mirror of
https://github.com/YunoHost/doc.git
synced 2024-09-03 20:06:26 +02:00
fix some typos
This commit is contained in:
parent
a9b4e7ac4a
commit
4df1446873
2 changed files with 9 additions and 7 deletions
|
@ -1,6 +1,6 @@
|
|||
# Security
|
||||
|
||||
YunoHost has been developed to provide the best security without too much complication. Every protocol used in YunoHost are **encrypted**, only password's hash are stored and by default each user is able to access to his personal directory only.
|
||||
YunoHost has been developed to provide the best security without too much complication. Every protocol used in YunoHost are **encrypted**, only password's hashs are stored and by default each user is able to access to his personal directory only.
|
||||
|
||||
Two things remain important to note:
|
||||
|
||||
|
@ -61,7 +61,7 @@ nano /etc/ssh/sshd_config
|
|||
Port 22 # to replace by 9777 for example
|
||||
```
|
||||
|
||||
**Open the port** in firewall (you can use -6 option to limit forbid ipv4 connexion)
|
||||
**Open the port** in firewall (you can use `-6` option to deny ipv4 connection)
|
||||
```bash
|
||||
yunohost firewall allow TCP 9777
|
||||
```
|
||||
|
@ -102,7 +102,7 @@ Finally you have to restart fail2ban in order to apply the new configuration
|
|||
systemctl restart fail2ban.service
|
||||
```
|
||||
|
||||
**For the next SSH connections ** you need to add the `-p` option followed by the SSH port number.
|
||||
**For the next SSH connections **, you need to add the `-p` option followed by the SSH port number.
|
||||
|
||||
**Sample**:
|
||||
|
||||
|
@ -147,7 +147,8 @@ systemctl restart ssh
|
|||
---
|
||||
|
||||
### Disable YunoHost API
|
||||
YunoHost administration is accessible through an **HTTP API**, served on the 6787 port by default. It can be used to administrate a lot of things on your server, so malicious actors can also use it to damage your server. The best thing to do, if you know how to use the [command-line interface](/commandline), is to deactivate the `yunohost-api` service.
|
||||
YunoHost administration is accessible through an **HTTP API**, served on the
|
||||
6787 port by default (only on `localhost`). It can be used to administrate a lot of things on your server, so malicious actors can also use it to damage your server. The best thing to do, if you know how to use the [command-line interface](/commandline), is to deactivate the `yunohost-api` service.
|
||||
|
||||
```bash
|
||||
sudo service yunohost-api stop
|
||||
|
|
|
@ -72,7 +72,7 @@ nano /etc/ssh/sshd_config
|
|||
Port 22 # à remplacer par exemple par 9777
|
||||
```
|
||||
|
||||
**Ouvrez le port** choisi dans le parefeu (vous pouvez utiliser l'option -6 pour interdire la connexion via ipv4)
|
||||
**Ouvrez le port** choisi dans le parefeu (vous pouvez utiliser l'option `-6` pour interdire la connexion via ipv4)
|
||||
|
||||
```bash
|
||||
yunohost firewall allow TCP <votre_numero_de_port_ssh>
|
||||
|
@ -115,7 +115,7 @@ Il reste enfin à relancer fail2ban pour prendre en compte la nouvelle configura
|
|||
systemctl restart fail2ban.service
|
||||
```
|
||||
|
||||
**Pour les prochaines connexions SSH** il faudra ajouter l’option -p suivie du numéro de port SSH.
|
||||
**Pour les prochaines connexions SSH**, il faudra ajouter l’option `-p` suivie du numéro de port SSH.
|
||||
|
||||
**Exemple** :
|
||||
|
||||
|
@ -162,7 +162,8 @@ systemctl restart ssh
|
|||
|
||||
### Désactivation de l’API YunoHost
|
||||
|
||||
YunoHost est administrable via une **API HTTP**, servie sur le port 6787 par défaut. Elle permet d’administrer une grande partie de votre serveur, et peut donc être utilisée à des **fins malveillantes**. La meilleure chose à faire si vous êtes habitués aux lignes de commande est de désactiver le service `yunohost-api`, et **utiliser la [ligne de commande](/commandline_fr)** en SSH.
|
||||
YunoHost est administrable via une **API HTTP**, servie sur le port 6787 par
|
||||
défaut (seulement sur `localhost`). Elle permet d’administrer une grande partie de votre serveur, et peut donc être utilisée à des **fins malveillantes**. La meilleure chose à faire si vous êtes habitués aux lignes de commande est de désactiver le service `yunohost-api`, et **utiliser la [ligne de commande](/commandline_fr)** en SSH.
|
||||
|
||||
```bash
|
||||
sudo service yunohost-api stop
|
||||
|
|
Loading…
Add table
Reference in a new issue