From vincent@Kain.sumuk.de  Sun Dec  2 03:03:28 2001
Return-Path: <vincent@Kain.sumuk.de>
Received: from Kain.sumuk.de (Kain.sumuk.de [213.221.86.114])
	by hub.freebsd.org (Postfix) with ESMTP id A1DE437B416
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  2 Dec 2001 03:03:25 -0800 (PST)
Received: (from vincent@localhost)
	by Kain.sumuk.de (8.11.5/8.11.5) id fB2B3Ex58225;
	Sun, 2 Dec 2001 12:03:14 +0100 (CET)
	(envelope-from vincent)
Message-Id: <200112021103.fB2B3Ex58225@Kain.sumuk.de>
Date: Sun, 2 Dec 2001 12:03:14 +0100 (CET)
From: Martin Heinen <martin@sumuk.de>
Reply-To: Martin Heinen <martin@sumuk.de>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: corrections for SSH section of chapter Security
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         32436
>Category:       docs
>Synopsis:       corrections for SSH section of chapter Security
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Dec 02 03:10:01 PST 2001
>Closed-Date:    Sun Dec 2 09:22:47 PST 2001
>Last-Modified:  Sun Dec 02 09:23:53 PST 2001
>Originator:     Martin Heinen
>Release:        FreeBSD 4.4-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD Kain.sumuk.de 4.4-PRERELEASE FreeBSD 4.4-PRERELEASE #11: Thu Sep 27 18:54:33 CEST 2001 toor@Kain.earth.sol:/usr/obj/usr/src/sys/KAIN i386


	
>Description:
	marked up telnet as <command>,
	capitalized protocols,
	added a more meaningful description to the second tunnel example,
	marked up comamnd lines with <userinput>,
	added missing POP3-port to tunnel example
>How-To-Repeat:
	read the SSH section in the Security chapter
>Fix:
Index: chapter.sgml
===================================================================
RCS file: /u/cvs/doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v
retrieving revision 1.99
diff -u -r1.99 chapter.sgml
--- chapter.sgml	2001/11/19 08:50:43	1.99
+++ chapter.sgml	2001/12/02 10:31:15
@@ -3113,7 +3113,7 @@
 user@example.com's password: <userinput>*******</userinput></screen>
 
       <para>The login will continue just as it would have if a session was
-        created using <command>rlogin</command> or telnet.  SSH utilizes a 
+        created using <command>rlogin</command> or <command>telnet</command>.  SSH utilizes a 
 	key fingerprint
         system for verifying the authenticity of the server when the 
         client connects.  The user is prompted to enter
@@ -3317,9 +3317,9 @@
 	this would create a secure telnet session through an SSH tunnel.</para>
 
       <para>This can be used to wrap any number of insecure TCP protocols 
-        such as smtp, pop3, ftp, etc.</para>
+        such as SMTP, POP3, FTP, etc.</para>
 
-       <para>A typical SSH Tunnel</para>
+       <para>The following example creates a secure tunnel for SMTP:</para>
        <screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>5025:localhost:25 user@mailserver.example.com</replaceable></userinput>
 user@mailserver.example.com's password: <userinput>*****</userinput>
 &prompt.user; <userinput>telnet localhost 5025</userinput>
@@ -3348,7 +3348,7 @@
 	    an SSH connection to your office's SSH server, and tunnel
 	    through to the mail server.</para>
 
-	  <screen>&prompt.user; ssh -2 -N -f -L 2110:mail.example.com user@ssh-server.example.com
+	  <screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>2110:mail.example.com:110 user@ssh-server.example.com</replaceable></userinput>
 user@ssh-server.example.com's password: ******</screen>
 
 	  <para>When the tunnel is up and running, you can point your
@@ -3375,7 +3375,7 @@
 	    outside of your network's firewall, and use it to tunnel to
 	    the Ogg Vorbis server.</para>
 
-	  <screen>&prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled.myserver.com
+	  <screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>8888:music.example.com:8000 user@unfirewalled.myserver.com</replaceable></userinput>
 user@unfirewalled.myserver.com's password: *******</screen>
 
 	  <para>Your streaming client can now be pointed to
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: murray 
State-Changed-When: Sun Dec 2 09:22:47 PST 2001 
State-Changed-Why:  
Your change has been committed with minor modifications to r1.100 of 
chapter.sgml.  Thanks for the submission! 


http://www.FreeBSD.org/cgi/query-pr.cgi?pr=32436 
>Unformatted:
