From cfe5f2b61787c1c250945a04ce59699f54047fa2 Mon Sep 17 00:00:00 2001 From: Warren Block Date: Sun, 30 Mar 2014 02:18:48 +0000 Subject: [PATCH] Recover lost tags. --- .../books/handbook/security/chapter.xml | 54 +++++++++---------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/en_US.ISO8859-1/books/handbook/security/chapter.xml b/en_US.ISO8859-1/books/handbook/security/chapter.xml index 8b7a4d2dd0..c49260f6a1 100644 --- a/en_US.ISO8859-1/books/handbook/security/chapter.xml +++ b/en_US.ISO8859-1/books/handbook/security/chapter.xml @@ -195,7 +195,7 @@ one is to lock an account, for example, to lock the toor account: - &prompt.root; pw lock toor + &prompt.root; pw lock toor This command will change the account from this toor:*:0:0::0:0:Bourne-again Superuser:/root: @@ -1284,7 +1284,7 @@ Verifying password - Password: xxxxxxxx created from the command-line of the KDC itself: - &prompt.user; kinit tillman + &prompt.user; kinit tillman tillman@EXAMPLE.ORG's Password: &prompt.user; klist @@ -1912,18 +1912,18 @@ There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- -Country Name (2 letter code) [AU]:US -State or Province Name (full name) [Some-State]:PA -Locality Name (eg, city) []:Pittsburgh -Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company -Organizational Unit Name (eg, section) []:Systems Administrator -Common Name (eg, YOUR name) []:localhost.example.org -Email Address []:trhodes@FreeBSD.org +Country Name (2 letter code) [AU]:US +State or Province Name (full name) [Some-State]:PA +Locality Name (eg, city) []:Pittsburgh +Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company +Organizational Unit Name (eg, section) []:Systems Administrator +Common Name (eg, YOUR name) []:localhost.example.org +Email Address []:trhodes@FreeBSD.org Please enter the following 'extra' attributes to be sent with your certificate request -A challenge password []:SOME PASSWORD -An optional company name []:Another Name +A challenge password []:SOME PASSWORD +An optional company name []:Another Name Notice the response directly after the Common Name prompt shows a domain name. This prompt @@ -2013,12 +2013,12 @@ define(`confTLS_SRV_OPTIONS', `V')dnl For a simple test, connect to the mail server using &man.telnet.1;: - &prompt.root; telnet example.com 25 + &prompt.root; telnet example.com 25 Trying 192.0.34.166... Connected to example.com. Escape character is '^]'. 220 example.com ESMTP Sendmail 8.12.10/8.12.10; Tue, 31 Aug 2004 03:41:22 -0400 (EDT) -ehlo example.com +ehlo example.com 250-example.com Hello example.com [192.0.34.166], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING @@ -2223,9 +2223,9 @@ device crypto &prompt.root; ifconfig gif0 create - &prompt.root; ifconfig gif0 internal1 internal2 + &prompt.root; ifconfig gif0 internal1 internal2 - &prompt.root; ifconfig gif0 tunnel external1 external2 + &prompt.root; ifconfig gif0 tunnel external1 external2 In this example, the corporate LAN's external IP address is either network. The following command will achieve this goal: - &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 + &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 - &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 + &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 - &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 + &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 - &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 + &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 At this point, internal machines should be reachable from each gateway as well as from machines behind the @@ -2431,7 +2431,7 @@ Foreground mode. em0 with the network interface card as required: - &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 + &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 Data similar to the following should appear on the console. If not, there is an issue and debugging the @@ -2533,7 +2533,7 @@ racoon_enable="yes" &man.sshd.8;, specify the username and host to log into: - &prompt.root; ssh user@example.com + &prompt.root; ssh user@example.com Host key not found from the list of known hosts. Are you sure you want to continue connecting (yes/no)? yes Host 'example.com' added to the list of known hosts. @@ -2569,7 +2569,7 @@ user@example.com's password: ******* Use &man.scp.1; to copy a file to or from a remote machine in a secure fashion. - &prompt.root; scp user@example.com:/COPYRIGHT COPYRIGHT + &prompt.root; scp user@example.com:/COPYRIGHT COPYRIGHT user@example.com's password: ******* COPYRIGHT 100% |*****************************| 4735 00:00 @@ -2594,7 +2594,7 @@ COPYRIGHT 100% |*****************************| 4735 to generate DSA or RSA keys to authenticate a user: - &prompt.user; ssh-keygen -t dsa + &prompt.user; ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/user/.ssh/id_dsa): Created directory '/home/user/.ssh'. @@ -2704,7 +2704,7 @@ Identity added: /home/user/.ssh/id_dsa (/home/user/.ssh/id_dsa) The following command tells &man.ssh.1; to create a tunnel for &man.telnet.1;: - &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com + &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com &prompt.user; This example uses the following options: @@ -2777,7 +2777,7 @@ Identity added: /home/user/.ssh/id_dsa (/home/user/.ssh/id_dsa) Using &man.ssh.1; to Create a Secure Tunnel for SMTP - &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com + &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com user@mailserver.example.com's password: ***** &prompt.user; telnet localhost 5025 Trying 127.0.0.1... @@ -2803,7 +2803,7 @@ Escape character is '^]'. SSH server, and tunnel through to the mail server. - &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com + &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com user@ssh-server.example.com's password: ****** Once the tunnel is up and running, point the email @@ -2827,7 +2827,7 @@ user@ssh-server.example.com's password: ****** connection to a machine outside of the network's firewall and use it to tunnel to the desired service. - &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org + &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org user@unfirewalled-system.example.org's password: ******* In this example, a streaming Ogg Vorbis client can now