diff options
-rw-r--r-- | docs/configuration/container/index.rst | 2 | ||||
-rw-r--r-- | docs/configuration/firewall/index.rst | 2 | ||||
-rw-r--r-- | docs/configuration/protocols/rpki.rst | 12 |
3 files changed, 9 insertions, 7 deletions
diff --git a/docs/configuration/container/index.rst b/docs/configuration/container/index.rst index e63ac2c9..988b425b 100644 --- a/docs/configuration/container/index.rst +++ b/docs/configuration/container/index.rst @@ -117,7 +117,7 @@ Configuration Add a host device to the container. -.. cfgcmd:: set container name <name> cap-add <text> +.. cfgcmd:: set container name <name> capability <text> Set container capabilities or permissions. diff --git a/docs/configuration/firewall/index.rst b/docs/configuration/firewall/index.rst index 5d9190d6..44e0cd20 100644 --- a/docs/configuration/firewall/index.rst +++ b/docs/configuration/firewall/index.rst @@ -163,7 +163,7 @@ Zone-based firewall zone -With zone-based firewalls a new concept was implemented, in addtion to the +With zone-based firewalls a new concept was implemented, in addition to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in diff --git a/docs/configuration/protocols/rpki.rst b/docs/configuration/protocols/rpki.rst index aeb2941b..acce2d56 100644 --- a/docs/configuration/protocols/rpki.rst +++ b/docs/configuration/protocols/rpki.rst @@ -140,11 +140,13 @@ Configuration SSH === -Connections to the RPKI caching server can not only be established by HTTP/TLS -but you can also rely on a secure SSH session to the server. To enable SSH, -first you need to create an SSH client keypair using ``generate ssh -client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup -the connection. +Connections to the RPKI caching server can not only be established by TCP using +the RTR protocol but you can also rely on a secure SSH session to the server. +This provides transport integrity and confidentiality and it is a good idea if +your validation software supports it. To enable SSH, first you need to create +an SSH client keypair using ``generate ssh client-key +/config/auth/id_rsa_rpki``. Once your key is created you can setup the +connection. .. cfgcmd:: set protocols rpki cache <address> ssh username <user> |