Changeset View
Changeset View
Standalone View
Standalone View
share/man/man7/security.7
Show All 22 Lines | |||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||||
.\" SUCH DAMAGE. | .\" SUCH DAMAGE. | ||||
.\" | .\" | ||||
.\" $FreeBSD$ | .\" $FreeBSD$ | ||||
.\" | .\" | ||||
.Dd December 11, 2019 | .Dd February 3, 2020 | ||||
.Dt SECURITY 7 | .Dt SECURITY 7 | ||||
.Os | .Os | ||||
.Sh NAME | .Sh NAME | ||||
.Nm security | .Nm security | ||||
.Nd introduction to security under FreeBSD | .Nd introduction to security under FreeBSD | ||||
.Sh DESCRIPTION | .Sh DESCRIPTION | ||||
Security is a function that begins and ends with the system administrator. | Security is a function that begins and ends with the system administrator. | ||||
While all | While all | ||||
▲ Show 20 Lines • Show All 227 Lines • ▼ Show 20 Lines | |||||
the machine you are logging in | the machine you are logging in | ||||
.Em from | .Em from | ||||
(typically your workstation), | (typically your workstation), | ||||
but you can | but you can | ||||
also add an additional layer of protection to the key pair by password | also add an additional layer of protection to the key pair by password | ||||
protecting the keypair when you create it with | protecting the keypair when you create it with | ||||
.Xr ssh-keygen 1 . | .Xr ssh-keygen 1 . | ||||
Being able | Being able | ||||
to *-out the passwords for staff accounts also guarantees that staff members | to star-out the passwords for staff accounts also guarantees that staff | ||||
can only log in through secure access methods that you have set up. | members can only log in through secure access methods that you have set up. | ||||
You can | You can | ||||
thus force all staff members to use secure, encrypted connections for | thus force all staff members to use secure, encrypted connections for | ||||
all their sessions which closes an important hole used by many intruders: that | all their sessions which closes an important hole used by many intruders: that | ||||
of sniffing the network from an unrelated, less secure machine. | of sniffing the network from an unrelated, less secure machine. | ||||
.Pp | .Pp | ||||
The more indirect security mechanisms also assume that you are logging in | The more indirect security mechanisms also assume that you are logging in | ||||
from a more restrictive server to a less restrictive server. | from a more restrictive server to a less restrictive server. | ||||
For example, | For example, | ||||
▲ Show 20 Lines • Show All 811 Lines • Show Last 20 Lines |