From owner-freebsd-doc Sun Dec 2 3:10:26 2001 Delivered-To: freebsd-doc@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 3366C37B433 for ; Sun, 2 Dec 2001 03:10:02 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id fB2BA2T22644; Sun, 2 Dec 2001 03:10:02 -0800 (PST) (envelope-from gnats) Received: from Kain.sumuk.de (Kain.sumuk.de [213.221.86.114]) by hub.freebsd.org (Postfix) with ESMTP id A1DE437B416 for ; Sun, 2 Dec 2001 03:03:25 -0800 (PST) Received: (from vincent@localhost) by Kain.sumuk.de (8.11.5/8.11.5) id fB2B3Ex58225; Sun, 2 Dec 2001 12:03:14 +0100 (CET) (envelope-from vincent) Message-Id: <200112021103.fB2B3Ex58225@Kain.sumuk.de> Date: Sun, 2 Dec 2001 12:03:14 +0100 (CET) From: Martin Heinen Reply-To: Martin Heinen To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: docs/32436: corrections for SSH section of chapter Security Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 32436 >Category: docs >Synopsis: corrections for SSH section of chapter Security >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Sun Dec 02 03:10:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Martin Heinen >Release: FreeBSD 4.4-PRERELEASE i386 >Organization: >Environment: System: FreeBSD Kain.sumuk.de 4.4-PRERELEASE FreeBSD 4.4-PRERELEASE #11: Thu Sep 27 18:54:33 CEST 2001 toor@Kain.earth.sol:/usr/obj/usr/src/sys/KAIN i386 >Description: marked up telnet as , capitalized protocols, added a more meaningful description to the second tunnel example, marked up comamnd lines with , added missing POP3-port to tunnel example >How-To-Repeat: read the SSH section in the Security chapter >Fix: Index: chapter.sgml =================================================================== RCS file: /u/cvs/doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v retrieving revision 1.99 diff -u -r1.99 chapter.sgml --- chapter.sgml 2001/11/19 08:50:43 1.99 +++ chapter.sgml 2001/12/02 10:31:15 @@ -3113,7 +3113,7 @@ user@example.com's password: ******* The login will continue just as it would have if a session was - created using rlogin or telnet. SSH utilizes a + created using rlogin or telnet. SSH utilizes a key fingerprint system for verifying the authenticity of the server when the client connects. The user is prompted to enter @@ -3317,9 +3317,9 @@ this would create a secure telnet session through an SSH tunnel. This can be used to wrap any number of insecure TCP protocols - such as smtp, pop3, ftp, etc. + such as SMTP, POP3, FTP, etc. - A typical SSH Tunnel + The following example creates a secure tunnel for SMTP: &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com user@mailserver.example.com's password: ***** &prompt.user; telnet localhost 5025 @@ -3348,7 +3348,7 @@ an SSH connection to your office's SSH server, and tunnel through to the mail server. - &prompt.user; ssh -2 -N -f -L 2110:mail.example.com user@ssh-server.example.com + &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com user@ssh-server.example.com's password: ****** When the tunnel is up and running, you can point your @@ -3375,7 +3375,7 @@ outside of your network's firewall, and use it to tunnel to the Ogg Vorbis server. - &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled.myserver.com + &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled.myserver.com user@unfirewalled.myserver.com's password: ******* Your streaming client can now be pointed to >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message