Run through aspell.
This commit is contained in:
Tom Rhodes
parent
9e8bc7243d
commit
e95945c072
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=22194
1 changed files with 12 additions and 12 deletions
|
|
@ -85,7 +85,7 @@
|
|||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>How to utililize the &os; security advisories
|
||||
<para>How to utilize the &os; security advisories
|
||||
publications.</para>
|
||||
</listitem>
|
||||
|
||||
|
|
@ -116,7 +116,7 @@
|
|||
servers — meaning that external entities can connect and talk
|
||||
to them. As yesterday's mini-computers and mainframes become
|
||||
today's desktops, and as computers become networked and
|
||||
internetworked, security becomes an even bigger issue.</para>
|
||||
internetwork, security becomes an even bigger issue.</para>
|
||||
|
||||
<para>Security is best implemented through a layered
|
||||
<quote>onion</quote> approach. In a nutshell, what you want to do is
|
||||
|
|
@ -325,7 +325,7 @@
|
|||
machine. What it does mean is that you should not make it
|
||||
possible to use the password outside of the console or possibly
|
||||
even with the &man.su.1; command. For example, make sure that
|
||||
your pty's are specified as being insecure in the
|
||||
your ptys are specified as being insecure in the
|
||||
<filename>/etc/ttys</filename> file so that direct
|
||||
<username>root</username> logins
|
||||
via <command>telnet</command> or <command>rlogin</command> are
|
||||
|
|
@ -545,7 +545,7 @@
|
|||
and thus read the encrypted password file, potentially compromising
|
||||
any passworded account. Alternatively an intruder who breaks
|
||||
group <literal>kmem</literal> can monitor keystrokes sent through
|
||||
pty's, including pty's used by users who login through secure
|
||||
ptys, including Pt's used by users who login through secure
|
||||
methods. An intruder that breaks the <groupname>tty</groupname>
|
||||
group can write to
|
||||
almost any user's tty. If a user is running a terminal program or
|
||||
|
|
@ -952,7 +952,7 @@
|
|||
<para>We recommend that you use ssh in
|
||||
combination with Kerberos whenever possible for staff logins.
|
||||
<application>ssh</application> can be compiled with Kerberos
|
||||
support. This reduces your reliance on potentially exposable
|
||||
support. This reduces your reliance on potentially exposed
|
||||
ssh keys while at the same time
|
||||
protecting passwords via Kerberos. ssh
|
||||
keys should only be used for automated tasks from secure machines
|
||||
|
|
@ -1419,7 +1419,7 @@ permit port ttyd0</programlisting>
|
|||
&unix; passwords at any time. Generally speaking, this should only
|
||||
be used for people who are either unable to use the
|
||||
<command>key</command> program, like those with dumb terminals, or
|
||||
those who are uneducable.</para>
|
||||
those who are ineducable.</para>
|
||||
|
||||
<para>The third line (<literal>permit port</literal>) allows all
|
||||
users logging in on the specified terminal line to use &unix;
|
||||
|
|
@ -2679,7 +2679,7 @@ jdoe@example.org</screen>
|
|||
|
||||
<listitem>
|
||||
<para><ulink url="http://web.mit.edu/Kerberos/www/dialogue.html">Designing
|
||||
an Authentication System: a Dialogue in Four Scenes</ulink></para>
|
||||
an Authentication System: a Dialog in Four Scenes</ulink></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
|
|
|
|||
Loading…
Reference in a new issue