svn commit: r49804 - head/ja_JP.eucJP/books/handbook/security
Ryusuke SUZUKI
ryusuke at FreeBSD.org
Sun Jan 8 14:00:28 UTC 2017
Author: ryusuke
Date: Sun Jan 8 14:00:26 2017
New Revision: 49804
URL: https://svnweb.freebsd.org/changeset/doc/49804
Log:
- Merge the following from the English version:
r18074 -> r18103 head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified:
head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml
==============================================================================
--- head/ja_JP.eucJP/books/handbook/security/chapter.xml Sun Jan 8 13:02:26 2017 (r49803)
+++ head/ja_JP.eucJP/books/handbook/security/chapter.xml Sun Jan 8 14:00:26 2017 (r49804)
@@ -3,7 +3,7 @@
The FreeBSD Documentation Project
The FreeBSD Japanese Documentation Project
- Original revision: r18074
+ Original revision: r18103
$FreeBSD$
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="security">
@@ -24,7 +24,7 @@
<para>¤³¤Î¾Ï¤Ç¤Ï¡¢´ðËÜŪ¤Ê¥·¥¹¥Æ¥à¥»¥¥å¥ê¥Æ¥£¤Î¹Í¤¨Êý¡¢
³Ð¤¨¤Æ¤ª¤¯¤Ù¤°ìÈÌŪ¤Ê¥ë¡¼¥ë¤ò¾Ò²ð¤·¡¢
- FreeBSD ¤Ë¤ª¤±¤ë¹âÅÙ¤ÊÏÃÂê¤Ë¤Ä¤¤¤Æ´Êñ¤ËÀâÌÀ¤·¤Þ¤¹
+ &os; ¤Ë¤ª¤±¤ë¹âÅÙ¤ÊÏÃÂê¤Ë¤Ä¤¤¤Æ´Êñ¤ËÀâÌÀ¤·¤Þ¤¹
¤³¤³¤Ç°·¤¦ÏÃÂê¤Î¿¤¯¤Ï¡¢
°ìÈÌŪ¤Ê¥·¥¹¥Æ¥à¤ä¥¤¥ó¥¿¡¼¥Í¥Ã¥È¥»¥¥å¥ê¥Æ¥£¤Ë¤â¤¢¤Æ¤Ï¤Þ¤ê¤Þ¤¹¡£
¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Ï¤â¤Ï¤ä¡¢Ã¯¤â¤¬¿ÆÀÚ¤ÊÎٿͤǤ¢¤í¤¦¤È¤¹¤ë
@@ -40,13 +40,13 @@
<itemizedlist>
<listitem>
- <para>FreeBSD
+ <para>&os;
¤Ë´Ø¤¹¤ë´ðËÜŪ¤Ê¥·¥¹¥Æ¥à¥»¥¥å¥ê¥Æ¥£¤Î¹Í¤¨Êý</para>
</listitem>
<listitem>
- <para>DES ¤ä MD5 ¤Î¤è¤¦¤Ê¡¢FreeBSD
- ¤ÇÍøÍѤǤ¤ë¤µ¤Þ¤¶¤Þ¤Ê°Å¹æ²½¼êË¡¤Ë¤Ä¤¤¤Æ</para>
+ <para><acronym>DES</acronym> ¤ä <acronym>MD5</acronym> ¤Î¤è¤¦¤Ê¡¢
+ &os; ¤ÇÍøÍѤǤ¤ë¤µ¤Þ¤¶¤Þ¤Ê°Å¹æ²½¼êË¡¤Ë¤Ä¤¤¤Æ</para>
</listitem>
<listitem>
@@ -54,26 +54,32 @@
</listitem>
<listitem>
- <para>¤â¤¦°ì¤Ä¤ÎÂåÂØǧ¾Ú¥·¥¹¥Æ¥à Kerberos ¤ÎÀßÄêÊýË¡</para>
+ <para>&os; 5.0 ¤è¤êÁ°¤Î¥ê¥ê¡¼¥¹¤Ë¤ª¤±¤ë¡¢
+ <application>KerberosIV</application> ¤ÎÀßÄêÊýË¡</para>
</listitem>
<listitem>
- <para>IPFW ¤Ç firewall ¤ò¹½ÃÛ¤¹¤ëÊýË¡</para>
+ <para>&os; 5.0 °Ê¹ß¤Î¥ê¥ê¡¼¥¹¤Ë¤ª¤±¤ë¡¢
+ <application>Kerberos5</application> ¤ÎÀßÄêÊýË¡</para>
</listitem>
<listitem>
- <para>IPsec ¤ª¤è¤Ó FreeBSD/&windows; ¥³¥ó¥Ô¥å¡¼¥¿¤Î´Ö¤Ç VPN
- ¤ÎÀßÄêÊýË¡</para>
+ <para><acronym>IPFW</acronym> ¤Ç¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ò¹½ÃÛ¤¹¤ëÊýË¡</para>
</listitem>
<listitem>
- <para>FreeBSD ¤Ç»È¤ï¤ì¤Æ¤¤¤ë SSH ¼ÂÁõ¤Ç¤¢¤ë
+ <para>IPsec ¤ª¤è¤Ó FreeBSD/&windows; ¥³¥ó¥Ô¥å¡¼¥¿¤Î´Ö¤Ç
+ <acronym>VPN</acronym> ¤ÎÀßÄêÊýË¡</para>
+ </listitem>
+
+ <listitem>
+ <para>&os; ¤Ç»È¤ï¤ì¤Æ¤¤¤ë <acronym>SSH</acronym> ¤Ç¤¢¤ë
<application>OpenSSH</application> ¤ÎÀßÄꤪ¤è¤Ó»ÈÍÑÊýË¡</para>
</listitem>
<!--
<listitem>
<para>How to configure and load access control extension
- modules using the TrustedBSD MAC Framework.</para>
+ modules using the TrustedBSD <acronym>MAC</acronym> Framework.</para>
</listitem>
-->
@@ -87,7 +93,7 @@
<itemizedlist>
<listitem>
- <para>FreeBSD ¤ª¤è¤Ó¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î´ðËܳµÇ°¤ÎÍý²ò</para>
+ <para>&os; ¤ª¤è¤Ó¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î´ðËܳµÇ°¤ÎÍý²ò</para>
</listitem>
</itemizedlist>
@@ -461,7 +467,7 @@
¥¹¥Æ¡¼¥·¥ç¥ó¤ä¥µ¡¼¥Ð¤Ø¤ÎʪÍýŪ¥¢¥¯¥»¥¹¼êÃʤò»ý¤¿¤Ê¤¤¿Í¡¹¤Ë¤è¤Ã
¤Æ¹Ô¤ï¤ì¤ë¤È¤¤¤¦»ö¼Â¤â¤Þ¤¿¡¢Ç°Æ¬¤ËÃÖ¤¤¤Æ¤ª¤¯É¬Íפ¬¤¢¤ê¤Þ¤¹¡£
</para>
- <indexterm><primary>Kerberos</primary></indexterm>
+ <indexterm><primary>KerberosIV</primary></indexterm>
<para>Kerberos ¤Î¤è¤¦¤ÊÊýË¡¤ò»È¤¦¤³¤È¤Ç¡¢
¥¹¥¿¥Ã¥Õ¥¢¥«¥¦¥ó¥È¤Î¥Ñ
@@ -1001,7 +1007,7 @@
<sect2>
<title>Kerberos ¤ª¤è¤Ó SSH ¤òÍѤ¤¤¿¥¢¥¯¥»¥¹¤ÎÌäÂê</title>
<indexterm><primary><command>ssh</command></primary></indexterm>
- <indexterm><primary>Kerberos</primary></indexterm>
+ <indexterm><primary>KerberosIV</primary></indexterm>
<para>¤â¤·¤¢¤Ê¤¿¤¬¡¢Kerberos ¤È ssh ¤ò»È¤¤¤¿¤¤¤Î¤À¤È¤·¤¿¤é¡¢
ξ¼Ô¤Ë´Ø¤·¤Æ¸À¤Ã¤Æ¤ª¤«¤Í¤Ð¤Ê¤é¤Ê¤¤ÌäÂ꤬¤¤¤¯¤Ä¤«¤¢¤ê¤Þ¤¹¡£
@@ -1603,8 +1609,8 @@ permit port ttyd0</programlisting>
</sect2>
</sect1>
- <sect1 xml:id="kerberos">
- <info><title>Kerberos</title>
+ <sect1 xml:id="kerberosIV">
+ <info><title>KerberosIV</title>
<authorgroup>
<author><personname><firstname>Mark</firstname><surname>Murray</surname></personname><contrib>´ó¹Æ: </contrib></author>
</authorgroup>
@@ -1633,14 +1639,14 @@ permit port ttyd0</programlisting>
¤Ç¤·¤ç¤¦¡£</para>
<sect2>
- <title>Kerberos ¤Î¥¤¥ó¥¹¥È¡¼¥ë</title>
+ <title>KerberosIV ¤Î¥¤¥ó¥¹¥È¡¼¥ë</title>
<indexterm><primary>MIT</primary></indexterm>
<indexterm>
- <primary>Kerberos</primary>
+ <primary>KerberosIV</primary>
<secondary>¥¤¥ó¥¹¥È¡¼¥ë</secondary>
</indexterm>
- <para>Kerberos ¤ÏÁªÂò¤¬Ç¤°Õ¤Ê FreeBSD ¤Î¥³¥ó¥Ý¡¼¥Í¥ó¥È¤Ç¤¹¡£
+ <para>Kerberos ¤ÏÁªÂò¤¬Ç¤°Õ¤Ê &os; ¤Î¥³¥ó¥Ý¡¼¥Í¥ó¥È¤Ç¤¹¡£
¤â¤Ã¤È¤â´Êñ¤Ê¥¤¥ó¥¹¥È¡¼¥ëÊýË¡¤Ï¡¢FreeBSD
¤Î¥¤¥ó¥¹¥È¡¼¥ë»þ¤Ë <application>sysinstall</application>
¤Ç <literal>krb4</literal> ¤Þ¤¿¤Ï <literal>krb5</literal>
@@ -1766,6 +1772,11 @@ Master key entered. BEWARE!</screen>
<sect2>
<title>¤¹¤Ù¤Æ¤¬Æ°¤¯¤è¤¦¤Ë¤¹¤ë¤¿¤á¤ÎÀßÄê</title>
+ <indexterm>
+ <primary>KerberosIV</primary>
+ <secondary>½é´üÀßÄê</secondary>
+ </indexterm>
+
<para>Kerberos¤òƳÆþ¤¹¤ë <emphasis>¤½¤ì¤¾¤ì¤Î</emphasis>
¥·¥¹¥Æ¥à¤Î¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ë¡¢2¤Ä ¤Îprincipal (¼çÂÎ̾)
¤òÄɲ乤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£¤½¤Î̾Á°¤Ï
@@ -1992,7 +2003,7 @@ Password changed.</screen>
¤È¤¤¤¦¥¤¥ó¥¹¥¿¥ó¥¹¤Ë ¤è¤Ã¤ÆÀ©¸æ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
<command>kdb_edit</command>¤òÍѤ¤¤Æ
<literal>jane.root</literal>¤È¤¤¤¦¥¨¥ó¥È¥ê¤ò
- Kerberos¥Ç¡¼¥¿¥Ù¡¼¥¹¤ËºîÀ®¤·¤Þ¤¹¡£</para>
+ Kerberos ¥Ç¡¼¥¿¥Ù¡¼¥¹¤ËºîÀ®¤·¤Þ¤¹¡£</para>
<screen>&prompt.root; <userinput>kdb_edit</userinput>
Opening database...
