Date: Sun, 2 Dec 2001 12:03:14 +0100 (CET) From: Martin Heinen <martin@sumuk.de> To: FreeBSD-gnats-submit@freebsd.org Subject: docs/32436: corrections for SSH section of chapter Security Message-ID: <200112021103.fB2B3Ex58225@Kain.sumuk.de>
index | next in thread | raw e-mail
>Number: 32436
>Category: docs
>Synopsis: corrections for SSH section of chapter Security
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Dec 02 03:10:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: Martin Heinen
>Release: FreeBSD 4.4-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD Kain.sumuk.de 4.4-PRERELEASE FreeBSD 4.4-PRERELEASE #11: Thu Sep 27 18:54:33 CEST 2001 toor@Kain.earth.sol:/usr/obj/usr/src/sys/KAIN i386
>Description:
marked up telnet as <command>,
capitalized protocols,
added a more meaningful description to the second tunnel example,
marked up comamnd lines with <userinput>,
added missing POP3-port to tunnel example
>How-To-Repeat:
read the SSH section in the Security chapter
>Fix:
Index: chapter.sgml
===================================================================
RCS file: /u/cvs/doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v
retrieving revision 1.99
diff -u -r1.99 chapter.sgml
--- chapter.sgml 2001/11/19 08:50:43 1.99
+++ chapter.sgml 2001/12/02 10:31:15
@@ -3113,7 +3113,7 @@
user@example.com's password: <userinput>*******</userinput></screen>
<para>The login will continue just as it would have if a session was
- created using <command>rlogin</command> or telnet. SSH utilizes a
+ created using <command>rlogin</command> or <command>telnet</command>. SSH utilizes a
key fingerprint
system for verifying the authenticity of the server when the
client connects. The user is prompted to enter
@@ -3317,9 +3317,9 @@
this would create a secure telnet session through an SSH tunnel.</para>
<para>This can be used to wrap any number of insecure TCP protocols
- such as smtp, pop3, ftp, etc.</para>
+ such as SMTP, POP3, FTP, etc.</para>
- <para>A typical SSH Tunnel</para>
+ <para>The following example creates a secure tunnel for SMTP:</para>
<screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>5025:localhost:25 user@mailserver.example.com</replaceable></userinput>
user@mailserver.example.com's password: <userinput>*****</userinput>
&prompt.user; <userinput>telnet localhost 5025</userinput>
@@ -3348,7 +3348,7 @@
an SSH connection to your office's SSH server, and tunnel
through to the mail server.</para>
- <screen>&prompt.user; ssh -2 -N -f -L 2110:mail.example.com user@ssh-server.example.com
+ <screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>2110:mail.example.com:110 user@ssh-server.example.com</replaceable></userinput>
user@ssh-server.example.com's password: ******</screen>
<para>When the tunnel is up and running, you can point your
@@ -3375,7 +3375,7 @@
outside of your network's firewall, and use it to tunnel to
the Ogg Vorbis server.</para>
- <screen>&prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled.myserver.com
+ <screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>8888:music.example.com:8000 user@unfirewalled.myserver.com</replaceable></userinput>
user@unfirewalled.myserver.com's password: *******</screen>
<para>Your streaming client can now be pointed to
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112021103.fB2B3Ex58225>