# Restrict SSH tunnel to certain IP adresses



## Sylhouette (Dec 3, 2013)

Hello all.

I was wondering if *I* could limit the creation of SSH tunnels. I have some users who *I* would like to connect to their RDP session, but *I* do not want them to connect to the server IP adresses. Is this possible? Can *I* tell the SSH daemon that tunnels may be used to 192.168.1.10 but not to 192.168.1.12 for example?

Thanks, regards,
Johan


----------



## SirDice (Dec 3, 2013)

*Re: Restrict SSH tunnel to certain ipadresses*

No, you can only turn tunneling on or off. If a user is allowed to tunnel he/she could basically tunnel to everywhere. The only way to limit it is by blocking the traffic on a firewall.


----------



## Sylhouette (Dec 4, 2013)

Thanks, *I* thought so.

Regards,
Johan


----------

