Is there a way to make a remote port only accessible for a specific user?
My current setup:
I'm forwarding a port to my local machine to access it via SSH on the go.
I am able to directly access my local machine without logging into the remote machine first.
For increased security I want that port not to be publicly accessible but accessible for specific users on the remote machine or any user thats logged in at the remote machine.
Short scheme of what im trying to achieve:
Internet -> ssh to remote machine -> login -> ssh to local machine via forwarded port -> login
Best Answer
Port forwarding is a network item that does not support user filtering. That is because ports and IP traffic do not have anything to do with users. The payload of the traffic might have user information, but that is not typically access by network equipment.
As an alternative, you could use a VPN that does user based authentication. Some firewalls, like Sonicwall, have user based filtering, but that typically uses a proprietary client to track user info.
The more common way to do this on the network level is to filter by IP address. If your remote machine has a static IP. You can filter the port forward by IP address.
You haven't provided any information about your setup, other that logical flow, so it is hard to know what devices you have to work with.