svn commit: r49696 - head/ja_JP.eucJP/books/handbook/security
Ryusuke SUZUKI
ryusuke at FreeBSD.org
Thu Nov 24 12:29:37 UTC 2016
Author: ryusuke
Date: Thu Nov 24 12:29:35 2016
New Revision: 49696
URL: https://svnweb.freebsd.org/changeset/doc/49696
Log:
- Merge the following from the English version:
r17804 -> r17850 head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified:
head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml
==============================================================================
--- head/ja_JP.eucJP/books/handbook/security/chapter.xml Wed Nov 23 16:27:01 2016 (r49695)
+++ head/ja_JP.eucJP/books/handbook/security/chapter.xml Thu Nov 24 12:29:35 2016 (r49696)
@@ -3,7 +3,7 @@
The FreeBSD Documentation Project
The FreeBSD Japanese Documentation Project
- Original revision: r17804
+ Original revision: r17850
$FreeBSD$
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="security">
@@ -4160,20 +4160,21 @@ ipfw add 1 allow ipencap from W.X.Y.Z to
<secondary>OpenSSH</secondary>
</indexterm>
- <para>¥»¥¥å¥¢¥·¥§¥ë (secure shell)
+ <para><application>OpenSSH</application>
¤Ï¥ê¥â¡¼¥È¥Þ¥·¥ó¤Ø¤Î¥»¥¥å¥¢¤Ê¥¢¥¯¥»¥¹¤Ë»È¤ï¤ì¤ë¥Í¥Ã¥È¥ï¡¼¥¯Àܳ¥Ä¡¼¥ë¤Î½¸¹ç¤Ç¤¹¡£
¤³¤ì¤Ï <command>rlogin</command>,
<command>rsh</command>, <command>rcp</command>,
<command>telnet</command> ¤ò¤½¤Î¤Þ¤ÞÃÖ¤´¹¤¨¤Æ»È¤¨¤Þ¤¹¡£
¤Þ¤¿¡¢Â¾¤Î¤¢¤é¤æ¤ë TCP/IP Àܳ¤ò
- ssh ·Ðͳ¤Ç¥»¥¥å¥¢¤Ë¥È¥ó¥Í¥ë/¥Õ¥©¥ï¡¼¥É¤¹¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£
- ssh ¤Ï¤¹¤Ù¤Æ¤Î¥È¥é¥Õ¥£¥Ã¥¯¤ò°Å¹æ²½¤·¡¢
+ SSH ·Ðͳ¤Ç¥»¥¥å¥¢¤Ë¥È¥ó¥Í¥ë/¥Õ¥©¥ï¡¼¥É¤¹¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£
+ <application>OpenSSH</application> ¤Ï¤¹¤Ù¤Æ¤Î¥È¥é¥Õ¥£¥Ã¥¯¤ò°Å¹æ²½¤·¡¢
ÅðÄ°¤äÀܳ¤Î¾è¤Ã¼è¤êÅù¤Î¥Í¥Ã¥È¥ï¡¼¥¯¥ì¥Ù¥ë¤Î¹¶·â¤ò»ö¼Â¾å̵¸ú²½¤·¤Þ¤¹¡£</para>
- <para>OpenSSH ¤Ï OpenBSD ¥×¥í¥¸¥§¥¯¥È¤Ë¤è¤Ã¤Æ°Ý»ý´ÉÍý¤µ¤ì¤Æ¤ª¤ê¡¢SSH v1.2.12
+ <para><application>OpenSSH</application>
+ ¤Ï OpenBSD ¥×¥í¥¸¥§¥¯¥È¤Ë¤è¤Ã¤Æ°Ý»ý´ÉÍý¤µ¤ì¤Æ¤ª¤ê¡¢SSH v1.2.12
¤ËºÇ¿·¤Î¤¹¤Ù¤Æ¤Î¥Ð¥°½¤Àµ¤È¹¹¿·¤òŬÍѤ·¤¿¤â¤Î¤ò¥Ù¡¼¥¹¤Ë¤·¤Æ¤¤¤Þ¤¹¡£
- OpenSSH ¥¯¥é¥¤¥¢¥ó¥È¤Ï SSH ¥×¥í¥È¥³¥ë 1 ¤È 2 ¤ÎξÊý¤Ë¸ß´¹À¤¬¤¢¤ê¤Þ¤¹¡£
- OpenSSH ¤Ï FreeBSD 4.0 °Ê¹ß¥Ù¡¼¥¹¥·¥¹¥Æ¥à¤Ë¼è¤ê¹þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£</para>
+ <application>OpenSSH</application> ¥¯¥é¥¤¥¢¥ó¥È¤Ï SSH ¥×¥í¥È¥³¥ë 1 ¤È 2 ¤ÎξÊý¤Ë¸ß´¹À¤¬¤¢¤ê¤Þ¤¹¡£
+ <application>OpenSSH</application> ¤Ï FreeBSD 4.0 °Ê¹ß¥Ù¡¼¥¹¥·¥¹¥Æ¥à¤Ë¼è¤ê¹þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£</para>
<sect2>
<title>OpenSSH ¤ò»È¤¦¤³¤È¤ÎÍøÅÀ</title>
@@ -4182,7 +4183,8 @@ ipfw add 1 allow ipencap from W.X.Y.Z to
¤ò»È¤¦¾ì¹ç¡¢°ìÈ̤˥ǡ¼¥¿¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¤òʿʸ¤Çή¤ì¤Þ¤¹¡£
¥Í¥Ã¥È¥ï¡¼¥¯¤ò¥¯¥é¥¤¥¢¥ó¥È¤È¥µ¡¼¥Ð¤Î´Ö¤Î¤É¤³¤«¤ÇÅðÄ°¤¹¤ë¤³¤È¤Ç
¤¢¤Ê¤¿¤Î¥æ¡¼¥¶/¥Ñ¥¹¥ï¡¼¥É¾ðÊó¤ä¥»¥·¥ç¥óÃæ¤òή¤ì¤ë¥Ç¡¼¥¿¤òÅð¤à¤³¤È¤¬²Äǽ¤Ç¤¹¡£
- OpenSSH ¤Ï¤³¤ì¤é¤òͽËɤ¹¤ë°Ù¤Ë¤µ¤Þ¤¶¤Þ¤Êǧ¾Ú¤È°Å¹æ²½¤ÎÊýË¡¤òÄ󶡤·¤Þ¤¹¡£</para>
+ <application>OpenSSH</application>
+ ¤Ï¤³¤ì¤é¤òͽËɤ¹¤ë°Ù¤Ë¤µ¤Þ¤¶¤Þ¤Êǧ¾Ú¤È°Å¹æ²½¤ÎÊýË¡¤òÄ󶡤·¤Þ¤¹¡£</para>
</sect2>
<sect2>
@@ -4198,7 +4200,7 @@ ipfw add 1 allow ipencap from W.X.Y.Z to
<screen>sshd_enable="YES"</screen>
<para>¼¡¤Ëµ¯Æ°¤·¤¿¤È¤¤«¤é
- <application>ssh</application> ¤Î¥Ç¡¼¥â¥ó¥×¥í¥°¥é¥à¤Ç¤¢¤ë
+ <application>OpenSSH</application> ¤Î¥Ç¡¼¥â¥ó¥×¥í¥°¥é¥à¤Ç¤¢¤ë
&man.sshd.8; ¤¬µ¯Æ°¤·¤Þ¤¹¡£
¤â¤·¤¯¤Ï¥³¥Þ¥ó¥É¥é¥¤¥ó¤«¤éñ¤Ë <command>sshd</command>
¤ÈÆþÎϤ·¤Æ¡¢Ä¾ÀÜ <application>sshd</application>
@@ -4234,12 +4236,13 @@ user at example.com's password: <userinput>
SSH v2 »ØÌæ¤Î¾ì¹ç¤Ï <filename>~/.ssh/known_hosts2</filename>
¤ËÊݸ¤µ¤ì¤Þ¤¹¡£</para>
- <para>¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢OpenSSH ¥µ¡¼¥Ð¤Ï SSH v1 ¤È SSH v2
+ <para>¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢<application>OpenSSH</application>
+ ¥µ¡¼¥Ð¤Ï SSH v1 ¤È SSH v2
ξÊý¤ÎÀܳ¤ò¼õ¤±ÉÕ¤±¤ë¤è¤¦¤ËÀßÄꤵ¤ì¤Æ¤¤¤Þ¤¹¡£
¥¯¥é¥¤¥¢¥ó¥È¤Ï¤½¤Î¤É¤Á¤é¤«¤òÁªÂò¤Ç¤¤Þ¤¹¡£
¥Ð¡¼¥¸¥ç¥ó 2 ¤Ï¡¢µì¥Ð¡¼¥¸¥ç¥ó¤è¤ê¤â·ø¸Ç¤Ç°ÂÁ´¤Ç¤¹¡£</para>
- <para><command>ssh</command> ¤Ë¡¢¥×¥í¥È¥³¥ë v1 ¤È v2
+ <para>&man.ssh.1; ¥³¥Þ¥ó¥É¤Ë¡¢¥×¥í¥È¥³¥ë v1 ¤È v2
¤Ë¤Ä¤¤¤Æ¤½¤ì¤¾¤ì¡¢°ú¿ô <option>-1</option> ¤Þ¤¿¤Ï <option>-2</option>
¤òÅϤ¹¤³¤È¤Ç¡¢ÍøÍѤ¹¤ë¥×¥í¥È¥³¥ë¤ò¶¯À©¤Ç¤¤Þ¤¹¡£</para>
</sect2>
@@ -4252,8 +4255,8 @@ user at example.com's password: <userinput>
</indexterm>
<indexterm><primary><command>scp</command></primary></indexterm>
- <para><command>scp</command> ¥³¥Þ¥ó¥É¤Ï
- <command>rcp</command> ¤ÈƱÍͤËƯ¤¤Þ¤¹¡£
+ <para>&man.scp.1; ¥³¥Þ¥ó¥É¤Ï
+ &man.rcp.1; ¤ÈƱÍͤËƯ¤¤Þ¤¹¡£
°ÂÁ´¤ÊÊýË¡¤Ç¹Ô¤Ã¤Æ¤¤¤ë¤Û¤«¤Ï¡¢¥í¡¼¥«¥ë¤Î¥Õ¥¡¥¤¥ë¤ò¥ê¥â¡¼¥È¥Þ¥·¥ó¤Ø¡¢
¤¢¤ë¤¤¤Ï¥ê¥â¡¼¥È¥Þ¥·¥ó¤Î¥Õ¥¡¥¤¥ë¤ò¥í¡¼¥«¥ë¤Ë¥³¥Ô¡¼¤¹¤ë¤Î¤ÏƱ¤¸¤Ç¤¹¡£</para>
@@ -4264,9 +4267,9 @@ COPYRIGHT 100% |*************
&prompt.root;</screen>
<para>Á°²ó¤ÎÎã¤Ç¤³¤Î¥Û¥¹¥È¤Î»ØÌ椬¤¹¤Ç¤ËÊݸ¤µ¤ì¤Æ¤¤¤ì¤Ð
- ¤³¤Î <command>scp</command> ¤ò»È¤¦»þ¤Ë¸¡¾Ú¤¬¹Ô¤Ê¤ï¤ì¤Þ¤¹¡£</para>
+ ¤³¤Î &man.scp.1; ¤ò»È¤¦»þ¤Ë¸¡¾Ú¤¬¹Ô¤Ê¤ï¤ì¤Þ¤¹¡£</para>
- <para><command>scp</command> ¤ËÅϤµ¤ì¤ë°ú¿ô¤Ï¡¢<command>cp</command>
+ <para>&man.scp.1; ¤ËÅϤµ¤ì¤ë°ú¿ô¤Ï¡¢&man.cp.1;
¤Î¤â¤Î¤È»÷¤Æ¤ª¤ê¡¢¥Õ¥¡¥¤¥ë (1 ¤Ä¤Þ¤¿¤ÏÊ£¿ô) ¤¬
1 ¤Ä¤á¤Î°ú¿ô¤Ë¤Ê¤ê¡¢¥³¥Ô¡¼À褬 2 ¤Ä¤á¤Î°ú¿ô¤Ë¤Ê¤ê¤Þ¤¹¡£
¥Õ¥¡¥¤¥ë¤Ï¥Í¥Ã¥È¥ï¡¼¥¯±Û¤·¤Ë SSH ¤òÄ̤·¤ÆÁ÷¤é¤ì¤ë¤Î¤Ç¡¢
@@ -4282,8 +4285,8 @@ COPYRIGHT 100% |*************
<secondary>ÀßÄê</secondary>
</indexterm>
- <para>¥·¥¹¥Æ¥àÁ´ÂΤÎÀßÄê¥Õ¥¡¥¤¥ë¤Ï¡¢OpenSSH ¥Ç¡¼¥â¥ó¡¢
- ¥¯¥é¥¤¥¢¥ó¥È¤ÎξÊý¤È¤â <filename>/etc/ssh</filename>
+ <para>¥·¥¹¥Æ¥àÁ´ÂΤÎÀßÄê¥Õ¥¡¥¤¥ë¤Ï¡¢<application>OpenSSH</application>
+ ¥Ç¡¼¥â¥ó¡¢¥¯¥é¥¤¥¢¥ó¥È¤ÎξÊý¤È¤â <filename>/etc/ssh</filename>
¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤¢¤ê¤Þ¤¹¡£</para>
<para><filename>ssh_config</filename> ¤Ï¥¯¥é¥¤¥¢¥ó¥È¤ÎÆ°ºîÀßÄê¡¢
@@ -4303,7 +4306,7 @@ COPYRIGHT 100% |*************
<para>¥Ñ¥¹¥ï¡¼¥É¤ÎÂå¤ï¤ê¤Ë &man.ssh-keygen.1;
¤ò»È¤Ã¤Æ¥æ¡¼¥¶¤Îǧ¾ÚÍѤΠRSA °Å¹æ¸°¤òºî¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
- <screen>&prompt.user; <userinput>ssh-keygen</userinput>
+ <screen>&prompt.user; <userinput>ssh-keygen -t <replaceable>rsa1</replaceable></userinput>
Initializing random number generator...
