|
![](/i/fill.gif) |
On Thu, 15 Sep 2011 09:12:03 +0100, Invisible wrote:
>>>>> In seriousness, manpages are, by definition, *reference*
>>>>> documentation. What the standard Unix system lacks entirely is any
>>>>> kind of *explanation*.
>>>>
>>>> Depends on the manpage.
>>>
>>> No, pretty much all of them list the command options, and that's it.
>>
>> So I'm lying, then, is that it?
>
> OK, let me put it this way: I've never seen any manpage which is
> anything more than a terse summary of command switches with an
> incomplete description of what they do. The most in-depth manpage I've
> seen is for Bash, which is still only a reference document, not an
> introductory tutorial.
Man pages are not intended to be tutorials. They're manual pages.
Ever read the Windows manual? It's not a tutorial on how to use Windows,
it's a description of what Windows is and its features/functionality.
> It seems to be that the /purpose/ of a manpage is to be a reference
> document. Which is what you want when you're trying to remember the name
> of the command switch that turns on the feature you want. But it's
> useless when you're trying to figure out how to use a tool you've never
> used before...
And when you're looking for configuration options, a reference is
generally what people turn to.
> Then again, sometimes the manpage just says "use info". And then you had
> /another/ problem...
Well, no, it's not *another* problem - you just need to use the info
command instead.
>> It doesn't say anything about CHAP. I'm pretty sure it also doesn't
>> change the password encryption method from AES to Triple-DES as well.
>> It's not likely to document everything it *doesn't* do, just what it
>> *does* do.
>
> So even with this line, people can *still* authenticate by password.
Not to the best of my knowledge. On my systems, if I try to use password
authentication, the system tells me that only public key authentication
is enabled.
> Hence my original statement that it's difficult to turn off all the ways
> that users can get in with a password.
No, it's trivial. My server is in fact a perfect example of that.
>>> I thought the host key is how the server identifies itself to you, not
>>> how you identify yourself to the server?
>>
>> Host keys aren't very commonly used AFAIK.
>
> All three of the SFTP systems we use commercially have them.
A sample size of 3 isn't exactly data supporting "commonly used". I've
used sftp systems that don't use them at all, and just use ssh as a way
of tunneling ftp data securely.
>>> At any rate, it's news to me that you can create a ~/.ssh folder and
>>> sshd will actually take note of this. I don't recall the manpage
>>> mentioning this at all.
>>
>> It's always been that way. The cited bit above is from the man page
>> and says pretty explicitly that the user's keys are in ~/.ssh
>
> OK. So now I'm wondering how come I never saw this information
> anywhere...
Beats me.
Jim
Post a reply to this message
|
![](/i/fill.gif) |