@@ -2123,6 +2134,896 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
</sect2>
</sect1>
+ <sect1 xml:id="kerberos5">
+ <info><title><application>Kerberos5</application></title>
+ <authorgroup>
+ <author>
+ <personname>
+ <firstname>Tillman</firstname>
+ <surname>Hodgson</surname>
+ </personname>
+ <contrib>´ó¹Æ: </contrib>
+ </author>
+ </authorgroup>
+ <authorgroup>
+ <author>
+ <personname>
+ <firstname>Mark</firstname>
+ <surname>Murray</surname>
+ </personname>
+ <contrib>´ð¤Ë¤·¤¿Ê¸½ñ¤Î¼¹É®: </contrib>
+ </author>
+ </authorgroup>
+ </info>
+
+ <para>&os;-5.1 ¥ê¥ê¡¼¥¹°Ê¹ß¤Î¤¹¤Ù¤Æ¤Î &os; ¤Ë¤Ï¡¢
+ <application>Kerberos5</application> ¤Î¤ß¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£
+ <application>Kerberos5</application>
+ ¤Ï¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ëÍ£°ì¤Î¥Ð¡¼¥¸¥ç¥ó¤Ç¤¢¤ê¡¢ÀßÄê¤Ï¡¢Â¿¤¯¤Î¦Ì̤Ç
+ <application>KerberosIV</application> ¤È»÷¤Æ¤¤¤Þ¤¹¡£
+ °Ê²¼¤Î¾ðÊó¤Ï¡¢&os;-5.0 ¥ê¥ê¡¼¥¹°Ê¹ß¤Î
+ <application>Kerberos5</application> ¤Î¤ß¤ËŬ±þ¤¬²Äǽ¤Ç¤¹¡£
+ <application>KerberosIV</application> package
+ ¤ò»È¤¤¤¿¤¤¤È¹Í¤¨¤Æ¤¤¤ë¥æ¡¼¥¶¤Ï¡¢
+ <filename role="package">security/krb4</filename> port
+ ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <para><application>Kerberos</application> ¤Ï¡¢
+ ¥µ¡¼¥Ð¤Î¥µ¡¼¥Ó¥¹¤Ë¤è¤Ã¤Æ¥æ¡¼¥¶¤¬°ÂÁ´¤Ëǧ¾Ú¤ò¼õ¤±¤é¤ì¤ë¤è¤¦¤Ë¤¹¤ë¤¿¤á¤Î¡¢
+ ¥Í¥Ã¥È¥ï¡¼¥¯¤ÎÉղå·¥¹¥Æ¥à¤ª¤è¤Ó¥×¥í¥È¥³¥ë¤Ç¤¹¡£
+ ¥ê¥â¡¼¥È¥í¥°¥¤¥ó¡¢¥ê¥â¡¼¥È¥³¥Ô¡¼¡¢
+ ¥·¥¹¥Æ¥à´Ö¤Ç¤Î¥Õ¥¡¥¤¥ë¤Î¥³¥Ô¡¼¤ª¤è¤Ó¾¤Î¥ê¥¹¥¯¤Î¹â¤¤¥¿¥¹¥¯¤ò¤«¤Ê¤ê°ÂÁ´¤Ë¡¢
+ ¤½¤·¤Æ¤³¤ì¤Þ¤Ç¤è¤êÀ©¸æ¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£</para>
+
+ <para><application>Kerberos</application> ¤Ï¡¢
+ ¿È¸µ³Îǧ¥×¥í¥¥·¥·¥¹¥Æ¥à¤ä¡¢
+ ¿®Íꤵ¤ì¤ëÂè 3 ¼Ôǧ¾Ú¥·¥¹¥Æ¥à¤È¤âÀâÌÀ¤µ¤ì¤Þ¤¹¡£
+ <application>Kerberos</application> ¤Ï¡¢°ì¤Ä¤Îµ¡Ç½ —
+ ¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Î¥æ¡¼¥¶¤Î°ÂÁ´¤Êǧ¾Ú —
+ ¤À¤±¤òÄ󶡤·¤Þ¤¹¡£
+ ¾µÇ§ (¤É¤Î¥æ¡¼¥¶¤¬µö²Ä¤µ¤ì¤Æ¤¤¤ë¤«)
+ ¤ä´Æºº (¥æ¡¼¥¶¤¬¤É¤Î¤è¤¦¤Êºî¶È¤ò¹Ô¤Ã¤Æ¤¤¤ë¤«)
+ ¤Îµ¡Ç½¤ÏÄ󶡤·¤Þ¤»¤ó¡£
+ <application>Kerberos</application> ¤ò»È¤Ã¤Æ¡¢
+ ¥¯¥é¥¤¥¢¥ó¥È¤ª¤è¤Ó¥µ¡¼¥Ð¤Î¿È¸µ¤ò¾ÚÌÀ¤·¤¿¸å¤Ï¡¢
+ Æü¾ï¶È̳¤Ë¤ª¤±¤ë¤¹¤Ù¤Æ¤ÎÄÌ¿®¤ò°Å¹æ²½¤·¤Æ¡¢
+ ¥×¥é¥¤¥Ð¥·¤ª¤è¤Ó¥Ç¡¼¥¿¤Î´°Á´À¤òÊݾڤ¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
+
+ <para>¤½¤Î¤¿¤á¡¢<application>Kerberos</application> ¤ò»È¤¦ºÝ¤Ï¡¢
+ ¾µÇ§¤ª¤è¤Ó´Æºº¥µ¡¼¥Ó¥¹¤òÄ󶡤¹¤ë¾¤Î¥»¥¥å¥ê¥Æ¥£¤Î¼êÃʤȤÎÍøÍѤ¬¡¢
+ ¶¯¤¯¿ä¾©¤µ¤ì¤Þ¤¹¡£</para>
+
+ <para>°Ê²¼¤Îʸ¾Ï¤Ï¡¢&os; ÍѤȤ·¤ÆÇÛÉÛ¤µ¤ì¤Æ¤¤¤ë
+ <application>Kerberos</application>
+ ¤ò¥»¥Ã¥È¥¢¥Ã¥×¤¹¤ëºÝ¤Î¥¬¥¤¥É¤È¤·¤ÆÍøÍѤǤ¤Þ¤¹¤¬¡¢
+ ´°Á´¤ÊÀâÌÀ¤¬É¬Íפʾì¹ç¤Ë¤Ï¡¢
+ ¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <para>¤³¤ÎÀá¤Ë¤ª¤±¤ë <application>Kerberos</application>
+ ¤Î¥¤¥ó¥¹¥È¡¼¥ë¤Î¥Ç¥â¤Ç¤Ï¡¢°Ê²¼¤Î¤è¤¦¤Ê̾Á°¶õ´Ö¤¬»È¤ï¤ì¤Þ¤¹¡£</para>
+
+ <itemizedlist>
+ <listitem>
+ <para><acronym>DNS</acronym> ¥É¥á¥¤¥ó (<quote>¥¾¡¼¥ó</quote>) ¤Ï¡¢
+ EXAMPLE.ORG ¤Ç¤¹¡£</para>
+ </listitem>
+
+ <listitem>
+ <para><application>Kerberos</application> ¤ÎÎΰè¤Ï¡¢
+ EXAMPLE.ORG ¤Ç¤¹¡£</para>
+ </listitem>
+ </itemizedlist>
+
+ <note>
+ <para><application>Kerberos</application> ¤ÎÀßÄê¤Ç¤Ï¡¢
+ ÆâÉô¤Ç¤Î»ÈÍѤǤâ¼ÂºÝ¤Î¥É¥á¥¤¥ó̾¤ò»È¤Ã¤Æ¤¯¤À¤µ¤¤¡£
+ <acronym>DNS</acronym> ¤ÎÌäÂê¤òÈò¤±¤ë¤³¤È¤¬¤Ç¤¡¢
+ ¾¤Î <application>Kerberos</application> ¤Î¥ì¥ë¥à (realm)
+ ¤È¤ÎÁê¸ß±¿ÍѤòÊݾڤ·¤Þ¤¹¡£</para>
+ </note>
+
+ <sect2>
+ <title>Îò»Ë</title>
+ <indexterm>
+ <primary>Kerberos5</primary>
+ <secondary>Îò»Ë</secondary>
+ </indexterm>
+
+ <para><application>Kerberos</application> ¤Ï¡¢
+ ¥Í¥Ã¥È¥ï¡¼¥¯¤Î¥»¥¥å¥ê¥Æ¥£ÌäÂê¤ò²ò·è¤¹¤ë¤¿¤á¤Ë¡¢
+ <acronym>MIT</acronym> ¤Ç³«È¯¤µ¤ì¤Þ¤·¤¿¡£
+ <application>Kerberos</application> ¥×¥í¥È¥³¥ë¤Ï¡¢
+ ɬ¤º¤·¤â°ÂÁ´¤Ç¤Ï¤Ê¤¤¥¤¥ó¥¿¡¼¥Í¥Ã¥ÈÀܳ¤Ë¤ª¤¤¤Æ¤â¡¢
+ ¥µ¡¼¥Ð¤ËÂФ·¤Æ (µÕ¤â¤Þ¤¿Æ±ÍͤË)¡¢
+ ¶¯¤¤°Å¹æ¤ò»È¤Ã¤Æ¿È¸µ¤ò¾ÚÌÀ¤·¤Þ¤¹¡£</para>
+
+ <para><application>Kerberos</application> ¤Ï¡¢
+ ¥Í¥Ã¥È¥ï¡¼¥¯Ç§¾Ú¥×¥í¥È¥³¥ë¤Î̾Á°¤Ç¤¢¤ê¡¢
+ ¤³¤Î¥×¥í¥°¥é¥à¤ò¼ÂÁõ¤·¤Æ¤¤¤ë¥×¥í¥°¥é¥à¤òɽ¤¹
+ (Îã <application>Kerberos</application> telnet)
+ ¤¿¤á¤Î·ÁÍÆ»ì¤Ç¤â¤¢¤ê¤Þ¤¹¡£
+ ¥×¥í¥È¥³¥ë¤Î¸½ºß¤Î¥Ð¡¼¥¸¥ç¥ó¤Ï¥Ð¡¼¥¸¥ç¥ó 5 ¤Ç¡¢
+ <acronym>RFC</acronym> 1510 ¤È¤·¤Æʸ½ñ²½¤µ¤ì¤Æ¤¤¤Þ¤¹¡£</para>
+
+ <para>¤³¤Î¥×¥í¥È¥³¥ë¤Î¤¤¤¯¤Ä¤â¤Î¥Õ¥ê¡¼¤Î¼ÂÁõ¤¬¡¢
+ ¤µ¤Þ¤¶¤Þ¤Ê¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤ÇÍøÍѤǤ¤Þ¤¹¡£
+ ºÇ½é¤Î <application>Kerberos</application>
+ ¤ò³«È¯¤·¤¿¥Þ¥µ¥Á¥å¡¼¥»¥Ã¥Ä¹©²ÊÂç³Ø (<acronym>MIT</acronym>) ¤Ï¡¢
+ ³«È¯¤·¤¿ <application>Kerberos</application>
+ ¥Ñ¥Ã¥±¡¼¥¸¤ò·Ñ³Ū¤ËÊݼ餷¤Æ¤¤¤Þ¤¹¡£
+ <acronym>¥¢¥á¥ê¥«¹ç½°¹ñ</acronym>¤Ç¤Ï°Å¹æÀ½ÉʤȤ·¤ÆÎɤ¯»È¤ï¤ì¤Æ¤¤¤Þ¤¹¤¬¡¢
+ Îò»ËŪ¤Ë¤Ï¡¢
+ <acronym>¥¢¥á¥ê¥«¹ç½°¹ñ</acronym> ¤ÎÍ¢½Ðµ¬À©¤Ë¤è¤êÀ©¸Â¤µ¤ì¤Æ¤¤Þ¤·¤¿¡£
+ <acronym>MIT</acronym> ¤Ç¼ÂÁõ¤µ¤ì¤¿
+ <application>Kerberos</application> ¤Ï¡¢port
+ (<filename role="package">security/krb5</filename>)
+ ¤«¤éÍøÍѤǤ¤Þ¤¹¡£
+ ¥Ð¡¼¥¸¥ç¥ó 5 ¤Î¤â¤¦°ì¤Ä¤Î¼ÂÁõ¤¬¡¢
+ Heimdal <application>Kerberos</application>
+ ¤Ç¤¹¡£
+ ¤³¤Î¼ÂÁõ¤Ï¡¢<acronym>¥¢¥á¥ê¥«¹ç½°¹ñ</acronym>¤Î³°¤Ç³«È¯¤µ¤ì¤¿¤¿¤á¡¢
+ Í¢½Ð¤ÎÀ©¸Â¤òÈò¤±¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹
+ (¤½¤Î¤¿¤á¡¢Èó¾¦ÍѤΠ&unix;-like ¤Ê¥·¥¹¥Æ¥à¤Ë¤è¤¯´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹)¡£
+ Heimdal <application>Kerberos</application> ¤Ï port
+ (<filename role="package">security/heimdal</filename>)
+ ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤¤Þ¤¹¤¬¡¢ºÇ¾®¹½À®¤Ï