Generating p: .++ (distance 66)
Generating q: ..............................++ (distance 498)
@@ -4324,24 +4327,33 @@ Your identification has been saved in /h
<para>¤³¤ì¤Ç¥Ñ¥¹¥ï¡¼¥É¤ÎÂå¤ï¤ê
RSA ǧ¾Ú¤ò»È¤Ã¤Æ¥ê¥â¡¼¥È¥Þ¥·¥ó¤ËÀܳ¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤Ã¤¿¤Ï¤º¤Ç¤¹¡£</para>
+ <note><para>The <option>-t rsa1</option> ¥ª¥×¥·¥ç¥ó¤Ï¡¢
+ SSH ¥×¥í¥È¥³¥ë¥Ð¡¼¥¸¥ç¥ó 1 ¤ÇÍѤ¤¤é¤ì¤ë RSA ¸°¤òÀ¸À®¤·¤Þ¤¹¡£
+ SSH ¥×¥í¥È¥³¥ë¥Ð¡¼¥¸¥ç¥ó 2 ¤ÇÍѤ¤¤é¤ì¤ë RSA ¸°¤òÀ¸À®¤¹¤ë¤Ë¤Ï¡¢
+ <option>ssh-keygen -t rsa</option> ¤ò¼Â¹Ô¤·¤Æ¤¯¤À¤µ¤¤¡£</para></note>
+
<para>&man.ssh-keygen.1; ¤Ç¥Ñ¥¹¥Õ¥ì¡¼¥º¤ò»È¤Ã¤Æ¤¤¤ë¾ì¹ç¤Ï¡¢
¥æ¡¼¥¶¤ÏÈëÌ©¸°¤ò»È¤¦¤¿¤á¤ËËè²ó¥Ñ¥¹¥Õ¥ì¡¼¥º¤ÎÆþÎϤò¹Ô¤Ê¤¦É¬Íפ¬¤¢¤ê¤Þ¤¹¡£</para>
- <para>Ʊ¤¸ÌÜŪ¤Ç¡¢<command>ssh-keygen -d</command>
- (FreeBSD &os.current; ¤Ç¤Ï
- <command>ssh-keygen -t dsa</command>)
- ¥³¥Þ¥ó¥É¤ò»È¤Ã¤Æ SSH v2 DSA ¸°¤òÀ¸À®¤¹¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£
- ¤³¤ì¤Ï¡¢SSH v2 ¥»¥Ã¥·¥ç¥óÀìÍѤΠDSA ¸ø³«/ÈëÌ©¸°¤òÀ¸À®¤·¤Þ¤¹¡£
+ <para>Ʊ¤¸ÌÜŪ¤Ç¡¢<command>ssh-keygen -t dsa</command>
+ ¥³¥Þ¥ó¥É¤ò»È¤Ã¤Æ SSH ¥×¥í¥È¥³¥ë¥Ð¡¼¥¸¥ç¥ó 2 ¤Î
+ DSA ¸°¤òÀ¸À®¤¹¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£
+ ¤³¤ì¤Ï¡¢SSH ¥×¥í¥È¥³¥ë¥Ð¡¼¥¸¥ç¥ó 2 ¥»¥Ã¥·¥ç¥óÀìÍѤΠDSA ¸ø³«/ÈëÌ©¸°¤òÀ¸À®¤·¤Þ¤¹¡£
¸ø³«¸°¤Ï <filename>~/.ssh/id_dsa.pub</filename>
¤ËÊݸ¤µ¤ì¡¢ÈëÌ©¸°¤Ï <filename>~/.ssh/id_dsa</filename>
¤ËÃÖ¤«¤ì¤Þ¤¹¡£</para>
- <para>DSA ¸ø³«¸°¤Ï¥ê¥â¡¼¥È¥Þ¥·¥ó¤Î
- <filename>~/.ssh/authorized_keys2</filename>
+ <para>DSA ¸ø³«¸°¤Ë¤Ä¤¤¤Æ¤âƱÍͤ˥ê¥â¡¼¥È¥Þ¥·¥ó¤Î
+ <filename>~/.ssh/authorized_keys</filename>
Æâ¤Ë¤ª¤¤Þ¤¹¡£</para>
<para>&man.ssh-agent.1; ¤È &man.ssh-add.1; ¤Ï
Ê£¿ô¤Î¥Ñ¥¹¥ï¡¼¥É²½¤µ¤ì¤¿ÈëÌ©¸°¤Î´ÉÍý¤Ë»È¤ï¤ì¤Þ¤¹¡£</para>
+
+ <warning><para>¥·¥¹¥Æ¥à¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë
+ <application>OpenSSH</application> ¤Î¥Ð¡¼¥¸¥ç¥ó¤Ë¤è¤Ã¤Æ¡¢
