Changeset 45db70f
- Timestamp:
- 11/24/2016 04:05:14 PM (8 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 12.2, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gimp3, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/for-12.3, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/spidermonkey128, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 562355c
- Parents:
- f136bce
- Location:
- postlfs/security
- Files:
-
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/cacerts.xml
rf136bce r45db70f 28 28 29 29 <para>Public Key Infrastructure (PKI) is a method to validate the 30 authenticity of an othe wise unknown entity across untrusted networks. PKI30 authenticity of an otherwise unknown entity across untrusted networks. PKI 31 31 works by establishing a chain of trust, rather than trusting each individual 32 32 host or entity explicitly. In order for a certificate presented by a remote 33 entity to be trusted, that certificate must p esent a complete chain of33 entity to be trusted, that certificate must present a complete chain of 34 34 certificates that can be validated using the root certificate of a 35 35 Certificate Authority (CA) that is trusted by the local machine.</para> … … 117 117 signing. For example, to allow a certificate to be trusted for both 118 118 SSL/TLS and S/Mime, but explicitly rejected for code signing, you could use 119 the following commands to create a new trusted cer itificate that has those119 the following commands to create a new trusted certificate that has those 120 120 trust attributes:</para> 121 121 … … 130 130 without <application>p11-kit</application> support are not aware of trusted 131 131 certificates. To include this CA into the ca-bundle.crt (used for 132 <application>GnuTLS</application>), it must have , at least serverAuth132 <application>GnuTLS</application>), it must have <envar>serverAuth</envar> 133 133 trust.</para> 134 134 -
postlfs/security/cracklib.xml
rf136bce r45db70f 204 204 <filename>cracklib-extra-words</filename>. This extra file is intended to be 205 205 a site specific list which includes easy to guess passwords such as company 206 or department names, user 'snames, product names, computer names, domain206 or department names, user names, product names, computer names, domain 207 207 names, etc.</para> 208 208 … … 251 251 <listitem> 252 252 <para>is used to format text files (lowercases all words, 253 removes control echaracters and sorts the lists).</para>253 removes control characters and sorts the lists).</para> 254 254 <indexterm zone="cracklib cracklib-format"> 255 255 <primary sortas="b-cracklib-format">cracklib-format</primary> -
postlfs/security/gpgme.xml
rf136bce r45db70f 10 10 <!ENTITY gpgme-size "1.2 MB"> 11 11 <!ENTITY gpgme-buildsize "134 MB (with all bindings, add 1 MB for tests)"> 12 <!ENTITY gpgme-time "1.3 SBU (with all bindings i, add 1.3 SBU for tests)">12 <!ENTITY gpgme-time "1.3 SBU (with all bindings, add 1.3 SBU for tests)"> 13 13 ]> 14 14 -
postlfs/security/linux-pam.xml
rf136bce r45db70f 310 310 EOF</userinput></screen> 311 311 312 <para>The remaining generic file depends on whe ather <xref linkend="cracklib"/>312 <para>The remaining generic file depends on whether <xref linkend="cracklib"/> 313 313 is installed. If it is installed, use:</para> 314 314 -
postlfs/security/nettle.xml
rf136bce r45db70f 146 146 <listitem> 147 147 <para> 148 cal ulates a hash value using a specified algorithm.148 calculates a hash value using a specified algorithm. 149 149 </para> 150 150 <indexterm zone="nettle nettle-hash"> -
postlfs/security/nss.xml
rf136bce r45db70f 226 226 database (<filename>/usr/lib/libnssckbi.so</filename>), the 227 227 <filename>make-ca.sh</filename> script, incldued on the 228 <xref linkend="cacerts"/> page, will ge rnerate a system wide NSS DB.</para>228 <xref linkend="cacerts"/> page, will generate a system wide NSS DB.</para> 229 229 230 230 </sect2> -
postlfs/security/openssh.xml
rf136bce r45db70f 36 36 <para> 37 37 The <application>OpenSSH</application> package contains 38 <command>ssh</command> clients and the <command>sshd</command> daemon. This39 is useful for encrypting authentication and subsequent traffic over a40 network. The <command>ssh</command> and <command>scp</command> commands are41 secure implementions of <command>telnet</command> and <command>rcp</command>42 respectively.38 <command>ssh</command> clients and the <command>sshd</command> daemon. 39 This is useful for encrypting authentication and subsequent traffic over 40 a network. The <command>ssh</command> and <command>scp</command> commands 41 are secure implementations of <command>telnet</command> and 42 <command>rcp</command> respectively. 43 43 </para> 44 44 … … 157 157 <command>scp</command> program to 158 158 <filename class="directory">/usr/bin</filename>, making sure that you 159 back 159 backup any existing copy first. 160 160 </para> 161 161 -
postlfs/security/openssl.xml
rf136bce r45db70f 35 35 The <application>OpenSSL</application> package contains management tools 36 36 and libraries relating to cryptography. These are useful for providing 37 cryptograph yfunctions to other packages, such as37 cryptographic functions to other packages, such as 38 38 <application>OpenSSH</application>, email applications and web browsers 39 39 (for accessing HTTPS sites). -
postlfs/security/stunnel.xml
rf136bce r45db70f 271 271 272 272 <para revision="systemd">To start the <command>stunnel</command> 273 daemon at boot, ena lbe the previously installed273 daemon at boot, enable the previously installed 274 274 <application>systemd</application> unit by running the following command 275 275 as the <systemitem class="username">root</systemitem> user:</para>
Note:
See TracChangeset
for help on using the changeset viewer.