svn commit: r51063 - head/ja_JP.eucJP/books/handbook/security
Ryusuke SUZUKI
ryusuke at FreeBSD.org
Fri Oct 6 09:32:01 UTC 2017
Author: ryusuke
Date: Fri Oct 6 09:31:59 2017
New Revision: 51063
URL: https://svnweb.freebsd.org/changeset/doc/51063
Log:
- Merge the following from the English version:
r25140 -> r28158 head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified:
head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml
==============================================================================
--- head/ja_JP.eucJP/books/handbook/security/chapter.xml Thu Oct 5 21:13:43 2017 (r51062)
+++ head/ja_JP.eucJP/books/handbook/security/chapter.xml Fri Oct 6 09:31:59 2017 (r51063)
@@ -3,7 +3,7 @@
The FreeBSD Documentation Project
The FreeBSD Japanese Documentation Project
- Original revision: r25140
+ Original revision: r28158
$FreeBSD$
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="security">
@@ -64,7 +64,7 @@
</listitem>
<listitem>
- <para>&os; 5.0 °Ê¹ß¤Î¥ê¥ê¡¼¥¹¤Ë¤ª¤±¤ë¡¢
+ <para>&os; ¤Ë¤ª¤±¤ë
<application>Kerberos5</application> ¤ÎÀßÄêÊýË¡</para>
</listitem>
@@ -949,8 +949,6 @@
¤Ê¥Ý¡¼¥È¤ò¥Ö¥í¥Ã¥¯¤«¤é½ü³°¤¹¤ë¤Î¤Ï¤â¤Á¤í¤ó¤Ç¤¹¤¬) 4000
¤è¤ê²¼¤Î¤¹¤Ù¤Æ¤Î¥Ý¡¼¥È¤ò¥Ö¥í¥Ã¥¯¤¹¤ë¤È¤¤¤¦ÀßÄ꤬¹Í¤¨¤é¤ì¤Þ¤¹¡£</para>
- <indexterm><primary>ICMP_BANDLIM</primary></indexterm>
-
<para>¤Þ¤¿Ê̤Τ褯¤¢¤ë¥µ¡¼¥Ó¥¹Ë¸³²¹¶·â¤È¤·¤Æ¡¢Æ§¤ßÂ湶·â
(springboard attack) ¤È¸Æ¤Ð¤ì¤ë¤â¤Î¤¬¤¢¤ê¤Þ¤¹ — ¤³¤ì¤Ï¡¢
¤¢¤ë¥µ¡¼¥Ð¤ò¹¶·â¤·¡¢¤½¤³·ë²Ì¤È¤·¤ÆÀ¸À®¤µ¤ì¤ë±þÅú¤¬¼«Ê¬¼«¿È¡¢¥í¡¼
@@ -973,10 +971,12 @@
¤Þ¤¦¤è¤¦¤Ë¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£mbuf ¤ò¾ÃÈñ¤·¿Ô¤¯¤µ¤»¤ë¤³¤È¤Ë¤è
¤ê¡¢¤³¤Î¼ï¤Î¹¶·â¤Ç¥µ¡¼¥Ð¤ò¥¯¥é¥Ã¥·¥å¤µ¤»¤ë¤³¤È¤â²Äǽ¤Ç¤¹¡£¥µ¡¼
¥Ð¤¬À¸À®¤·¤¿ ICMP ±þÅú¤ò½½Ê¬Â®¤¯Á÷¿®¤Ç¤¤Ê¤¤¾ì¹ç¡¢¤È¤¯¤Ë¤Ò¤É¤¤
- ¤³¤È¤Ë¤Ê¤ê¤Þ¤¹¡£&os; ¥«¡¼¥Í¥ë¤Ë¤Ï¡¢¤³¤Î¼ï¤Î¹¶·â¤Î¸ú²Ì¤òÍÞÀ©¤¹¤ë
- <option>ICMP_BANDLIM</option>
- ¤È¸Æ¤Ð¤ì¤ë¿·¤·¤¤¥«¡¼¥Í¥ë¥³¥ó¥Ñ¥¤¥ë¥ª¥×¥·¥ç¥ó
- ¤¬¤¢¤ê¤Þ¤¹¡£Æ§¤ßÂ湶·â¤Î 3 ¤Ä¤á¤Î¼çÍפʥ¯¥é¥¹¤Ë°¤¹¤ë¹¶·â¤Ï¡¢
+ ¤³¤È¤Ë¤Ê¤ê¤Þ¤¹¡£
+ ¤³¤Î¼ï¤Î¹¶·â¤Î¸ú²Ì¤òÍÞÀ©¤¹¤ë¤Ë¤Ï¡¢
+ <application>sysctl</application> ÊÑ¿ô¤Î
+ <literal>net.inet.icmp.icmplim</literal>
+ ¤ò»È¤Ã¤Æ¤¯¤À¤µ¤¤¡£
+ Ƨ¤ßÂ湶·â¤Î 3 ¤Ä¤á¤Î¼çÍפʥ¯¥é¥¹¤Ë°¤¹¤ë¹¶·â¤Ï¡¢
udp echo ¥µ¡¼¥Ó¥¹¤Î¤è¤¦¤Ê¡¢ÆÃÄê¤Î
<application>inetd</application> ÆâÉô¥µ¡¼¥Ó¥¹¤Ë´ØÏ¢¤¹¤ë
¤â¤Î¤Ç¤¹¡£¹¶·â¼Ô¤Ï¡¢Ã±¤ËÁ÷¿®¸µ¥¢¥É¥ì¥¹¤¬¥µ¡¼¥Ð A ¤Î echo ¥Ý¡¼
@@ -1129,11 +1129,7 @@
<sect2>
<title>°Å¹æ²½µ¡¹½¤òÍý²ò¤¹¤ë</title>
- <para>&os; 4.4 ¤ÎÁ°¤Þ¤Ç¤Ï¡¢<filename>libcrypt.a</filename>
- ¤Ï°Å¹æ²½¤Ë»È¤ï¤ì¤ë¥é¥¤¥Ö¥é¥ê¤Ø¤Î¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤Ç¤·¤¿¡£
- &os; 4.4 ¤Ç <filename>libcrypt.a</filename>
- ¤ÏÀßÄê²Äǽ¤Ê¥Ñ¥¹¥ï¡¼¥Éǧ¾Ú¥Ï¥Ã¥·¥å¥é¥¤¥Ö¥é¥ê¤òÄ󶡤¹¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤·¤¿¡£
- ¸½ºß¤Î¤È¤³¤í¡¢¤³¤Î¥é¥¤¥Ö¥é¥ê¤Ï DES, MD5 ¤ª¤è¤Ó Blowfish
+ <para>¸½ºß¤Ç¤Ï¡¢¥é¥¤¥Ö¥é¥ê¤Ï DES, MD5 ¤ª¤è¤Ó Blowfish
¥Ï¥Ã¥·¥å´Ø¿ô¤ËÂбþ¤·¤Æ¤¤¤Þ¤¹¡£¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢&os;
¤Ï¥Ñ¥¹¥ï¡¼¥É¤Î°Å¹æ²½¤Ë MD5 ¤òÍøÍѤ·¤Þ¤¹¡£</para>
@@ -1173,31 +1169,22 @@
<secondary>¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É</secondary>
</indexterm>
- <para>S/Key ¤Ï°ìÊý¸þ¥Ï¥Ã¥·¥å´Ø¿ô¤ò´ð¤Ë¤·¤¿¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥ÉÊý¼°
- ¤Ç¤¹¡£&os; ¤Ç¤Ï¡¢¸ß´¹À¤Î¤¿¤á¤Ë MD4 ¥Ï¥Ã¥·¥å¤òÍѤ¤¤Æ¤¤¤Þ¤¹¤¬
- ¾¤Î¥·¥¹¥Æ¥à¤Ç¤Ï MD5 ¤ä DES-MAC ¤òÍѤ¤¤Æ¤Þ¤¹¡£S/Key ¤Ï¡¢¥Ð¡¼¥¸¥ç
- ¥ó1.1.5 °Ê¹ß¤Î¤¹¤Ù¤Æ¤Î &os; ¤Ë´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¤·¡¢&os; °Ê³°
- ¤Î¿ô¿¤¯¤Î¥·¥¹¥Æ¥à¤Î¾å¤Ç¤âÍøÍѤµ¤ì¤Æ¤¤¤Þ¤¹¡£S/Key ¤Ï Bell
- Communications Research, Inc. ¤ÎÅÐÏ¿¾¦É¸¤Ç¤¹¡£</para>
+ <para>¥Ç¥Õ¥©¥ë¥È¤Ç¡¢&os; ¤Ï
+ OPIE (One-time Passwords In Everything) ¤ËÂбþ¤·¤Æ¤¤¤Þ¤¹¡£
+ OPIE ¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï MD5 ¥Ï¥Ã¥·¥å¤ò»ÈÍѤ·¤Þ¤¹¡£</para>
