-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
port_forwarding can be saved to a cluster profile without this being requested #3094
Comments
Can confirm this is till happening
|
Found one case when forward_ports gets added to cluster profile file: So if
As a workaround, logout current profile -> login to cluster without any ssh command, or without any portforward option of ssh command.. like
|
a
|
We have another customer who has reported the above issue where the
|
The fix was merged, should be available in next patch releases. |
What happened:
tsh ssh
will sometimes add default port forwarding to.tsh/{cluster}.yaml
which causes all subsequent connections to any node in that cluster to "inherit" that setting:What you expected to happen: Port forwarding settings not to be saved to
.tsh/{cluster}.yaml
and to be manually specified each time. Automatically forwarding ports (without it being explicitly requested) can be a security risk.How to reproduce it (as minimally and precisely as possible): This is what's uncertain. It appears that somehow the port forwarding configuration gets saved to the tsh profile but I'm unsure exactly why or how this happens.
Environment:
teleport version
):4.0.0
tsh version
):4.1.0
The text was updated successfully, but these errors were encountered: