[deployment-guide/comm-rel: 27/41] Updated the Requiring SSH for Remote Connections section.

dsilas dsilas at fedoraproject.org
Fri Jul 16 08:54:09 UTC 2010 

commit 5913dd63921ae7ee9ff8f0aaf9c778d161df21dd
Author: Jaromir Hradilek <jhradile at redhat.com>
Date:   Wed Jul 14 12:41:49 2010 +0200

    Updated the Requiring SSH for Remote Connections section.

 en-US/OpenSSH.xml |   35 ++++++++---------------------------
 1 files changed, 8 insertions(+), 27 deletions(-)
---
diff --git a/en-US/OpenSSH.xml b/en-US/OpenSSH.xml
index b5e6ad2..252b593 100644
--- a/en-US/OpenSSH.xml
+++ b/en-US/OpenSSH.xml
@@ -521,36 +521,17 @@ It is also possible that the RSA host key has just been changed.</screen>
         <secondary>requiring for remote login</secondary>
       </indexterm>
       <para>
-        For SSH to be truly effective, using insecure connection protocols, such as Telnet and FTP, should be prohibited. Otherwise, a user's password may be protected using SSH for one session, only to be captured later while logging in using Telnet.
+        For SSH to be truly effective, using insecure connection protocols should be prohibited. Otherwise, a user's password may be protected using SSH for one session, only to be captured later while logging in using Telnet. Some services to disable include <command>telnet</command>, <command>rsh</command>, <command>rlogin</command>, and <command>vsftpd</command>.
       </para>
       <para>
-        Some services to disable include:
+        To disable these services, type the following commands at a shell prompt:
       </para>
-      <itemizedlist>
-        <listitem>
-          <para>
-            <command>telnet</command>
-          </para>
-        </listitem>
-        <listitem>
-          <para>
-            <command>rsh</command>
-          </para>
-        </listitem>
-        <listitem>
-          <para>
-            <command>rlogin</command>
-          </para>
-        </listitem>
-        <listitem>
-          <para>
-            <command>vsftpd</command>
-          </para>
-        </listitem>
-      </itemizedlist>
-      <para>To disable insecure connection methods to the system, use the command line program <command>chkconfig</command>, the ncurses-based program <application>/usr/sbin/ntsysv</application>, or the <application>Services Configuration Tool</application> (<command>system-config-services</command>) graphical application. All of these tools require root level access.</para>
-      <para lang="en-US,as-IN,bn-IN,gu-IN,hi-IN,kn-IN,ml-IN,mr-IN,or-IN,pa-IN,si-LK,ta-IN,te-IN">
-        For more information on runlevels and configuring services with <command>chkconfig</command>, <application>/usr/sbin/ntsysv</application>, and the <application>Services Configuration Tool</application>, refer to <xref linkend="ch-Controlling_Access_to_Services" />.
+      <screen>~]# <command>chkconfig telnet off</command>
+~]# <command>chkconfig rsh off</command>
+~]# <command>chkconfig rlogin off</command>
+~]# <command>chkconfig vsftpd off</command></screen>
+      <para>
+        For more information on runlevels and configuring services in general, refer to <xref linkend="ch-Controlling_Access_to_Services" />.
       </para>
     </section>
   </section>

More information about the docs-commits mailing list