Actions
Feature #1295
closed
SSH binds to all available "Virtual IP" IP aliases
Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Unknown
Target version:
-
Start date:
02/19/2011
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Description
SSH, by default, in a pfSense installation, binds to all available "Virtual IP" IP aliases.
It would be nice to be able to select a list of interfaces or IP addresses to bind this service to, both for security and other reasons.
This may not be considered a bug but it prevents you from binding other services (say, OpenVPN) to those ports, specifically if they are external interfaces.
A work-around is to bind OpenVPN to an internal IP alias on a port other than 22 and set up an external port forward, but this is somewhat messy and not intuitive.
Updated by
Actions