+ ¥ª¥×¥·¥ç¥ó¤ä¥Õ¥¡¥¤¥ë¤Ë°ã¤¤¤¬½Ð¤Æ¤¯¤ë¤³¤È¤¬¤¢¤ê¤Þ¤¹¡£
+ &man.ssh-keygen.1; ¤ò»²¾È¤·¤Æ¡¢ÌäÂ꤬µ¯¤³¤ë¤³¤È¤òÈò¤±¤Æ¤¯¤À¤µ¤¤¡£</para></warning>
</sect2>
<sect2>
@@ -4351,10 +4363,10 @@ Your identification has been saved in /h
<secondary>¥È¥ó¥Í¥ê¥ó¥°</secondary>
</indexterm>
- <para>OpenSSH ¤Ï°Å¹æ²½¤µ¤ì¤¿¥»¥Ã¥·¥ç¥ó¤ÎÃæ¤Ë¾¤Î¥×¥í¥È¥³¥ë¤ò
+ <para><application>OpenSSH</application> ¤Ï°Å¹æ²½¤µ¤ì¤¿¥»¥Ã¥·¥ç¥ó¤ÎÃæ¤Ë¾¤Î¥×¥í¥È¥³¥ë¤ò
¥«¥×¥»¥ë²½¤¹¤ë¥È¥ó¥Í¥ë¤òºî¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
- <para>°Ê²¼¤Î¥³¥Þ¥ó¥É¤Ï &man.ssh.1; ¤Ç telnet
+ <para>°Ê²¼¤Î¥³¥Þ¥ó¥É¤Ï &man.ssh.1; ¤Ç <application>telnet</application>
ÍѤΥȥó¥Í¥ë¤òºîÀ®¤·¤Þ¤¹¡£</para>
<screen>&prompt.user; <userinput>ssh -2 -N -f -L 5023:localhost:23 user at foo.example.com</userinput>
@@ -4369,7 +4381,7 @@ Your identification has been saved in /h
<listitem>
<para><command>ssh</command> ¤Ë¥×¥í¥È¥³¥ë¥Ð¡¼¥¸¥ç¥ó 2
- ¤ò»È¤¦¤³¤È¤ò»Ø¼¨¤·¤Þ¤¹¡£(¸Å¤¤ ssh
+ ¤ò»È¤¦¤³¤È¤ò»Ø¼¨¤·¤Þ¤¹¡£(¸Å¤¤ SSH
¥µ¡¼¥Ð¤ò»È¤Ã¤Æ¤¤¤ë¤È¤¤Ë¤Ï»ØÄꤷ¤Ê¤¤¤Ç¤¯¤À¤µ¤¤)</para>
</listitem>
</varlistentry>
@@ -4421,8 +4433,8 @@ Your identification has been saved in /h
<replaceable>5023</replaceable> ¤¬¥ê¥â¡¼¥È¥Þ¥·¥ó¤Î
<systemitem>localhost</systemitem> ¤Î¥Ý¡¼¥È <replaceable>23</replaceable>
¤ËžÁ÷¤µ¤ì¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£
- <replaceable>23</replaceable> ¤Ï telnet ¤Ê¤Î¤Ç¤³¤ì¤Ï SSH
- ¥È¥ó¥Í¥ë¤òÄ̤륻¥¥å¥¢¤Ê telnet ¥»¥Ã¥·¥ç¥ó¤òºî¤ê¤Þ¤¹¡£</para>
+ <replaceable>23</replaceable> ¤Ï <application>telnet</application> ¤Ê¤Î¤Ç¤³¤ì¤Ï SSH
+ ¥È¥ó¥Í¥ë¤òÄ̤륻¥¥å¥¢¤Ê <application>telnet</application> ¥»¥Ã¥·¥ç¥ó¤òºî¤ê¤Þ¤¹¡£</para>
<para>¤³¤Î¤è¤¦¤Ë¤·¤Æ SMTP ¤ä POP3, FTP Åù¤Î¥»¥¥å¥¢¤Ç¤Ï¤Ê¤¤ TCP
¥×¥í¥È¥³¥ë¤ò¥«¥×¥»¥ë²½¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
More information about the svn-doc-head
mailing list