- Timestamp:
- 02/19/2014 08:16:20 PM (10 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 6392ac9
- Parents:
- 57cd9b8b
- Location:
- postlfs/security
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/cyrus-sasl.xml
r57cd9b8b r8ba08b56 40 40 </para> 41 41 42 &lfs7 4_checked;42 &lfs75_checked; 43 43 44 44 <bridgehead renderas="sect3">Package Information</bridgehead> … … 119 119 <title>Installation of Cyrus SASL</title> 120 120 121 <note> 122 <para> 123 This package does not support parallel build. 124 </para> 125 </note> 126 121 127 <para> 122 128 Install <application>Cyrus SASL</application> by … … 133 139 --enable-auth-sasldb \ 134 140 --with-dbpath=/var/lib/sasl/sasldb2 \ 135 --with-saslauthd=/var/run/saslauthd \ 136 CFLAGS=-fPIC 141 --with-saslauthd=/var/run/saslauthd && 137 142 make</userinput></screen> 138 143 -
postlfs/security/mitkrb.xml
r57cd9b8b r8ba08b56 39 39 </para> 40 40 41 &lfs7 4_checked;41 &lfs75_checked; 42 42 43 43 <bridgehead renderas="sect3">Package Information</bridgehead> -
postlfs/security/openssh.xml
r57cd9b8b r8ba08b56 6 6 7 7 <!ENTITY openssh-download-http 8 "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">8 "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz"> 9 9 <!ENTITY openssh-download-ftp 10 "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">10 "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz"> 11 11 <!ENTITY openssh-md5sum "a084e7272b8cbd25afe0f5dce4802fef"> 12 12 <!ENTITY openssh-size "1.3 MB"> … … 33 33 <title>Introduction to OpenSSH</title> 34 34 35 <para>36 The <application>OpenSSH</application> package contains37 <command>ssh</command> clients and the <command>sshd</command> daemon. This38 is useful for encrypting authentication and subsequent traffic over a39 network. The <command>ssh</command> and <command>scp</command> commands are40 secure implementions of <command>telnet</command> and <command>rcp</command>41 respectively.42 </para>43 44 &lfs75_checked;35 <para> 36 The <application>OpenSSH</application> package contains 37 <command>ssh</command> clients and the <command>sshd</command> daemon. This 38 is useful for encrypting authentication and subsequent traffic over a 39 network. The <command>ssh</command> and <command>scp</command> commands are 40 secure implementions of <command>telnet</command> and <command>rcp</command> 41 respectively. 42 </para> 43 44 &lfs75_checked; 45 45 46 46 <bridgehead renderas="sect3">Package Information</bridgehead> … … 101 101 102 102 <para condition="html" role="usernotes"> 103 User Notes: <ulink url= '&blfs-wiki;/OpenSSH'/>103 User Notes: <ulink url="&blfs-wiki;/OpenSSH"/> 104 104 </para> 105 105 </sect2> … … 130 130 <screen><userinput>./configure --prefix=/usr \ 131 131 --sysconfdir=/etc/ssh \ 132 --datadir=/usr/share/sshd \133 132 --with-md5-passwords \ 134 133 --with-privsep-path=/var/lib/sshd && … … 183 182 configuration files from being installed in 184 183 <filename class="directory">/usr/etc</filename>. 185 </para>186 187 <para>188 <parameter>--datadir=/usr/share/sshd</parameter>: This switch puts the189 Ssh.bin file (used for SmartCard authentication) in190 <filename class="directory">/usr/share/sshd</filename>.191 184 </para> 192 185 -
postlfs/security/stunnel.xml
r57cd9b8b r8ba08b56 39 39 to the server package source code.</para> 40 40 41 &lfs7 4_checked;41 &lfs75_checked; 42 42 43 43 <bridgehead renderas="sect3">Package Information</bridgehead> … … 98 98 created a signed SSL Certificate you wish to use, copy it to 99 99 <filename>/etc/stunnel/stunnel.pem</filename> before starting the build 100 (ensure only <systemitem class= 'username'>root</systemitem> has read and100 (ensure only <systemitem class="username">root</systemitem> has read and 101 101 write access), otherwise you will be 102 102 prompted to create one during the installation process. The 103 <filename class= 'extension'>.pem</filename> file must be formatted as103 <filename class="extension">.pem</filename> file must be formatted as 104 104 shown below:</para> 105 105 … … 121 121 --sysconfdir=/etc \ 122 122 --localstatedir=/var \ 123 --disable- libwrap&&123 --disable-fips && 124 124 make</userinput></screen> 125 125 … … 135 135 <title>Command Explanations</title> 136 136 137 <para><parameter>--sysconfdir=/etc</parameter>: This parameter forces 138 the configuration directory to <filename class='directory'>/etc</filename> 139 instead of <filename class='directory'>/usr/etc</filename>.</para> 140 141 <para><parameter>--localstatedir=/var</parameter>: This parameter 142 sets the installation to use 143 <filename class='directory'>/var/lib/stunnel</filename> instead of 144 creating and using 145 <filename class='directory'>/usr/var/stunnel</filename>.</para> 146 147 <para><parameter>--disable-libwrap</parameter>: This parameter is required 148 if you don't have <application>tcpwrappers</application> installed. Remove 149 the parameter if <application>tcpwrappers</application> is installed.</para> 137 <para><parameter>--disable-fips</parameter>: This switch disables FIPS support 138 which will cause <application>Stunnel</application> to fail to start if 139 it is enabled.</para> 150 140 151 141 <para><command>make docdir=... install</command>: This command installs the … … 153 143 naming conventions and, if you did not copy an 154 144 <filename>stunnel.pem</filename> file to the 155 <filename class= 'directory'>/etc/stunnel</filename> directory, prompts you145 <filename class="directory">/etc/stunnel</filename> directory, prompts you 156 146 for the necessary information to create one. Ensure you reply to the</para> 157 147 … … 182 172 <para>As the <systemitem class="username">root</systemitem> user, 183 173 create the directory used for the 184 <filename class= 'extension'>.pid</filename> file that is created174 <filename class="extension">.pid</filename> file that is created 185 175 when the <application>stunnel</application> daemon starts:</para> 186 176 187 <screen role="root"><userinput>install -v -m750 -o stunnel -g stunnel -d /var/lib/stunnel/run</userinput></screen> 177 <screen role="root"><userinput>install -v -m750 -o stunnel -g stunnel -d /var/lib/stunnel/run && 178 chown stunnel:stunnel /var/lib/stunnel</userinput></screen> 188 179 189 180 <para>Next, create a basic <filename>/etc/stunnel/stunnel.conf</filename>
Note:
See TracChangeset
for help on using the changeset viewer.