
mhn2 avatar Server

How to limit the number of port forwarding connections - ssh

af flag
mhn2

I have a user on my linux server which is used for proxy. Currently the shell access and a lot of other features are disabled and the following command will be used on it:

ssh proxy-user@server -D 1080 -N

However recently I decided to put a limit on the number of simultaneous connections.

I've tried limits.conf and MaxSessions, but none of them can deal with the ssh -N argument. They won't count these types of connections for the limit.

Is there anyway for me to limit the number of connections that are only using port forwarding (using the -N argument)?

Notes:

  • No I can't use a socks server such as dante
  • I can't limit the total number of connections for all the users because I don't want to apply the limit for other users
  • Here is the current limitations for the proxy user:
Match User proxy-user
   AllowTcpForwarding yes
   X11Forwarding no
   PermitTunnel no
   GatewayPorts no
   AllowAgentForwarding no
   PasswordAuthentication yes
   ForceCommand echo 'This account can only be used for socks proxy'
441
0 + 2
ssh
diya avatar
la flag
diya
AFAIK the only native control the openssh server gives you is to either completely allow/prohibit port forwarding with the `AllowTcpForwarding` directive but there is nothing to control the number of connections when that is allowed.
0
Reply
Erfan Bahramali avatar
na flag
Erfan Bahramali
https://superuser.com/questions/1764623/limiting-ssh-tunnel-users-maxlogins
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.