From a90f5195343c883d3c456443dc09cde82dd477ed Mon Sep 17 00:00:00 2001 From: Murray Stokely Date: Sun, 2 Dec 2001 17:22:44 +0000 Subject: [PATCH] * Add tag. * Capitalize protocol names. * Add a more meaningful description to the second tunnel example. * Add tags. * Add missing POP3-port to tunnel example. * Wrap one of the examples in an tag so that this useful example shows up in the front matter "list of examples". PR: docs/32436 Submitted by: Martin Heinen --- .../books/handbook/security/chapter.sgml | 26 +++++++++++-------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/en_US.ISO8859-1/books/handbook/security/chapter.sgml b/en_US.ISO8859-1/books/handbook/security/chapter.sgml index 0ea3008bcb..1db608484b 100644 --- a/en_US.ISO8859-1/books/handbook/security/chapter.sgml +++ b/en_US.ISO8859-1/books/handbook/security/chapter.sgml @@ -3113,8 +3113,8 @@ Host 'example.com' added to the list of known hosts. user@example.com's password: ******* The login will continue just as it would have if a session was - created using rlogin or telnet. SSH utilizes a - key fingerprint + created using rlogin or + telnet. SSH utilizes a key fingerprint system for verifying the authenticity of the server when the client connects. The user is prompted to enter yes only when @@ -3317,10 +3317,12 @@ Your identification has been saved in /home/user/.ssh/identity. this would create a secure telnet session through an SSH tunnel. This can be used to wrap any number of insecure TCP protocols - such as smtp, pop3, ftp, etc. + such as SMTP, POP3, FTP, etc. - A typical SSH Tunnel - &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com + + Using SSH to create a secure tunnel for SMTP + + &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com user@mailserver.example.com's password: ***** &prompt.user; telnet localhost 5025 Trying 127.0.0.1... @@ -3328,10 +3330,12 @@ Connected to localhost. Escape character is '^]'. 220 mailserver.example.com ESMTP - This can be used in conjunction with an &man.ssh-keygen.1; - and additional user accounts to create a more seamless/hassle-free - SSH tunneling environment. Keys can be used in place of typing - a password, and the tunnels can be run as a separate user. + This can be used in conjunction with an + &man.ssh-keygen.1; and additional user accounts to create a + more seamless/hassle-free SSH tunneling environment. Keys + can be used in place of typing a password, and the tunnels + can be run as a separate user. + Practical SSH Tunneling Examples @@ -3348,7 +3352,7 @@ Escape character is '^]'. an SSH connection to your office's SSH server, and tunnel through to the mail server. - &prompt.user; ssh -2 -N -f -L 2110:mail.example.com user@ssh-server.example.com + &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com user@ssh-server.example.com's password: ****** When the tunnel is up and running, you can point your @@ -3375,7 +3379,7 @@ user@ssh-server.example.com's password: ****** outside of your network's firewall, and use it to tunnel to the Ogg Vorbis server. - &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled.myserver.com + &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled.myserver.com user@unfirewalled.myserver.com's password: ******* Your streaming client can now be pointed to