justin/tinyboard
1
0
Fork 0
forked from finn/tinyboard
Code Pull Requests 1 Activity

setup-hub.sh: change AllowTcpForwarding from yes to local to restrict forwarding to local connections only

Browse Source
This commit is contained in:
Justin Oros
2026-04-19 11:26:15 -07:00
parent e74c9b45d5
commit d3a6d406d8
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hub/setup-hub.sh
View File

@@ -136,7 +136,7 @@ header "SSH Server Configuration"
SSHD_CONF="/etc/ssh/sshd_config" SSHD_CONF="/etc/ssh/sshd_config"
[ -f "$SSHD_CONF" ] || die "sshd_config not found at $SSHD_CONF" [ -f "$SSHD_CONF" ] || die "sshd_config not found at $SSHD_CONF"
for DIRECTIVE in "GatewayPorts no" "AllowTcpForwarding yes" "ClientAliveInterval 60" "ClientAliveCountMax 3"; do for DIRECTIVE in "GatewayPorts no" "AllowTcpForwarding local" "ClientAliveInterval 60" "ClientAliveCountMax 3"; do
KEY="${DIRECTIVE%% *}" KEY="${DIRECTIVE%% *}"
if grep -q "^$KEY" "$SSHD_CONF"; then if grep -q "^$KEY" "$SSHD_CONF"; then
sed -i "s|^$KEY.*|$DIRECTIVE|" "$SSHD_CONF" sed -i "s|^$KEY.*|$DIRECTIVE|" "$SSHD_CONF"
@@ -251,7 +251,7 @@ info "Mount point created at $MOUNT_POINT."
header "Hub Setup Complete" header "Hub Setup Complete"
echo -e " Hub user: ${GREEN}$HUB_USER${NC}" echo -e " Hub user: ${GREEN}$HUB_USER${NC}"
echo -e " SSH config: ${GREEN}GatewayPorts no, AllowTcpForwarding yes, ClientAliveInterval 60${NC}" echo -e " SSH config: ${GREEN}GatewayPorts no, AllowTcpForwarding local, ClientAliveInterval 60${NC}"
echo -e " FUSE: ${GREEN}user_allow_other enabled${NC}" echo -e " FUSE: ${GREEN}user_allow_other enabled${NC}"
echo -e " rclone config: ${GREEN}$RCLONE_CONF${NC}" echo -e " rclone config: ${GREEN}$RCLONE_CONF${NC}"
echo -e " Mount point: ${GREEN}$MOUNT_POINT${NC}" echo -e " Mount point: ${GREEN}$MOUNT_POINT${NC}"