+ &os; ¤Î base ¥¤¥ó¥¹¥È¡¼¥ë¤Ë´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£</para>
+
+ <para>Éý¹¤¤ÆɼԤòÂоݤȤ¹¤ë¤¿¤á¤Ë¡¢°Ê²¼¤ÎÀâÌÀ¤Ç¤Ï
+ &os; ¤Ë´Þ¤Þ¤ì¤Æ¤¤¤ë Heimdal
+ ¥Ç¥£¥¹¥È¥ê¥Ó¥å¡¼¥·¥ç¥ó¤Î»ÈÍѤòÁÛÄꤷ¤Æ¤¤¤Þ¤¹¡£</para>
+ </sect2>
+
+ <sect2>
+ <title>Heimdal <acronym>KDC</acronym> ¤ÎÀßÄê</title>
+ <indexterm>
+ <primary>Kerberos5</primary>
+ <secondary>¸°ÇÛÉÛ¥»¥ó¥¿¡¼¤ÎÀßÄê</secondary>
+ </indexterm>
+
+ <para>¸°ÇÛÉÛ¥»¥ó¥¿¡¼ (<acronym>KDC</acronym>) ¤Ï¡¢
+ <application>Kerberos</application>
+ ¤¬Ä󶡤¹¤ëÃ濴Ū¤Êǧ¾Ú¥µ¡¼¥Ó¥¹
+ — <application>Kerberos</application>
+ ¥Á¥±¥Ã¥È¤òȯ¹Ô¤¹¤ë¥³¥ó¥Ô¥å¡¼¥¿¤Ç¤¹¡£
+ <acronym>KDC</acronym> ¤Ï¡¢
+ <application>Kerberos</application>
+ ¤Î¥ì¥ë¥à¤ÎÃæ¤Î¤¹¤Ù¤Æ¤Î¥³¥ó¥Ô¥å¡¼¥¿¤«¤é
+ <quote>¿®Íê</quote>¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
+ ¤½¤Î¤¿¤á¡¢¸·½Å¤Ê¥»¥¥å¥ê¥Æ¥£¤ËÂФ¹¤ëÇÛθ¤¬É¬ÍפȤʤê¤Þ¤¹¡£</para>
+
+ <para><application>Kerberos</application>
+ ¥µ¡¼¥Ð¤Î¼Â¹Ô¤Ë¥³¥ó¥Ô¥å¡¼¥¿¤Î¥ê¥½¡¼¥¹¤ÏɬÍפ¢¤ê¤Þ¤»¤ó¤¬¡¢
+ ¥»¥¥å¥ê¥Æ¥£¤Î´ÑÅÀ¤«¤é¡¢<acronym>KDC</acronym>
+ ¤È¤·¤Æ¤Î¤ßµ¡Ç½¤¹¤ëÀìÍѤΥ³¥ó¥Ô¥å¡¼¥¿¤¬¿ä¾©¤µ¤ì¤Þ¤¹¡£</para>
+
+ <para><acronym>KDC</acronym> ¤òÀßÄꤹ¤ë¤Ë¤¢¤¿¤Ã¤Æ¡¢
+ <acronym>KDC</acronym> ¤È¤·¤ÆÆ°ºî¤¹¤ë¤¿¤á¤Ë¡¢
+ ŬÀÚ¤Ë <filename>/etc/rc.conf</filename> ¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¤³¤È
+ (¥·¥¹¥Æ¥à¤òÈ¿±Ç¤¹¤ë¤è¤¦¤Ë¥Ñ¥¹¤òÄ´À°¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹)
+ ¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <programlisting>kerberos5_server_enable="YES"
+kadmind5_server_enable="YES"
+kerberos_stash="YES"</programlisting>
+
+ <note>
+ <para><option>kerberos_stash</option> ¤Ï¡¢
+ &os; 4.X ¤Ç¤Î¤ßÍøÍѲÄǽ¤Ç¤¹¡£</para>
+ </note>
+
+ <para>¼¡¤Ë¡¢<application>Kerberos</application>
+ ¤ÎÀßÄê¥Õ¥¡¥¤¥ë <filename>/etc/krb5.conf</filename>
+ ¤òÊÔ½¸¤·¤Þ¤¹¡£</para>
+
+ <programlisting>[libdefaults]
+ default_realm = EXAMPLE.ORG
+[realms]
+ EXAMPLE.ORG = {
+ kdc = kerberos.EXAMPLE.ORG
+ }
+[domain_realm]
+ .EXAMPLE.ORG = EXAMPLE.ORG</programlisting>
+
+ <para><filename>/etc/krb5.conf</filename> ¥Õ¥¡¥¤¥ë¤ÎÃæ¤Ç¤Ï¡¢
+ <acronym>KDC</acronym> ¤Ï¡¢
+ ´°Á´½¤¾þ¤µ¤ì¤¿¥Û¥¹¥È̾
+ <systemitem class="fqdomainname">kerberos.EXAMPLE.ORG</systemitem>
+ ¤ò»ý¤Ä¤³¤È¤¬ÁÛÄꤵ¤ì¤Æ¤¤¤ë¤³¤È¤ËÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£
+ <acronym>KDC</acronym> ¤¬°Û¤Ê¤ë¥Û¥¹¥È̾¤Ç¤¢¤ë¾ì¹ç¤Ë¤Ï¡¢
+ ̾Á°¤Î²ò·è¤¬¹Ô¤ï¤ì¤ë¤è¤¦¤Ë¡¢Å¬ÀÚ¤Ë CNAME (¥¨¥¤¥ê¥¢¥¹)
+ ¥¨¥ó¥È¥ê¤ò¥¾¡¼¥ó¥Õ¥¡¥¤¥ë¤ËÄɲ乤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
+
+ <note>
+ <para>ŬÀÚ¤Ë <acronym>BIND</acronym> <acronym>DNS</acronym>
+ ¥µ¡¼¥Ð¤¬ÀßÄꤵ¤ì¤¿¥Í¥Ã¥È¥ï¡¼¥¯¤Ç¤Ï¡¢
+ ¾åµ¤ÎÎã¤Ï¡¢°Ê²¼¤Î¤è¤¦¤ËÀ°Íý¤µ¤ì¤Þ¤¹¡£</para>
+
+ <programlisting>[libdefaults]
+ default_realm = example.org</programlisting>
+
+ <para>¤½¤·¤Æ¡¢<systemitem
+ class="fqdomainname">kerberos.EXAMPLE.ORG</systemitem>
+ ¥¾¡¼¥ó¥Õ¥¡¥¤¥ë¤Ë¤Ï¡¢°Ê²¼¤Î¹Ô¤¬ÉÕ¤±²Ã¤¨¤é¤ì¤Þ¤¹¡£</para>
+
+ <programlisting>_kerberos._udp IN SRV 01 00 88 kerberos.example.org.
+_kerberos._tcp IN SRV 01 00 88 kerberos.example.org.
+_kpasswd._udp IN SRV 01 00 464 kerberos.example.org.
+_kerberos-adm._tcp IN SRV 01 00 749 kerberos.example.org.
+_kerberos IN TXT EXAMPLE.ORG.</programlisting></note>
+
+ <para>¼¡¤Ë <application>Kerberos</application> ¥Ç¡¼¥¿¥Ù¡¼¥¹¤òºîÀ®¤·¤Þ¤¹¡£
+ ¤³¤Î¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ë¤Ï¡¢
+ ¥Þ¥¹¥¿¡¼¸°¤Ë¤è¤ê°Å¹æ²½¤µ¤ì¤¿¤¹¤Ù¤Æ¤Î¥×¥ê¥ó¥·¥Ñ¥ë¤Î¸°¤¬¤¢¤ê¤Þ¤¹¡£
+ ¤³¤Î¥Ñ¥¹¥ï¡¼¥É¤Ï¡¢¥Õ¥¡¥¤¥ë
+ (<filename>/var/heimdal/m-key</filename>) ¤ËÊݸ¤µ¤ì¤ë¤¿¤á¡¢
+ ³Ð¤¨¤ëɬÍפϤ¢¤ê¤Þ¤»¤ó¡£
+ ¥Þ¥¹¥¿¡¼¸°¤òºîÀ®¤¹¤ë¤Ë¤Ï¡¢<command>kstash</command> ¤ò¼Â¹Ô¤·¤Æ¡¢
+ ¥Ñ¥¹¥ï¡¼¥É¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <para>¥Þ¥¹¥¿¡¼¸°¤òºîÀ®¤·¤¿¤é¡¢<command>kadmin</command> ¥×¥í¥°¥é¥à¤ò
+ <literal>-l</literal> ¥ª¥×¥·¥ç¥ó (<quote>local</quote> ¤ò°ÕÌ£¤·¤Þ¤¹)
+ ¤Ç¼Â¹Ô¤·¡¢½é´ü²½¤·¤Þ¤¹¡£
+ ¤³¤Î¥ª¥×¥·¥ç¥ó¤ò»È¤¦¤È¡¢<command>kadmin</command> ¤Ï¡¢
+ <command>kadmind</command> ¥Í¥Ã¥È¥ï¡¼¥¯¥µ¡¼¥Ó¥¹¤ò»È¤ï¤º¡¢
+ ľÀܥǡ¼¥¿¥Ù¡¼¥¹¥Õ¥¡¥¤¥ë¤òÊѹ¹¤·¤Þ¤¹¡£
+ ¤³¤ì¤Ë¤è¤ê¡¢
+ ¥Ç¡¼¥¿¥Ù¡¼¥¹¤òºîÀ®¤¹¤ëÁ°¤Ë¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ø¤ÎÀܳ¤ò»î¤ß¤Æ¤·¤Þ¤¦¤È¤¤¤¦¡¢
+ Íñ¤¬À褫·Ü¤¬À褫¤È¤¤¤¦ÌäÂê¤ò²óÈò¤Ç¤¤Þ¤¹¡£
+ <command>kadmin</command>
+ ¥×¥í¥ó¥×¥È¤¬É½¼¨¤µ¤ì¤¿¤é¡¢<command>init</command> ¥³¥Þ¥ó¥É¤ò»È¤Ã¤Æ¡¢
+ ¥ì¥ë¥à¤Ë´Ø¤¹¤ë½é´ü¤Î¥Ç¡¼¥¿¥Ù¡¼¥¹¤òºîÀ®¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <para>ºÇ¸å¤Ë¡¢<command>kadmin</command> ¥×¥í¥ó¥×¥È¤Ç
+ <command>add</command>
+ ¥³¥Þ¥ó¥É¤ò»È¤Ã¤ÆºÇ½é¤Î¥×¥ê¥ó¥·¥Ñ¥ë¤òºîÀ®¤·¤Æ²¼¤µ¤¤¡£
+ º¹¤·Åö¤¿¤ê¤Ï¡¢
+ ¥×¥ê¥ó¥·¥Ñ¥ë¤ËÂФ¹¤ë¥Ç¥Õ¥©¥ë¥È¤Î¥ª¥×¥·¥ç¥ó¤Ë½¾¤Ã¤Æ¤¯¤À¤µ¤¤¡£
+ ¸å¤Ç <command>modify</command> ¥³¥Þ¥ó¥É¤ò»È¤¦¤³¤È¤Ç¡¢
+ ¤¤¤Ä¤Ç¤âÊѹ¹¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
+ ¥×¥í¥ó¥×¥È¤Ç <literal>?</literal> ¥³¥Þ¥ó¥É¤ò»È¤¦¤È¡¢
+ ÍøÍѲÄǽ¤Ê¥ª¥×¥·¥ç¥ó¤ò³Îǧ¤Ç¤¤Þ¤¹¡£</para>
+
+ <para>¥Ç¡¼¥¿¥Ù¡¼¥¹ºîÀ®¤Î¥»¥Ã¥·¥ç¥ó¤ÎÎã¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£</para>
+
+ <screen>&prompt.root; <userinput>kstash</userinput>
+ Master key: <userinput>xxxxxxxx</userinput>
+ Verifying password - Master key: <userinput>xxxxxxxx</userinput>
+
+ &prompt.root; <userinput>kadmin -l</userinput>
+ kadmin> <userinput>init EXAMPLE.ORG</userinput>
+ Realm max ticket life [unlimited]:
+ kadmin> <userinput>add tillman</userinput>
+ Max ticket life [unlimited]:
+ Max renewable life [unlimited]:
+ Attributes []:
+ Password: <userinput>xxxxxxxx</userinput>
+ Verifying password - Password: <userinput>xxxxxxxx</userinput></screen>
+
+ <para>¤³¤ì¤Ç <acronym>KDC</acronym>
+ ¥µ¡¼¥Ó¥¹¤òµ¯Æ°¤¹¤ë¤³¤È¤¬¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤·¤¿¡£
+ <command>/etc/rc.d/kerberos start</command> ¤ª¤è¤Ó
+ <command>/etc/rc.d/kadmind start</command>
+ ¤ò¼Â¹Ô¤·¤Æ¥µ¡¼¥Ó¥¹¤òµ¯Æ°¤·¤Æ¤¯¤À¤µ¤¤¡£
+ ¤³¤Î»þÅÀ¤Ç¡¢kerberos ²½¤µ¤ì¤¿¥Ç¡¼¥â¥ó¤¬Áö¤Ã¤Æ¤¤¤Ê¤¯¤Æ¤â¡¢
+ <acronym>KDC</acronym> ¤Î¥³¥Þ¥ó¥É¥é¥¤¥ó¤«¤é¡¢ºîÀ®¤·¤¿¤Ð¤«¤ê¤Î (¥æ¡¼¥¶)
+ ¥×¥ê¥ó¥·¥Ñ¥ë¤Î¥Á¥±¥Ã¥È¤òÆþ¼ê¤·¤¿¤ê¡¢
+ °ìÍ÷¤òɽ¼¨¤¹¤ë¤³¤È¤¬¤Ç¤¤ë¤³¤È¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <screen>&prompt.user;<userinput>k5init <replaceable>tillman</replaceable></userinput>
+ tillman at EXAMPLE.ORG's Password:
+
+ &prompt.user;<userinput>k5list</userinput>
+ Credentials cache: FILE:<filename>/tmp/krb5cc_500</filename>
+ Principal: tillman at EXAMPLE.ORG
+
+ Issued Expires Principal
+ Aug 27 15:37:58 Aug 28 01:37:58 krbtgt/EXAMPLE.ORG at EXAMPLE.ORG
+ Aug 27 15:37:58 Aug 28 01:37:58 krbtgt/EXAMPLE.ORG at EXAMPLE.ORG
+
+ v4-ticket file: /tmp/tkt500
+ k5list: No ticket file (tf_util)</screen>
+
+ </sect2>
+
+ <sect2>
+ <title>Heimdal <application>Kerberos</application>
+ ¥µ¡¼¥Ó¥¹¤ò͸ú¤Ë¤¹¤ë¡£</title>
+
+ <indexterm>
+ <primary>Kerberos5</primary>
+ <secondary>Enabling ¥µ¡¼¥Ó¥¹</secondary>
+ </indexterm>
+
+ <para>ºÇ½é¤Ë <application>Kerberos</application>
+ ¤ÎÀßÄê¥Õ¥¡¥¤¥ë <filename>/etc/krb5.conf</filename>
+ ¤Î¥³¥Ô¡¼¤¬É¬ÍפǤ¹¡£
+ ¥³¥Ô¡¼¤ò¹Ô¤¦¤Ë¤Ï¡¢<acronym>KDC</acronym> ¤«¤é¡¢
+ ¥¯¥é¥¤¥¢¥ó¥È¥³¥ó¥Ô¥å¡¼¥¿¤Ø
+ (&man.scp.1; ¤Î¤è¤¦¤Ê¥Í¥Ã¥È¥ï¡¼¥¯¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ò»È¤¦¤«¡¢
+ ʪÍýŪ¤Ë¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤ò»È¤Ã¤Æ)
+ °ÂÁ´¤ÊÊýË¡¤Ç¥³¥Ô¡¼¤ò¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <para>¼¡¤Ë <filename>/etc/krb5.keytab</filename>
+ ¥Õ¥¡¥¤¥ë¤¬É¬ÍפȤʤê¤Þ¤¹¡£
+ ¤³¤ì¤Ï¡¢<application>Kerberos</application>
+ ²½¤µ¤ì¤¿¥Ç¡¼¥â¥ó¤òÄ󶡤¹¤ë¥µ¡¼¥Ð¤È¥ï¡¼¥¯¥¹¥Æ¡¼¥·¥ç¥ó¤Î´Ö¤Ç¤ÎÂ礤ʰ㤤¤Ç¤¹
+ — ¥µ¡¼¥Ð¤Ï¡¢
+ <filename>keytab</filename> ¥Õ¥¡¥¤¥ë¤ò»ý¤Ã¤Æ¤¤¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+ ¤³¤Î¥Õ¥¡¥¤¥ë¤Ë¤Ï¡¢¥µ¡¼¥Ð¤Î¥Û¥¹¥È¸°¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£
+ ¤³¤Î¸°¤Ë¤è¤ê¡¢¥Û¥¹¥È¤ª¤è¤Ó
+ <acronym>KDC</acronym> ¤¬Â¾¤Î¿È¸µ¤Î¸¡¾Ú¤¬¤Ç¤¤Þ¤¹¡£
+ ¸°¤¬¸ø³«¤µ¤ì¤Æ¤·¤Þ¤¦¤È¡¢
+ ¥µ¡¼¥Ð¤Î¥»¥¥å¥ê¥Æ¥£¤¬Çˤì¤Æ¤·¤Þ¤¦¤¿¤á¡¢
+ ¤³¤Î¥Õ¥¡¥¤¥ë¤Ï°ÂÁ´¤Ë¥µ¡¼¥Ð¤ËžÁ÷¤·¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£
+ ¤³¤Î¤³¤È¤Ï¡¢<acronym>FTP</acronym>
+ ¤Î¤è¤¦¤Ë¥Æ¥¥¹¥È¥Á¥ã¥Í¥ë¤Ç¤ÎžÁ÷¤Ï¡¢
+ ¤Þ¤Ã¤¿¤¯¹¥¤Þ¤·¤¯¤Ê¤¤¤³¤È¤ò°ÕÌ£¤·¤Æ¤¤¤Þ¤¹¡£</para>
+
+ <para>°ìÈÌŪ¤Ë¤Ï¡¢<command>kadmin</command> ¥×¥í¥°¥é¥à¤ò»È¤Ã¤Æ¡¢
+ <filename>keytab</filename> ¤ò¥µ¡¼¥Ð¤ËžÁ÷¤·¤Þ¤¹¡£
+ <command>kadmin</command> ¤ò»È¤Ã¤Æ
+ (<acronym>KDC</acronym> ¦¤Î
+ <filename>krb5.keytab</filename> ¤Ë)
+ ¥Û¥¹¥È¥×¥ê¥ó¥·¥Ñ¥ë¤òºîÀ®¤¹¤ë¤³¤È¤âɬÍפʤΤÇÊØÍø¤Ç¤¹¡£</para>
+
+ <para>¤¹¤Ç¤Ë¥Á¥±¥Ã¥È¤òÆþ¼ê¤·¡¢
+ ¤½¤Î¥Á¥±¥Ã¥È¤Ï¡¢
+ <command>kadmin</command> ¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤Ç»ÈÍѤǤ¤ë¤³¤È¤¬
+ <filename>kadmind.acl</filename>
+ ¤Çµö²Ä¤µ¤ì¤Æ¤¤¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+ ¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ë¥ê¥¹¥È¤ÎÀ߷פξܺ٤ˤĤ¤¤Æ¤Ï¡¢
+ Heimdal info ¥Ú¡¼¥¸ (<command>info heimdal</command>) ¤Î
+ <quote>Remote administration</quote>
+ ¤È¤¤¤¦¥¿¥¤¥È¥ë¤Î¾Ï¤ò¤´Í÷¤¯¤À¤µ¤¤¡£
+ ¥ê¥â¡¼¥È¤«¤é¤Î
+ <command>kadmin</command> ¥¢¥¯¥»¥¹¤ò͸ú¤Ë¤·¤¿¤¯¤Ê¤¤¾ì¹ç¤Ï¡¢
+ °ÂÁ´¤Ë (¥í¡¼¥«¥ë¥³¥ó¥½¡¼¥ë¡¢&man.ssh.1; ¤â¤·¤¯¤Ï
+ <application>Kerberos</application> &man.telnet.1; ¤òÍѤ¤¤Æ)
+ <acronym>KDC</acronym> ¤ËÀܳ¤·¡¢
+ <command>kadmin -l</command> ¤ò»ÈÍѤ·¤Æ¡¢
+ ¥í¡¼¥«¥ë¤Ç´ÉÍýºî¶È¤ò¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <para><filename>/etc/krb5.conf</filename>
+ ¥Õ¥¡¥¤¥ë¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿¤é¡¢
+ <application>Kerberos</application> ¥µ¡¼¥Ð¤«¤é¡¢
+ <command>kadmin</command> ¤ò»È¤¦¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
+ <command>add --random-key</command> ¥³¥Þ¥ó¥É¤ò»È¤¦¤È¡¢
+ ¥µ¡¼¥Ð¤Î¥Û¥¹¥È¥×¥ê¥ó¥·¥Ñ¥ë¤òÄɲäǤ¤Þ¤¹¡£
+ ¤½¤·¤Æ¡¢<command>ext</command> ¥³¥Þ¥ó¥É¤òÍѤ¤¤Æ¡¢
+ ¥µ¡¼¥Ð¤Î¥Û¥¹¥È¥×¥ê¥ó¥·¥Ñ¥ë¤ò keytab ¤ËÃê½Ð¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <screen>&prompt.root; <userinput>kadmin</userinput>
+ kadmin><userinput> add --random-key host/myserver.EXAMPLE.ORG</userinput>
+ Max ticket life [unlimited]:
+ Max renewable life [unlimited]:
+ Attributes []:
+ kadmin><userinput> ext host/myserver.EXAMPLE.ORG</userinput>
+ kadmin><userinput> exit</userinput></screen>
+
+ <para><command>ext</command> ¥³¥Þ¥ó¥É (<quote>extract</quote>
+ ¤Î¾Êά·Á) ¤Ï¡¢¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢Ãê½Ð¤µ¤ì¤¿¸°¤ò
+ <filename>/etc/krb5.keytab</filename> ¤ËÊݸ¤·¤Þ¤¹¡£</para>
+
+ <para><acronym>KDC</acronym> ¾å¤Ç <command>kadmind</command>
+ ¤ò (¤ª¤½¤é¤¯¥»¥¥å¥ê¥Æ¥£¾å¤ÎÍýͳ¤«¤é) Áö¤é¤»¤Æ¤¤¤Ê¤¤¾ì¹ç¤Ç¡¢
+ ¥ê¥â¡¼¥È¤«¤é <command>kadmin</command> ¤ËÀܳ½ÐÍè¤Ê¤¤¾ì¹ç¤Ë¤Ï¡¢
+ ¥Û¥¹¥È¥×¥ê¥ó¥·¥Ñ¥ë (<systemitem
+ class="username">host/myserver.EXAMPLE.ORG</systemitem>)
+ ¤òľÀÜ <acronym>KDC</acronym> ¾å¤ÇÄɲä·¡¢
+ ¤½¤Î¸å¡¢°Ê²¼¤Î¤è¤¦¤Ë
+ (<acronym>KDC</acronym> ¾å¤Î
+ <filename>/etc/krb5.keytab</filename> ¤Î¾å½ñ¤¤òÈò¤±¤ë¤¿¤á)¡¢
+ °ì»þ¥Õ¥¡¥¤¥ë¤ËÃê½Ð¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <screen>&prompt.root; <userinput>kadmin</userinput>
+ kadmin><userinput> ext --keytab=/tmp/example.keytab host/myserver.example.org</userinput>
+ kadmin><userinput> exit</userinput></screen>
+
+ <para>¤½¤Î¸å¡¢keytab ¤ò°ÂÁ´¤Ë (¤¿¤È¤¨¤Ð
+ <command>scp</command> ¤Þ¤¿¤Ï¥Õ¥í¥Ã¥Ô¡¼¤ò»È¤Ã¤Æ)
+ ¥µ¡¼¥Ð¥³¥ó¥Ô¥å¡¼¥¿¤Ë¥³¥Ô¡¼¤·¤Æ¤¯¤À¤µ¤¤¡£
+ <acronym>KDC</acronym> ¾å¤Î keytab ¤ò¾å½ñ¤¤¹¤ë¤³¤È¤òÈò¤±¤ë¤¿¤á¡¢
+ ¥Ç¥Õ¥©¥ë¥È¤È¤Ï°Û¤Ê¤ë̾Á°¤ò»ØÄꤷ¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <para>¤³¤ì¤Ç¥µ¡¼¥Ð¤Ï¡¢
+ (<filename>krb5.conf</filename> ¥Õ¥¡¥¤¥ë¤Ë¤è¤ê)
+ <acronym>KDC</acronym> ¤ÈÄÌ¿®¤¬¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤·¤¿¡£
+ ¤½¤·¤Æ¡¢(<filename>krb5.keytab</filename> ¥Õ¥¡¥¤¥ë¤Ë¤è¤Ã¤Æ)
+ ¿È¸µ¤ò¾ÚÌÀ¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤Ã¤¿¤Î¤Ç¡¢
+ <application>Kerberos</application>
+ ¥µ¡¼¥Ó¥¹¤ò͸ú¤Ë¤¹¤ë½àÈ÷¤¬½ÐÍè¤Þ¤·¤¿¡£
+ ¤³¤ÎÎã¤Ç¤Ï¡¢°Ê²¼¤Î¹Ô¤ò
+ <filename>/etc/inetd.conf</filename> ¤Ë²Ã¤¨¡¢
+ <command>telnet</command>
+ ¥µ¡¼¥Ó¥¹¤ò͸ú¤Ë¤·¤Æ¤¯¤À¤µ¤¤¡£¤½¤Î¸å¡¢
+ <command>/etc/rc.d/inetd restart</command> ¤Ë¤Æ
+ &man.inetd.8; ¥µ¡¼¥Ó¥¹¤òºÆµ¯Æ°¤·¤Þ¤¹¡£</para>
+
+ <programlisting>telnet stream tcp nowait root /usr/libexec/telnetd telnetd -a user</programlisting>
+
+ <para>½ÅÍפʲսê¤Ï¡¢¥æ¡¼¥¶¤Ë <command>-a</command>
+ (ǧ¾Ú¤òɽ¤¹) ¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¤³¤È¤Ç¤¹¡£
+ ¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï¡¢
+ &man.telnetd.8; ¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+ </sect2>
+
+ <sect2>
+ <title>Heimdal <application>Kerberos</application>
+ ¥¯¥é¥¤¥¢¥ó¥È¤ò͸ú¤Ë¤¹¤ë</title>
+
+ <indexterm>
+ <primary>Kerberos5</primary>
+ <secondary>¥¯¥é¥¤¥¢¥ó¥È¤ÎÀßÄê</secondary>
+ </indexterm>
+
+ <para>¥¯¥é¥¤¥¢¥ó¥È¥³¥ó¥Ô¥å¡¼¥¿¤ÎÀßÄê¤Ï¡¢
+ ¤Û¤È¤ó¤É¼è¤ë¤Ë¤é¤Ê¤¤¤¯¤é¤¤¤Ë´Êñ¤Ç¤¹¡£
+ <application>Kerberos</application> ¤ÎÀßÄ꤬¤¦¤Þ¤¯¤¤¤Ã¤Æ¤¤¤ì¤Ð¡¢
+ <filename>/etc/krb5.conf</filename> ¤ËÃÖ¤«¤ì¤Æ¤¤¤ë
+ <application>Kerberos</application>
+ ¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Î¤ß¤¬É¬ÍפǤ¹¡£
+ ¥»¥¥å¥ê¥Æ¥£Åª¤Ë°ÂÁ´¤ÊÊýË¡¤Ç¡¢<acronym>KDC</acronym>
+ ¤«¤é¥¯¥é¥¤¥¢¥ó¥È¥³¥ó¥Ô¥å¡¼¥¿¤Øñ¤Ë¥³¥Ô¡¼¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <para>¥¯¥é¥¤¥¢¥ó¥È¤«¤é¡¢<command>kinit</command>,
+ <command>klist</command> ¤ª¤è¤Ó
+ <command>kdestroy</command> ¤ò»ÈÍѤ·¡¢
+ ¾åµ¤ÇºîÀ®¤·¤¿¥×¥ê¥ó¥·¥Ñ¥ë¤ËÂФ¹¤ë¥Á¥±¥Ã¥È¤ÎÆþ¼ê¡¢É½¼¨¡¢
+ ºï½ü¤ò¹Ô¤¤¡¢¥¯¥é¥¤¥¢¥ó¥È¥³¥ó¥Ô¥å¡¼¥¿¤ò»î¸³¤·¤Æ¤¯¤À¤µ¤¤¡£
+ <application>Kerberos</application>
+ ¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ò»È¤Ã¤Æ <application>Kerberos</application>
+ ¤¬Í¸ú¤Ê¥µ¡¼¥Ð¤ËÀܳ¤¹¤ë¤³¤È¤â¤Ç¤¤ë¤Ï¤º¤Ç¤¹¡£
+ ¤â¤·¤¦¤Þ¤¯µ¡Ç½¤·¤Ê¤¤¾ì¹ç¤Ç¤â¡¢¥Á¥±¥Ã¥È¤òÆþ¼ê¤Ç¤¤ë¤Î¤Ç¤¢¤ì¤Ð¡¢
+ ÌäÂê¤Ï¤ª¤½¤é¤¯¥µ¡¼¥Ð¤Ë¤¢¤ê¡¢
+ ¥¯¥é¥¤¥¢¥ó¥È¤Þ¤¿¤Ï <acronym>KDC</acronym>
+ ¤ÎÌäÂê¤Ç¤Ï¤Ê¤¤¤È¹Í¤¨¤é¤ì¤Þ¤¹¡£</para>
+
+ <para><command>telnet</command>
+ ¤Î¤è¤¦¤Ê¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ò»î¸³¤¹¤ëºÝ¤Ë¤Ï¡¢
+ (&man.tcpdump.1; ¤È¤¤¤Ã¤¿) ¥Ñ¥±¥Ã¥È¥¹¥Ë¥Õ¥¡¤ò»ÈÍѤ·¤Æ¡¢
+ ¥Ñ¥¹¥ï¡¼¥É¤¬Ê¿Ê¸¤ÇÁ÷¤é¤ì¤Æ¤¤¤Ê¤¤¤³¤È¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£
+ <literal>-x</literal> ¥ª¥×¥·¥ç¥ó¤Ç
+ <command>telnet</command> ¤òÍøÍѤ¹¤ë¤È¡¢
+ (<command>ssh</command> ¤Î¤è¤¦¤Ë)
+ ¤¹¤Ù¤Æ¤Î¥Ç¡¼¥¿¥¹¥È¥ê¡¼¥à¤¬°Å¹æ²½¤µ¤ì¤Þ¤¹¡£</para>
+
+ <para><application>Kerberos</application>
+ ¤Î¥³¥¢¤Î¥¯¥é¥¤¥¢¥ó¥È¥¢¥×¥ê¥±¡¼¥·¥ç¥ó
+ (ÅÁÅýŪ¤Ë¡¢<command>kinit</command>,
+ <command>klist</command>, <command>kdestroy</command> ¤ª¤è¤Ó
+ <command>kpasswd</command> ¤È¤¤¤¦Ì¾Á°¤Ç¤¹) ¤Ï¡¢&os;
+ ¤Î¥Ù¡¼¥¹¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
+ 5.0 °ÊÁ°¤Î &os; ¤Ç¤Ï¡¢
+ <command>k5init</command>,
+ <command>k5list</command>, <command>k5destroy</command>,
+ <command>k5passwd</command> ¤ª¤è¤Ó <command>kstash</command>
+ ¤È¸À¤¦Ì¾Á°¤Ç¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
+ ¤³¤ì¤é¤ÏÄ̾ï°ìÅÙ¤·¤«ÍѤ¤¤é¤ì¤Þ¤»¤ó¡£</para>
+
+ <para>¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢Heimdal ¥¤¥ó¥¹¥È¡¼¥ë¤Î
+ <quote>ºÇ¾®</quote> ¤È¹Í¤¨¤é¤ì¤ë¡¢¥³¥¢°Ê³°¤Î
+ <application>Kerberos</application>
+ ¥¯¥é¥¤¥¢¥ó¥È¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤â¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Þ¤¹¡£
+ <command>telnet</command> ¤Ï¡¢
+ <application>Kerberos</application>
+ ²½¤µ¤ì¤¿Í£°ì¤Î¥µ¡¼¥Ó¥¹¤Ç¤¹¡£</para>
+
+ <para>Heimdal port ¤Ï¡¢
+ <application>Kerberos</application> ²½¤µ¤ì¤Æ¤¤¤ë
+ <command>ftp</command>, <command>rsh</command>,
+ <command>rcp</command>, <command>rlogin</command>
+ ¤ª¤è¤Ó¾¤Î¤¢¤Þ¤ê°ìÈÌŪ¤Ç¤Ï¤Ê¤¤¥×¥í¥°¥é¥à¤È¤¤¤Ã¤¿¡¢
+ ¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Ê¤¤¥¯¥é¥¤¥¢¥ó¥È¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¡£
+ <acronym>MIT</acronym> port ¤â¡¢¤¹¤Ù¤Æ¤Î
+ <application>Kerberos</application>
+ ¥¯¥é¥¤¥¢¥ó¥È¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¡£</para>
+ </sect2>
+
+ <sect2>
+ <title>¥æ¡¼¥¶ÀßÄê¥Õ¥¡¥¤¥ë: <filename>.k5login</filename>
+ ¤ª¤è¤Ó <filename>.k5users</filename></title>
+
+ <indexterm>
+ <primary>Kerberos5</primary>
+ <secondary>¥æ¡¼¥¶ÀßÄê¥Õ¥¡¥¤¥ë</secondary>
+ </indexterm>
+
+ <para>¥ì¥ë¥à¤Î¥æ¡¼¥¶¤Ï¡¢°ìÈÌŪ¤Ë¤Ï¡¢
+ (<systemitem class="username">tillman</systemitem>
+ ¤Î¤è¤¦¤Ê) ¥í¡¼¥«¥ë¥æ¡¼¥¶¥¢¥«¥¦¥ó¥È¤ËÂбþ¤¹¤ë
+ (<systemitem class="username">tillman at EXAMPLE.ORG</systemitem>
+ ¤È¤¤¤Ã¤¿) <application>Kerberos</application>
+ ¥×¥ê¥ó¥·¥Ñ¥ë¤ò»ý¤Á¤Þ¤¹¡£
+ <command>telnet</command>
+ ¤Î¤è¤¦¤Ê¥¯¥é¥¤¥¢¥ó¥È¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤Ï¡¢
+ ¥æ¡¼¥¶Ì¾¤â¤·¤¯¤Ï¥×¥ê¥ó¥·¥Ñ¥ë¤òÄ̾ïɬÍפȤ·¤Þ¤»¤ó¡£</para>
+
+ <para>¤·¤«¤·¤Ê¤¬¤é¡¢»þ¡¹
+ <application>Kerberos</application>
+ ¥×¥ê¥ó¥·¥Ñ¥ë¤ËÂбþ¤·¤Ê¤¤¥í¡¼¥«¥ë¥æ¡¼¥¶¥¢¥«¥¦¥ó¥È¤Ø¤Î¥¢¥¯¥»¥¹¤¬É¬ÍפȤʤ뤳¤È¤¬¤¢¤ê¤Þ¤¹¡£
+ ¤¿¤È¤¨¤Ð¡¢
+ <systemitem class="username">tillman at EXAMPLE.ORG</systemitem>
+ ¤¬¡¢¥í¡¼¥«¥ë¥æ¡¼¥¶¥¢¥«¥¦¥ó¥È
+ <systemitem class="username">webdevelopers</systemitem>
+ ¤Ø¤Î¥¢¥¯¥»¥¹¤¬É¬ÍפȤʤ뤳¤È¤¬¤¢¤ê¤Þ¤¹¡£
+ ¤½¤·¤Æ¡¢Â¾¤Î¥×¥ê¥ó¥·¥Ñ¥ë¤¬Æ±¤¸¥í¡¼¥«¥ë¥¢¥«¥¦¥ó¥È¤Ë¥¢¥¯¥»¥¹¤¬É¬Íפˤʤ뤳¤È¤â¤¢¤ê¤Þ¤¹¡£ </para>
+
+ <para>¥æ¡¼¥¶¤Î¥Û¡¼¥à¥Ç¥£¥ì¥¯¥È¥ê¤ËÃÖ¤«¤ì¤¿
+ <filename>.k5login</filename> ¤ª¤è¤Ó
+ <filename>.k5users</filename> ¥Õ¥¡¥¤¥ë¤Ë¤è¤Ã¤Æ
+ (<filename>.hosts</filename> ¤ª¤è¤Ó <filename>.rhosts</filename>
+ ¤Î¶¯ÎϤÊÁȤ߹ç¤ï¤»¤Î¤è¤¦¤Ë)¡¢¤³¤ÎÌäÂê¤ò²ò·è½ÐÍè¤Þ¤¹¡£
+ ¤¿¤È¤¨¤Ð¡¢°Ê²¼¤Î¹Ô¤ò´Þ¤à
+ <filename>.k5login</filename> ¤ò</para>
+
+ <screen>tillman at example.org
+ jdoe at example.org</screen>
+
+ <para>¥í¡¼¥«¥ë¥æ¡¼¥¶
+ <systemitem class="username">webdevelopers</systemitem>
+ ¤Î¥Û¡¼¥à¥Ç¥£¥ì¥¯¥È¥ê¤ËÃÖ¤¯¤È¡¢
+ °ìÍ÷¤Ë¤¢¤ëξÊý¤Î¥×¥ê¥ó¥·¥Ñ¥ë¤Ï¡¢
+ ¶¦Í¤Î¥Ñ¥¹¥ï¡¼¥É¤òɬÍפȤ·¤Ê¤¯¤Æ¤â¡¢
+ ¤³¤Î¥¢¥«¥¦¥ó¥È¤Ë¥¢¥¯¥»¥¹½ÐÍè¤Þ¤¹¡£</para>
+
+ <para>¤³¤ì¤é¤Î¥³¥Þ¥ó¥É¤Î¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤òÆɤळ¤È¤¬¿ä¾©¤µ¤ì¤Þ¤¹¡£
+ <command>ksu</command> ¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤Ë¤Ï¡¢
+ <filename>.k5users</filename> ¤ÎÀâÌÀ¤¬¤¢¤ê¤Þ¤¹¡£</para>
+ </sect2>
+
+ <sect2>
+ <title><application>Kerberos</application> Tips, Tricks, ¤ª¤è¤Ó¥È¥é¥Ö¥ë¥·¥å¡¼¥Æ¥£¥ó¥°</title>
+
+ <indexterm>
+ <primary>Kerberos5</primary>
+ <secondary>¥È¥é¥Ö¥ë¥·¥å¡¼¥Æ¥£¥ó¥°</secondary>
+ </indexterm>
+
+ <itemizedlist>
+ <listitem>
+ <para>Heimdal ¤Þ¤¿¤Ï <acronym>MIT</acronym>
+ <application>Kerberos</application> ports
+ ¤Î¤É¤Á¤é¤ò»È¤¦¾ì¹ç¤Ç¤â¡¢
+ <envar>PATH</envar> ´Ä¶ÊÑ¿ô¤Ï¡¢
+ <application>Kerberos</application> ÈǤΥ¯¥é¥¤¥¢¥ó¥È
+ ¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤¬¡¢
+ ¥·¥¹¥Æ¥à¤Ë¤¢¤ë¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤è¤êÀè¤Ë¸«¤Ä¤«¤ë¤è¤¦¤ËÀßÄꤵ¤ì¤Æ¤¤¤ë¤³¤È¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+ </listitem>
+
+ <listitem>
+ <para>¥·¥¹¥Æ¥à¤Î»þ¹ï¤ÏƱ´ü¤·¤Æ¤¤¤Þ¤¹¤«? ËÜÅö¤Ç¤¹¤«?
+ »þ¹ï¤¬Æ±´ü¤·¤Æ¤¤¤Ê¤¤¤È
+ (Ä̾ï¤Ï 5 ʬ°ÊÆâ¤ÇƱ´ü¤µ¤ì¤Æ¤¤¤Ê¤¤¤È)
+ ǧ¾Ú¤Ë¼ºÇÔ¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£</para>
+ </listitem>
+
+ <listitem>
+ <para><acronym>MIT</acronym> ¤ª¤è¤Ó Heimdal ´Ö¤Î±¿ÍѤϡ¢
+ ɸ½à²½¤µ¤ì¤Æ¤¤¤Ê¤¤¥×¥í¥È¥³¥ë <command>kadmin</command> ¤ò½ü¤¡¢
+ ¤¦¤Þ¤¯µ¡Ç½¤·¤Þ¤¹¡£</para>
+ </listitem>
+
+ <listitem>
+ <para>¥Û¥¹¥È̾¤òÊѹ¹¤¹¤ëºÝ¤Ï¡¢
+ <systemitem class="username">host/</systemitem>
+ ¥×¥ê¥ó¥·¥Ñ¥ë¤òÊѹ¹¤·¡¢keytab ¤ò¥¢¥Ã¥×¥Ç¡¼¥È¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+ Apache ¤Î
+ <filename role="package">www/mod_auth_kerb</filename>
+ ¤Ç»È¤ï¤ì¤ë
+ <systemitem class="username">www/</systemitem>
+ ¥×¥ê¥ó¥·¥Ñ¥ë¤Î¤è¤¦¤ÊÆÃÊ̤Ê
+ keytab ¥¨¥ó¥È¥ê¤Ç¤âɬÍפȤʤê¤Þ¤¹¡£</para>
+ </listitem>
+
+ <listitem>
+ <para>¥ì¥ë¥à¤ÎÃæ¤Î¤¹¤Ù¤Æ¤Î¥Û¥¹¥È¤Ï¡¢<acronym>DNS</acronym>
+ ¤Ë¤ª¤¤¤Æ (¤â¤·¤¯¤Ï¡¢ºÇÄã¸Â<filename>/etc/hosts</filename>
+ ¤ÎÃæ¤Ç)¡¢(Àµ°ú¤¤ª¤è¤ÓµÕ°ú¤Î¾Êý¤Ç)
+ ̾Á°²ò·è¤Ç¤¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+ CNAME ¤ÏÆ°ºî¤·¤Þ¤¹¤¬¡¢A ¤ª¤è¤Ó PTR ¥ì¥³¡¼¥É¤Ï¡¢
+ Àµ¤·¤¯Å¬ÀڤʰÌÃ֤˵½Ò¤µ¤ì¤Æ¤¤¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+ ¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤Ï¡¢
+ ¼¡¤ÎÎã¤Î¤è¤¦¤Ë¡¢Ä¾´¶Åª¤Ë¸¶°ø¤¬Ê¬¤«¤ë¤è¤¦¤Ê¤â¤Î¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¡£
+ <errorname>Kerberos5 refuses authentication because Read req
+ failed: Key table entry not found</errorname>.</para>
+ </listitem>
+
+ <listitem>
+ <para><acronym>KDC</acronym>
+ ¤ËÂФ·¥¯¥é¥¤¥¢¥ó¥È¤È¤·¤Æ¿¶¤ëÉñ¤¦¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤ÎÃæ¤Ë¤Ï¡¢
+ <command>ksu</command> ¤ËÂФ·¤Æ¡¢
+ <systemitem class="username">root</systemitem> ¸¢¸Â¤Ë
+ setuid ¤òµö²Ä¤·¤Ê¤¤¤â¤Î¤¬¤¢¤ê¤Þ¤¹¡£
+ ¤³¤ÎÀßÄê¤Ç¤Ï¡¢
+ <command>ksu</command> ¤ÏÆ°ºî¤·¤Ê¤¤¤³¤È¤ò°ÕÌ£¤·¤Þ¤¹¡£
+ ¥»¥¥å¥ê¥Æ¥£¤Î´ÑÅÀ¤«¤é¤Ï¹¥¤Þ¤·¤¤¹Í¤¨¤Ç¤¹¤¬¡¢
+ Ìñ²ð¤Ç¤¹¡£¤³¤ì¤Ï
+ <acronym>KDC</acronym> ¤Î¥¨¥é¡¼¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¡£</para>
+ </listitem>
+
+ <listitem>
+ <para><acronym>MIT</acronym>
+ <application>Kerberos</application> ¤Ë¤ª¤¤¤Æ¡¢
+ ¥×¥ê¥ó¥·¥Ñ¥ë¤¬¡¢¥Ç¥Õ¥©¥ë¥È¤Î 10
+ »þ´Ö¤òĶ¤¨¤ë¥Á¥±¥Ã¥È¤Î͸ú´ü¸Â¤È¤·¤¿¤¤¾ì¹ç¤Ë¤Ï¡¢
+ <command>kadmin</command> ¤Ç
+ <command>modify_principal</command> ¤ò»È¤Ã¤Æ¡¢
+ ÂоݤΥץê¥ó¥·¥Ñ¥ë¤ª¤è¤Ó
+ <systemitem class="username">krbtgt</systemitem>
+ ¥×¥ê¥ó¥·¥Ñ¥ëξÊý¤Î͸ú´ü¸Â¤ÎºÇÂçÃͤòÊѹ¹¤·¤Æ¤¯¤À¤µ¤¤¡£
+ ¥×¥ê¥ó¥·¥Ñ¥ë¤Ï¡¢
+ <command>kinit</command> ¤Ç
+ <literal>-l</literal> ¥ª¥×¥·¥ç¥ó¤ò»ÈÍѤ·¤Æ¡¢
+ Ť¤Í¸ú´ü¸Â¤Î¥Á¥±¥Ã¥È¤òÍ×µá¤Ç¤¤Þ¤¹¡£</para>
+ </listitem>
+
+ <listitem>
+ <note><para>¥È¥é¥Ö¥ë¥·¥å¡¼¥Æ¥£¥ó¥°¤Î¤¿¤á¤Ë¡¢
+ <acronym>KDC</acronym> ¤Ç¥Ñ¥±¥Ã¥È¥¹¥Ë¥Õ¥¡¤òÁö¤é¤»¡¢
+ ¤½¤·¤Æ¡¢¥ï¡¼¥¯¥¹¥Æ¡¼¥·¥ç¥ó¤«¤é
+ <command>kinit</command> ¤ò¼Â¹Ô¤¹¤ë¤È¡¢
+ <command>kinit</command> ¤ò¼Â¹Ô¤¹¤ë¤ä¤¤¤Ê¤ä¡¢
+ <acronym>TGT</acronym> ¤¬Á÷¤é¤ì¤Æ¤¤Þ¤¹¡£
+ —
+ ¤¢¤Ê¤¿¤¬¥Ñ¥¹¥ï¡¼¥É¤òÆþÎϤ·½ª¤ï¤ëÁ°¤Ç¤â!
