From a55dc3cf1497a01ed0d8c4f0677061cbcf4ae08e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Sachse?= <joerg.sachse@slub-dresden.de>
Date: Thu, 27 Apr 2023 11:18:56 +0200
Subject: [PATCH] feat: set 'AllowTcpForwarding yes' for ExL support to tunnel
 services to their local workstations for diagnosis

---
 tasks/configure_ssh_hardening.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/configure_ssh_hardening.yml b/tasks/configure_ssh_hardening.yml
index f96eff9..ef041e7 100644
--- a/tasks/configure_ssh_hardening.yml
+++ b/tasks/configure_ssh_hardening.yml
@@ -26,7 +26,7 @@
       # Ciphers aes128-ctr,aes192-ctr,aes256-ctr
       LogLevel VERBOSE
       # AuthorizedKeysFile /etc/ssh/authorized-keys/%u
-      AllowTcpForwarding no
+      AllowTcpForwarding yes
       GatewayPorts no
       PermitTunnel no
       X11Forwarding no
-- 
GitLab