Changeset View
Changeset View
Standalone View
Standalone View
share/man/man7/security.7
| Show All 22 Lines | |||||
| .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
| .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||||
| .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||||
| .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||||
| .\" SUCH DAMAGE. | .\" SUCH DAMAGE. | ||||
| .\" | .\" | ||||
| .\" $FreeBSD$ | .\" $FreeBSD$ | ||||
| .\" | .\" | ||||
| .Dd December 11, 2019 | .Dd February 3, 2020 | ||||
| .Dt SECURITY 7 | .Dt SECURITY 7 | ||||
| .Os | .Os | ||||
| .Sh NAME | .Sh NAME | ||||
| .Nm security | .Nm security | ||||
| .Nd introduction to security under FreeBSD | .Nd introduction to security under FreeBSD | ||||
| .Sh DESCRIPTION | .Sh DESCRIPTION | ||||
| Security is a function that begins and ends with the system administrator. | Security is a function that begins and ends with the system administrator. | ||||
| While all | While all | ||||
| ▲ Show 20 Lines • Show All 227 Lines • ▼ Show 20 Lines | |||||
| the machine you are logging in | the machine you are logging in | ||||
| .Em from | .Em from | ||||
| (typically your workstation), | (typically your workstation), | ||||
| but you can | but you can | ||||
| also add an additional layer of protection to the key pair by password | also add an additional layer of protection to the key pair by password | ||||
| protecting the keypair when you create it with | protecting the keypair when you create it with | ||||
| .Xr ssh-keygen 1 . | .Xr ssh-keygen 1 . | ||||
| Being able | Being able | ||||
| to *-out the passwords for staff accounts also guarantees that staff members | to star-out the passwords for staff accounts also guarantees that staff | ||||
| can only log in through secure access methods that you have set up. | members can only log in through secure access methods that you have set up. | ||||
| You can | You can | ||||
| thus force all staff members to use secure, encrypted connections for | thus force all staff members to use secure, encrypted connections for | ||||
| all their sessions which closes an important hole used by many intruders: that | all their sessions which closes an important hole used by many intruders: that | ||||
| of sniffing the network from an unrelated, less secure machine. | of sniffing the network from an unrelated, less secure machine. | ||||
| .Pp | .Pp | ||||
| The more indirect security mechanisms also assume that you are logging in | The more indirect security mechanisms also assume that you are logging in | ||||
| from a more restrictive server to a less restrictive server. | from a more restrictive server to a less restrictive server. | ||||
| For example, | For example, | ||||
| ▲ Show 20 Lines • Show All 811 Lines • Show Last 20 Lines | |||||