+ ¤³¤ì¤Ë´Ø¤¹¤ëÀâÌÀ¤Ï¡¢°Ê²¼¤ÎÄ̤ê¤Ç¤¹¡£
+ <application>Kerberos</application> ¥µ¡¼¥Ð¤Ï¡¢
+ ¤¤¤«¤Ê¤ë̤¾µÇ§¤Î¥ê¥¯¥¨¥¹¥È¤ËÂФ·¤Æ¡¢
+ ¼«Í³¤Ë <acronym>TGT</acronym> (Ticket Granting
+ Ticket) ¤òÁ÷¿®¤·¤Þ¤¹¡£¤·¤«¤·¤Ê¤¬¤é¡¢¤¹¤Ù¤Æ¤Î
+ <acronym>TGT</acronym> ¤Ï¡¢
+ ¥æ¡¼¥¶¤Î¥Ñ¥¹¥ï¡¼¥É¤«¤éÀ¸À®¤µ¤ì¤¿¸°¤Ë¤è¤ê¡¢°Å¹æ²½¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
+ ¤½¤Î¤¿¤á¡¢¥æ¡¼¥¶¤¬¥Ñ¥¹¥ï¡¼¥É¤òÆþÎϤ·¤¿»þ¤Ë¤Ï¡¢
+ ¥Ñ¥¹¥ï¡¼¥É¤Ï <acronym>KDC</acronym> ¤Ë¤ÏÁ÷¤é¤ì¤Þ¤»¤ó¡£
+ ¤³¤Î¥Ñ¥¹¥ï¡¼¥É¤Ï¡¢<command>kinit</command> ¤¬¤¹¤Ç¤ËÆþ¼ê¤·¤¿
+ <acronym>TGT</acronym> ¤ÎÉü¹æ²½¤Ë»È¤ï¤ì¤Þ¤¹¡£
+ ¤â¤·¡¢Éü¹æ²½¤Î·ë²Ì¡¢
+ ͸ú¤Ê¥Á¥±¥Ã¥È¤Ç͸ú¤Ê¥¿¥¤¥à¥¹¥¿¥ó¥×¤Î¾ì¹ç¤Ë¤Ï¡¢
+ ¥æ¡¼¥¶¤Ï¡¢Í¸ú¤Ê <application>Kerberos</application>
+ ¥¯¥ì¥Ç¥ó¥·¥ã¥ë¤ò»ý¤Á¤Þ¤¹¡£
+ ¤³¤Î¥¯¥ì¥Ç¥ó¥·¥ã¥ë¤Ë¤Ï¡¢
+ <application>Kerberos</application>
+ ¥µ¡¼¥Ð¼«¿È¤Î¸°¤Ë¤è¤ê°Å¹æ²½¤µ¤ì¤¿¼ÂºÝ¤Î
+ ticket-granting ticket ¤È¤È¤â¤Ë¡¢¾Íè
+ <application>Kerberos</application>
+ ¥µ¡¼¥Ð¤È°ÂÁ´¤ÊÄÌ¿®¤ò³ÎΩ¤¹¤ë¤¿¤á¤Î¥»¥Ã¥·¥ç¥ó¸°¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£
+ ¤³¤Î°Å¹æ¤Î 2 ÈÖÌܤΥ쥤¥ä¤Ï¡¢¥æ¡¼¥¶¤Ë¤ÏÃΤ餵¤ì¤Þ¤»¤ó¤¬¡¢
+ <application>Kerberos</application> ¥µ¡¼¥Ð¤¬¡¢
+ ³Æ <acronym>TGT</acronym>
+ ¤Î¿¿µ¶¤Î¸¡¾Ú¤ò²Äǽ¤Ë¤·¤Æ¤¤¤ëÉôʬ¤Ç¤¹¡£</para></note>
+ </listitem>
+
+ <listitem>
+ <para>¥ì¥ë¥à¤Ë¤¢¤ë¤¹¤Ù¤Æ¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Î´Ö¤Ç»þ¹ï¤¬Æ±´ü¤·¤Æ¤¤¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+ ¤³¤ÎÌÜŪ¤Ë´°àú¤ËŬ¤·¤Æ¤¤¤ë¤Î¤¬¡¢
+ <acronym>NTP</acronym> ¤Ç¤¹¡£
+ <acronym>NTP</acronym> ¤Î¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï¡¢
+ <xref linkend="network-ntp"/> ¤ò¤´Í÷¤¯¤À¤µ¤¤¡£</para>
+ </listitem>
+
+ <listitem>
+ <para>(¤¿¤È¤¨¤Ð°ì½µ´Ö¤È¤¤¤Ã¤¿)
+ Ť¤Í¸ú´ü¸Â¤Î¥Á¥±¥Ã¥È¤ò»È¤¤¤¿¤¤¾ì¹ç¤Ç¡¢
+ <application>OpenSSH</application> ¤ò»È¤Ã¤Æ¡¢
+ ¥Á¥±¥Ã¥È¤¬Êݸ¤µ¤ì¤Æ¤¤¤ë¥³¥ó¥Ô¥å¡¼¥¿¤ËÀܳ¤·¤è¤¦¤È¤¹¤ë¾ì¹ç¤Ï¡¢
+ <application>Kerberos</application>
+ <option>TicketCleanup</option> ¤¬
+ <filename>sshd_config</filename> ¤Ë¤ª¤¤¤Æ
+ <literal>no</literal> ¤ÈÀßÄꤵ¤ì¤Æ¤¤¤ë¤«¡¢
+ ¥Á¥±¥Ã¥È¤¬¡¢¥í¥°¥¢¥¦¥È»þ¤Ëºï½ü¤µ¤ì¤ë¤³¤È¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+ </listitem>
+
+ <listitem>
+ <para>¥Û¥¹¥È¥×¥ê¥ó¥·¥Ñ¥ë¤âŤ¤Í¸ú´ü¸Â¤Î¥Á¥±¥Ã¥È¤ò»ý¤Æ¤ë¤³¤È¤ò³Ð¤¨¤Æ¤ª¤¤¤Æ¤¯¤À¤µ¤¤¡£
+ ¤â¤·¡¢¥æ¡¼¥¶¥×¥ê¥ó¥·¥Ñ¥ë¤¬ 1 ½µ´Ö¤Î͸ú´ü¸Â¤ò»ý¤Á¡¢
+ Àܳ¤·¤Æ¤¤¤ë¥Û¥¹¥È¤¬¡¢9 »þ´Ö¤Î͸ú´ü¸Â¤ò»ý¤Ã¤Æ¤¤¤ë¾ì¹ç¤Ë¤Ï¡¢
+ ¥¥ã¥Ã¥·¥å¤Î¥Û¥¹¥È¥×¥ê¥ó¥·¥Ñ¥ë (¤Î¸°) ¤Î͸ú´ü¸Â¤¬ÀÚ¤ì¤Æ¤·¤Þ¤¤¡¢
+ ÁÛÄꤷ¤¿¤è¤¦¤Ë¡¢¥Á¥±¥Ã¥È¥¥ã¥Ã¥·¥å¤¬¿¶¤ëÉñ¤ï¤Ê¤¤¤³¤È¤¬µ¯¤³¤ê¤¨¤Þ¤¹¡£</para>
+ </listitem>
+
+ <listitem>
+ <para>ÆÃÄê¤ÎÌäÂê¤Î¤¢¤ë¥Ñ¥¹¥ï¡¼¥É¤¬»È¤ï¤ì¤ë¤³¤È¤òÈò¤±¤ë¤¿¤á¤Ë
+ (<command>kadmind</command> ¤Î¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤Ç¤Ï¡¢
+ ¤³¤ÎÅÀ¤Ë¤Ä¤¤¤Æ´Êñ¤Ë¿¨¤ì¤Æ¤¤¤Þ¤¹)¡¢
+ <filename>krb5.dict</filename> ¥Õ¥¡¥¤¥ë¤òÀßÄꤹ¤ë»þ¤Ë¤Ï¡¢
+ ¥Ñ¥¹¥ï¡¼¥É¥Ý¥ê¥·¤¬³ä¤êÅö¤Æ¤é¤ì¤¿¥×¥ê¥ó¥·¥Ñ¥ë¤Ë¤Î¤ßŬÍѤµ¤ì¤ë¤³¤È¤ËÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£
+ <filename>krb5.dict</filename> ¥Õ¥¡¥¤¥ë¤Î·Á¼°¤Ï´Êñ¤Ç¤¹¡£
+ : °ì¹Ô¤Ë°ì¤Ä¤Îʸ»úÎó¤¬ÃÖ¤«¤ì¤Æ¤¤¤Þ¤¹¡£
+ <filename>/usr/share/dict/words</filename>
+ ¤Ë¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤òºîÀ®¤¹¤ë¤³¤È¤Ï¡¢Í¸ú¤Ç¤¹¡£</para>
+ </listitem>
+ </itemizedlist>
+
+ </sect2>
+
+ <sect2>
+ <title><acronym>MIT</acronym> port ¤È¤Î°ã¤¤¤Ë¤Ä¤¤¤Æ</title>
+
+ <para><acronym>MIT</acronym>
+ ¤È¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë Heimdal ÈǤÎÂ礤ʰ㤤¤Ï¡¢
+ <command>kadmin</command> ¤Ë´ØÏ¢¤·¤Æ¤¤¤Þ¤¹¡£
+ ¤³¤Î¥×¥í¥°¥é¥à¤Ï¡¢°Û¤Ê¤ë (¤¿¤À¤·Åù²Á¤Ê) ¥³¥Þ¥ó¥É·²¤ò»ý¤Á¡¢¤½¤·¤Æ¡¢
+ °Û¤Ê¤ë¥×¥í¥È¥³¥ë¤ò»ÈÍѤ·¤Þ¤¹¡£
+ ¤â¤· <acronym>KDC</acronym> ¤Ë <acronym>MIT</acronym>
+ ¤ò»ÈÍѤ·¤Æ¤¤¤ë¾ì¹ç¤Ë¤Ï¡¢
+ Heimdal <command>kadmin</command>
+ ¥×¥í¥°¥é¥à¤ò»È¤Ã¤Æ <acronym>KDC</acronym> ¤ò¥ê¥â¡¼¥È¤«¤é
+ (¤³¤Î¾ì¹ç¤Ï¡¢µÕ¤âƱÍͤË) ´ÉÍý¤Ç¤¤Ê¤¤
+ ¤³¤È¤ò°ÕÌ£¤·¤Æ¤¤¤Þ¤¹¡£</para>
+
+ <para>¥¯¥é¥¤¥¢¥ó¥È¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤Ç¤Ï¡¢Æ±¤¸¥¿¥¹¥¯¤ò¹Ô¤¦ºÝ¤Ë¡¢
+ ¼ã´³°Û¤Ê¤ë¥³¥Þ¥ó¥É¥é¥¤¥ó¤Î¥ª¥×¥·¥ç¥ó¤¬É¬ÍפȤʤ뤳¤È¤â¤¢¤ê¤Þ¤¹¡£
+ <acronym>MIT</acronym>
+ <application>Kerberos</application> ¥¦¥§¥Ö¥µ¥¤¥È
+ (<link xlink:href="http://web.mit.edu/Kerberos/www/"></link>)
+ ¤Ë½ñ¤«¤ì¤Æ¤¤¤ë¥¬¥¤¥É¤Ë½¾¤¦¤³¤È¤¬¿ä¾©¤µ¤ì¤Þ¤¹¡£
+ path ¤ÎÌäÂê¤Ë¤Ä¤¤¤ÆÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£
+ <acronym>MIT</acronym> port ¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç
+ <filename>/usr/local/</filename> ¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¡£
+ ¤½¤Î¤¿¤á¡¢¤â¤· <envar>PATH</envar>
+ ´Ä¶ÊÑ¿ô¤Ë¤ª¤¤¤Æ¥·¥¹¥Æ¥à¤Î¥Ç¥£¥ì¥¯¥È¤¬ºÇ½é¤Ë½ñ¤«¤ì¤Æ¤¤¤ë¾ì¹ç¤Ë¤Ï¡¢
+ <acronym>MIT</acronym> ÈǤǤϤʤ¯¡¢
+ <quote>Ä̾ï¤Î</quote> ¥·¥¹¥Æ¥à¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤¬Æ°¤¤¤Æ¤·¤Þ¤¤¤Þ¤¹¡£</para>
+
