Describe these menus.
The rest of this section needs to be reviewed for the boot probe and initial
installer menu, will be in next commit.
PR: 173013
Sponsored by: iXsystems
Clean up the booting from various architecture sections.
Need to confirm that powerpc instructions are correct for all supported media.
Prepare section to describe boot menu. Next commit will describe this menu in detail.
Start to clean up initial install menus. Need to test the components section more
as the existing descriptions are not correct.
Many more commits to come.
Sponsored by: iXsystems
- Drop all references to providing CVSup mirrors
- Drop all references to providing anonymous CVS mirrors
- Drop all references to mirroring using CVSup, instead use rsync
- Update the recommended arguments to rsync in the examples
- Updatre size estimates for the individual parts
- Change one reference to CVS to instead mention SVN
Note that we are still not accepting applications for new mirrors
of this style.
Many of the statements in this chapter were just plain wrong.
Apply some major modernization, in particular the current Kerberos RFC is
4120, not 1510. Kerberized telnet, rlogin, ftp and similar are no longer
recommended -- use ssh and scp instead.
The heimdal in base is no longer crippled so as to be a minimal installation;
it is fully functional. The heimdal in ports does offer the option to install
some additional features such as KCM and PKINIT.
Add a bit more introduction to Kerberos terminology and conventions.
Make the sample output closer to the current reality.
Don't imply that eight characters is a particularly strong password.
security/krb5 does not install ktelnetd, klogind, and friends anymore,
so there's no need to mention its README.FreeBSD here (especially since
these things are disrecommended anyway).
www/mod_auth_kerb uses the HTTP/ principal, not the www/ principal.
Kerberized ssh uses GSSAPI these days, so the Kerberos-specific options
are not worth mentioning.
Kerberos works just fine on multiuser machines; the permissions of
credentials cache files are set to 0600.
Remove the section on access issues with kerberos and ssh; it is very
confused. (It seems to be talking about ssh keys and ssh-agent, but
in a very unclear and inaccurate fashion.)
There is still more to be done here, but this should get us most of the way.
Reviewed by: bcr (partial)
Approved by: hrs (mentor)
