From owner-svn-doc-head@FreeBSD.ORG Sun Mar 30 02:18:49 2014
Return-Path:
Delivered-To: svn-doc-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
(No client certificate requested)
by hub.freebsd.org (Postfix) with ESMTPS id 12C872E0;
Sun, 30 Mar 2014 02:18:49 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
[IPv6:2001:1900:2254:2068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mx1.freebsd.org (Postfix) with ESMTPS id F1D9A61E;
Sun, 30 Mar 2014 02:18:48 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2U2Imxw010205;
Sun, 30 Mar 2014 02:18:48 GMT (envelope-from wblock@svn.freebsd.org)
Received: (from wblock@localhost)
by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2U2ImCl010204;
Sun, 30 Mar 2014 02:18:48 GMT (envelope-from wblock@svn.freebsd.org)
Message-Id: <201403300218.s2U2ImCl010204@svn.freebsd.org>
From: Warren Block
Date: Sun, 30 Mar 2014 02:18:48 +0000 (UTC)
To: doc-committers@freebsd.org, svn-doc-all@freebsd.org,
svn-doc-head@freebsd.org
Subject: svn commit: r44385 - head/en_US.ISO8859-1/books/handbook/security
X-SVN-Group: doc-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-doc-head@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SVN commit messages for the doc tree for head
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
X-List-Received-Date: Sun, 30 Mar 2014 02:18:49 -0000
Author: wblock
Date: Sun Mar 30 02:18:48 2014
New Revision: 44385
URL: http://svnweb.freebsd.org/changeset/doc/44385
Log:
Recover lost tags.
Modified:
head/en_US.ISO8859-1/books/handbook/security/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Sat Mar 29 22:04:03 2014 (r44384)
+++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Sun Mar 30 02:18:48 2014 (r44385)
@@ -195,7 +195,7 @@
one is to lock an account, for example, to lock the toor
account:
- &prompt.root; pw lock toor
+ &prompt.root; pw lock toor
This command will change the account from this
toor:*:0:0::0:0:Bourne-again Superuser:/root:
@@ -1284,7 +1284,7 @@ Verifying password - Password: KDC
itself:
- &prompt.user; kinit tillman
+ &prompt.user; kinit tillman
tillman@EXAMPLE.ORG's Password:
&prompt.user; klist
@@ -1912,18 +1912,18 @@ There are quite a few fields but you can
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
-Country Name (2 letter code) [AU]:US
-State or Province Name (full name) [Some-State]:PA
-Locality Name (eg, city) []:Pittsburgh
-Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company
-Organizational Unit Name (eg, section) []:Systems Administrator
-Common Name (eg, YOUR name) []:localhost.example.org
-Email Address []:trhodes@FreeBSD.org
+Country Name (2 letter code) [AU]:US
+State or Province Name (full name) [Some-State]:PA
+Locality Name (eg, city) []:Pittsburgh
+Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company
+Organizational Unit Name (eg, section) []:Systems Administrator
+Common Name (eg, YOUR name) []:localhost.example.org
+Email Address []:trhodes@FreeBSD.org
Please enter the following 'extra' attributes
to be sent with your certificate request
-A challenge password []:SOME PASSWORD
-An optional company name []:Another Name
+A challenge password []:SOME PASSWORD
+An optional company name []:Another Name
Notice the response directly after the Common
Name
prompt shows a domain name. This prompt
@@ -2013,12 +2013,12 @@ define(`confTLS_SRV_OPTIONS', `V')dnl
For a simple test, connect to the mail server using
&man.telnet.1;:
- &prompt.root; telnet example.com 25
+ &prompt.root; telnet example.com 25
Trying 192.0.34.166...
Connected to example.com.
Escape character is '^]'.
220 example.com ESMTP Sendmail 8.12.10/8.12.10; Tue, 31 Aug 2004 03:41:22 -0400 (EDT)
-ehlo example.com
+ehlo example.com
250-example.com Hello example.com [192.0.34.166], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
@@ -2223,9 +2223,9 @@ device crypto
&prompt.root; ifconfig gif0 create
- &prompt.root; ifconfig gif0 internal1 internal2
+ &prompt.root; ifconfig gif0 internal1 internal2
- &prompt.root; ifconfig gif0 tunnel external1 external2
+ &prompt.root; ifconfig gif0 tunnel external1 external2
In this example, the corporate LAN's
external IP address is
- &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0
+ &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0
- &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5
+ &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5
- &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0
+ &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0
- &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1
+ &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1
At this point, internal machines should be reachable
from each gateway as well as from machines behind the
@@ -2431,7 +2431,7 @@ Foreground mode.
em0 with the network interface card as
required:
- &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12
+ &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12
Data similar to the following should appear on the
console. If not, there is an issue and debugging the
@@ -2533,7 +2533,7 @@ racoon_enable="yes"
&man.sshd.8;, specify the username and host to log
into:
- &prompt.root; ssh user@example.com
+ &prompt.root; ssh user@example.com
Host key not found from the list of known hosts.
Are you sure you want to continue connecting (yes/no)? yes
Host 'example.com' added to the list of known hosts.
@@ -2569,7 +2569,7 @@ user@example.com's password:
Use &man.scp.1; to copy a file to or from a remote machine
in a secure fashion.
- &prompt.root; scp user@example.com:/COPYRIGHT COPYRIGHT
+ &prompt.root; scp user@example.com:/COPYRIGHT COPYRIGHT
user@example.com's password: *******
COPYRIGHT 100% |*****************************| 4735
00:00
@@ -2594,7 +2594,7 @@ COPYRIGHT 100% |*************
to generate DSA or RSA
keys to authenticate a user:
- &prompt.user; ssh-keygen -t dsa
+ &prompt.user; ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_dsa):
Created directory '/home/user/.ssh'.
@@ -2704,7 +2704,7 @@ Identity added: /home/user/.ssh/id_dsa (
The following command tells &man.ssh.1; to create a
tunnel for &man.telnet.1;:
- &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com
+ &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com
&prompt.user;
This example uses the following options:
@@ -2777,7 +2777,7 @@ Identity added: /home/user/.ssh/id_dsa (
Using &man.ssh.1; to Create a Secure Tunnel for
SMTP
- &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com
+ &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com
user@mailserver.example.com's password: *****
&prompt.user; telnet localhost 5025
Trying 127.0.0.1...
@@ -2803,7 +2803,7 @@ Escape character is '^]'.
SSH server, and tunnel through to the
mail server.
- &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com
+ &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com
user@ssh-server.example.com's password: ******
Once the tunnel is up and running, point the email
@@ -2827,7 +2827,7 @@ user@ssh-server.example.com's password:
connection to a machine outside of the network's firewall
and use it to tunnel to the desired service.
- &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org
+ &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org
user@unfirewalled-system.example.org's password: *******
In this example, a streaming Ogg Vorbis client can now