+ <note><para>&os; ¤¬Ä󶡤¹¤ë <acronym>MIT</acronym>
+ <filename role="package">security/krb5</filename> port ¤Ë¤ª¤¤¤Æ¡¢
+ <command>telnetd</command> ¤ª¤è¤Ó <command>klogind</command>
+ ·Ðͳ¤Ç¤Î¥í¥°¥¤¥ó¤¬´ñ̯¤Ê¿¶¤ëÉñ¤¤¤ò¤¹¤ë¤³¤È¤òÍý²ò¤·¤¿¤¤¤Î¤Ç¤¢¤ì¤Ð¡¢
+ port ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤ë
+ <filename>/usr/local/share/doc/krb5/README.FreeBSD</filename>
+ ¥Õ¥¡¥¤¥ë¤òÆɤó¤Ç²¼¤µ¤¤¡£
+ ºÇ¤â½ÅÍפʤ³¤È¤Ï¡¢
+ <quote>incorrect permissions on cache file</quote>
+ ¤Î¿¶¤ëÉñ¤¤¤ò½¤Àµ¤¹¤ë¤Ë¤Ï¡¢
+ ¥Õ¥©¥ï¡¼¥É¤µ¤ì¤¿¥¯¥ì¥Ç¥ó¥·¥ã¥ê¥ó¥°¤Î½ê͸¢¤òŬÀÚ¤ËÊѹ¹¤Ç¤¤ë¤è¤¦¤Ë¡¢
+ <command>login.krb5</command>
+ ¥Ð¥¤¥Ê¥ê¤¬Ç§¾Ú¤Ë»È¤ï¤ì¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para></note>
+ </sect2>
+
+ <sect2>
+ <title><application>Kerberos</application>
+ ¤Ç¸«¤Ä¤«¤Ã¤¿À©¸Â¤ò´ËϤ¹¤ë</title>
+
+ <indexterm>
+ <primary>Kerberos5</primary>
+ <secondary>À©¸Â¤ª¤è¤Ó·çÅÀ</secondary>
+ </indexterm>
+
+ <sect3>
+ <title><application>Kerberos</application> ¤Ï¡¢all-or-nothing
+ ¥¢¥×¥í¡¼¥Á¤Ç¤¹¡£</title>
+
+ <para>¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Ç͸ú¤Ê¤¹¤Ù¤Æ¤Î¥µ¡¼¥Ó¥¹¤Ï¡¢
+ <application>Kerberos</application> ²½
+ (¤Þ¤¿¤Ï¡¢¥Í¥Ã¥È¥ï¡¼¥¯¹¶·â¤ËÂФ·¤Æ°ÂÁ´¤Ë) ¤µ¤ì¤ë¤Ù¤¤Ç¤¹¡£
+ ¤µ¤â¤Ê¤¤¤È¡¢¥æ¡¼¥¶¤Î¥¯¥ì¥Ç¥ó¥·¥ã¥ë¤¬Åð¤Þ¤ì¡¢
+ ÍøÍѤµ¤ì¤ë¤³¤È¤¬µ¯¤¤ë¤«¤â¤·¤ì¤Þ¤»¤ó¡£
+ ¤³¤ÎÎã¤Ï¡¢
+ <application>Kerberos</application> ²½¤µ¤ì¤¿¤¹¤Ù¤Æ¤Î¥ê¥â¡¼¥È¥·¥§¥ë
+ (¤¿¤È¤¨¤Ð¡¢<command>rsh</command> ¤ª¤è¤Ó <command>telnet</command>)
+ ¤Ç¤¹¡£
+ ¥Ñ¥¹¥ï¡¼¥É¤òʿʸ¤ÇÁ÷¤ë¤è¤¦¤Ê
+ <acronym>POP3</acronym> ¥á¡¼¥ë¥µ¡¼¥Ð¤ÏÊÑ´¹¤·¤Æ¤¤¤Þ¤»¤ó¡£</para>
+ </sect3>
+
+ <sect3>
+ <title><application>Kerberos</application> ¤Ï¡¢
+ ¥·¥ó¥°¥ë¥æ¡¼¥¶¤Î¥ï¡¼¥¯¥¹¥Æ¡¼¥·¥ç¥ó¤Ç¤Î»ÈÍѤòÁÛÄꤷ¤Æ¤¤¤Þ¤¹¡£</title>
+
+ <para>¥Þ¥ë¥Á¥æ¡¼¥¶¤Î´Ä¶¤Ç¤Ï¡¢
+ <application>Kerberos</application> ¤Ï°ÂÁ´¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¡£
+ ¥Á¥±¥Ã¥È¤Ï <filename>/tmp</filename> ¥Ç¥£¥ì¥¯¥È¥ê¤ËÊݴɤµ¤ì¡¢
+ ¤³¤Î¥Á¥±¥Ã¥È¤Ï¡¢¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤¬Æɤळ¤È¤¬¤Ç¤¤ë¤¿¤á¤Ç¤¹¡£
+ ¤â¤·¡¢¥æ¡¼¥¶¤¬¥³¥ó¥Ô¥å¡¼¥¿¤ò¾¤Î¥æ¡¼¥¶¤ÈƱ»þ¤Ë¶¦Í
+ (i.e. ¥Þ¥ë¥Á¥æ¡¼¥¶¤Ç»ÈÍÑ) ¤·¤Æ¤¤¤ë¤È¡¢
+ ¾¤Î¥æ¡¼¥¶¤Ï¡¢¤½¤Î¥æ¡¼¥¶¤Î¥Á¥±¥Ã¥È¤òÅð¤à
+ (¥³¥Ô¡¼¤¹¤ë) ¤³¤È¤¬½ÐÍè¤Æ¤·¤Þ¤¤¤Þ¤¹¡£</para>
+
+ <para>¤³¤ÎÌäÂê¤Ï¡¢<literal>-c</literal>
+ ¥Õ¥¡¥¤¥ë̾¥³¥Þ¥ó¥É¥é¥¤¥ó¥ª¥×¥·¥ç¥ó¤Þ¤¿¤Ï¡¢(¹¥¤Þ¤·¤¯¤Ï)
+ <envar>KRB5CCNAME</envar> ´Ä¶ÊÑ¿ô¤Ë¤è¤Ã¤Æ¹îÉþ¤µ¤ì¤Þ¤¹¤¬¡¢
+ ¼ÂºÝ¤Ë»È¤ï¤ì¤ë¤³¤È¤Ï¤Þ¤ì¤Ç¤¹¡£
+ ÂçÂΤˤª¤¤¤Æ¤Ï¡¢¥Á¥±¥Ã¥È¤ò¥æ¡¼¥¶¤Î¥Û¡¼¥à¥Ç¥£¥ì¥¯¥È¥ê¤ËÊݸ¤·¡¢
+ ´Êñ¤Ê¥Õ¥¡¥¤¥ë¤Îµö²Ä°À¤òÀßÄꤹ¤ë¤³¤È¤Ç¡¢
+ ¤³¤ÎÌäÂê¤ËÂбþ¤Ç¤¤Þ¤¹¡£</para>
+ </sect3>
+
+ <sect3>
+ <title>KDC ¤Ï¡¢Ã±°ì¾ã³²ÅÀ¤Ç¤¢¤ë</title>
+
+ <para>À߷׾塢<acronym>KDC</acronym> ¤Ï¡¢
+ ¥Þ¥¹¥¿¡¼¥Ñ¥¹¥ï¡¼¥É¤Î¥Ç¡¼¥¿¥Ù¡¼¥¹¤ò´Þ¤à¤¿¤á¡¢
+ °ÂÁ´¤Ç¤¢¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+ <acronym>KDC</acronym> ¤Ç¤Ï¡¢
+ ÀäÂФ˾¤Î¥µ¡¼¥Ó¥¹¤òÁö¤é¤»¤ë¤Ù¤¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¤·¡¢
+ ʪÍýŪ¤Ë°ÂÁ´¤Ç¤¢¤ë¤Ù¤¤Ç¤¹¡£
+ <application>Kerberos</application> ¤Ï¡¢
+ <acronym>KDC</acronym> ¾å¤Ç¡¢¥Õ¥¡¥¤¥ë¤È¤·¤ÆÊݸ¤µ¤ì¤Æ¤¤¤ë°ì¤Ä¤Î¸°
+ (<quote>¥Þ¥¹¥¿¡¼</quote> ¸°)
+ ¤Ç°Å¹æ²½¤µ¤ì¤¿¤¹¤Ù¤Æ¤Î¥Ñ¥¹¥ï¡¼¥É¤òÊݸ¤·¤Æ¤¤¤ë¤Î¤Ç¡¢
+ Èó¾ï¤Ë´í¸±¤Ç¤¹¡£</para>
+
+ <para>Äɵ¤Ç¤¹¤¬¡¢¥Þ¥¹¥¿¡¼¸°¤¬Ï³±Ì¤·¤Æ¤â¡¢
+ Ä̾ï·üÇ°¤¹¤ë¤Û¤É°¤¤¤³¤È¤Ë¤Ï¤Ê¤ê¤Þ¤»¤ó¡£
+ ¥Þ¥¹¥¿¡¼¸°¤Ï¡¢<application>Kerberos</application>
+ ¥Ç¡¼¥¿¥Ù¡¼¥¹¤Î°Å¹æ»þ¤Ë¤Î¤ß¡¢
+ Íð¿ô¤òÀ¸À®¤¹¤ë¤¿¤á¤Î¥·¡¼¥É¤È¤·¤Æ»È¤ï¤ì¤Þ¤¹¡£
+ <acronym>KDC</acronym> ¤Ø¤Î¥¢¥¯¥»¥¹¤¬°ÂÁ´¤Ç¤¢¤ë¸Â¤ê¤Ë¤ª¤¤¤Æ¤Ï¡¢
+ ¥Þ¥¹¥¿¡¼¸°¤òÍѤ¤¤Æ¡¢¤½¤ì¤Û¤É¿¤¯¤Î¤³¤È¤Ï¤Ç¤¤Þ¤»¤ó¡£</para>
+
+ <para>¤µ¤é¤Ë¡¢<acronym>KDC</acronym> ¤¬
+ (DoS ¹¶·â¤Þ¤¿¤Ï¥Í¥Ã¥È¥ï¡¼¥¯ÌäÂêÅù¤Ë¤è¤ê)
+ ¥Í¥Ã¥È¥ï¡¼¥¯¥µ¡¼¥Ó¥¹¤òÍøÍѤǤ¤º¡¢
+ ǧ¾Ú¤¬¤Ç¤¤Ê¤¤¾ì¹ç¤ËÂФ¹¤ë¡¢DoS ¹¶·â¤Ø¤ÎÂбþÊýË¡¤¬¤¢¤ê¤Þ¤¹¡£
+ ¤³¤Î¹¶·â¤Ë¤è¤ëÈï³²¤Ï¡¢
+ Ê£¿ô¤Î <acronym>KDC</acronym>
+ (¤Ò¤È¤Ä¤Î¥Þ¥¹¥¿¤È¤Ò¤È¤Ä¤Þ¤¿¤Ï¤½¤ì°Ê¾å¤Î¥¹¥ì¡¼¥Ö)
+ ¤ª¤è¤Ó¡¢¥»¥«¥ó¥À¥ê¤â¤·¤¯¤Ï¥Õ¥©¡¼¥ë¥Ð¥Ã¥¯Ç§¾Ú
+ (¤³¤ì¤Ë¤Ï¡¢<acronym>PAM</acronym> ¤¬Í¥¤ì¤Æ¤¤¤Þ¤¹)
+ ¤Î¼ÂÁõ¤Ë¤è¤ê·Ú¸º¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
+ </sect3>
+
+ <sect3>
+ <title><application>Kerberos</application> ¤Î·çÅÀ</title>
+
+ <para><application>Kerberos</application> ¤Ï¡¢
+ ¥æ¡¼¥¶¡¢¥Û¥¹¥È¤ª¤è¤Ó¥µ¡¼¥Ó¥¹¤Î´Ö¤Ç¤Îǧ¾Ú¤ò²Äǽ¤Ë¤·¤Þ¤¹¤¬¡¢
+ <acronym>KDC</acronym> ¤È¥æ¡¼¥¶¡¢
+ ¥Û¥¹¥È¤Þ¤¿¤Ï¥µ¡¼¥Ó¥¹¤È¤Î´Ö¤Îǧ¾Ú¤Î¥á¥«¥Ë¥º¥à¤ÏÄ󶡤·¤Þ¤»¤ó¡£
+ ¤³¤ì¤Ï¡¢(¤¿¤È¤¨¤Ð) ¥È¥í¥¤¤ÎÌÚÇϤÎ
+ <command>kinit</command> ¤¬¡¢
+ ¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É¤òµÏ¿¤Ç¤¤ë¤³¤È¤ò°ÕÌ£¤·¤Æ¤¤¤Þ¤¹¡£
+ <filename role="package">security/tripwire</filename>
+ ¤Î¤è¤¦¤Ê¡¢
+ ¤â¤·¤¯¤Ï¾¤Î¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤Î´°Á´À¤ò³Îǧ¤¹¤ë¤¿¤á¤Î¥Ä¡¼¥ë¤Ë¤è¤ê¡¢
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-doc-all
mailing list