- <para>&os; ¥Ð¡¼¥¸¥ç¥ó 5.0 °Ê¹ß¤Ç¤Ï¡¢S/Key
- ¤Ïµ¡Ç½Åª¤ËƱÅù¤Ê OPIE (One-time Passwords In Everything)
- ¤ÇÃÖ¤´¹¤¨¤é¤ì¤Þ¤·¤¿¡£OPIE ¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï
- MD5 ¥Ï¥Ã¥·¥å¤ò»ÈÍѤ·¤Þ¤¹¡£</para>
-
<para>¤³¤³¤Ç¤Ï¡¢»°¼ïÎà¤Î°Û¤Ê¤ë¡Ö¥Ñ¥¹¥ï¡¼¥É¡×¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
¤Þ¤º°ì¤ÄÌܤϡ¢¤¢¤Ê¤¿¤¬ÉáÃʻȤäƤ¤¤ëÉáÄ̤Î
&unix; ¥¹¥¿¥¤¥ë¤Î¡¢¤â¤·¤¯¤Ï Kerberos
¤Î¥Ñ¥¹¥ï¡¼¥É¤Ç¤¹¡£¤³¤³¤Ç¤Ï¤³¤ì¤ò
- <quote>&unix; ¥Ñ¥¹¥ï¡¼¥É</quote> ¤È¸Æ¤Ö¤³¤È¤Ë¤·¤Þ¤¹¡£Æó¤ÄÌܤϡ¢S/Key
- ¤Î <command>key</command> ¥×¥í¥°¥é¥à¡¢¤Þ¤¿¤Ï
- OPIE ¤Î &man.opiekey.1; ¥×¥í¥°¥é¥à¤Ë¤è¤Ã¤ÆÀ¸À®¤µ¤ì¡¢
- <command>keyinit</command> ¤Þ¤¿¤Ï &man.opiepasswd.1;
+ <quote>&unix; ¥Ñ¥¹¥ï¡¼¥É</quote> ¤È¸Æ¤Ö¤³¤È¤Ë¤·¤Þ¤¹¡£
+ Æó¤ÄÌܤϡ¢OPIE ¤Î &man.opiekey.1; ¥×¥í¥°¥é¥à¤Ë¤è¤Ã¤ÆÀ¸À®¤µ¤ì¡¢
+ &man.opiepasswd.1;
¥×¥í¥°¥é¥à¤È¥í¥°¥¤¥ó¥×¥í¥ó¥×¥È¤¬¼õ¤±ÉÕ¤±¤ë¥Ñ¥¹¥ï¡¼¥É¤Ç¤¹¡£
¤³¤³¤Ç¤Ï¤³¤ì¤ò <quote>¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É</quote>
¤È¸Æ¤Ö¤³¤È¤Ë¤·¤Þ¤¹¡£»°¤ÄÌܤΥѥ¹¥ï¡¼¥É¤Ï¡¢
- <command>key</command>/<command>opiekey</command> (¤È¾ì¹ç¤Ë¤è¤ê
- <command>keyinit</command>/<command>opiepasswd</command>)
+ <command>opiekey</command> (¤È¾ì¹ç¤Ë¤è¤ê
+ <command>opiepasswd</command>)
¥×¥í¥°¥é¥à¤ËÂФ·¤Æ¥æ¡¼¥¶¤¬ÆþÎϤ¹¤ëÈëÌ©¤Î¥Ñ¥¹¥ï¡¼¥É¤Ç¡¢
¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤òÀ¸À®¤¹¤ë¤Î¤Ë»È¤ï¤ì¤Þ¤¹¡£¤³¤³¤Ç¤Ï¤³¤ì¤ò
<quote>ÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º</quote> ¤â¤·¤¯¤Ïñ¤Ë
@@ -1214,24 +1201,24 @@
¥Ñ¥¹¥ï¡¼¥É¤ÏŤµ¤¬ 8 ʸ»ú¤ËÀ©¸Â¤µ¤ì¤Æ¤¤¤Þ¤·¤¿
<footnote><para>&os; ¤Ç¤Ï¡¢É¸½à¤Î¥í¥°¥¤¥ó¥Ñ¥¹¥ï¡¼¥É¤Ï¡¢128
ʸ»ú¤Þ¤Ç¤È¤Ê¤ê¤Þ¤¹¡£</para></footnote>¡£
- ¤³¤ì¤ËÂФ·¡¢S/Key ¤ä OPIE
+ ¤³¤ì¤ËÂФ·¡¢OPIE
¤Ç¤ÏÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º¤ò¹¥¤¤Ê¤À¤±Ä¹¤¯¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹
(ÌõÃí: ¼ÂÁõ¾å¡¢<command>key</command> ¥³¥Þ¥ó¥É¤Ê¤É¤Î
¥Ð¥Ã¥Õ¥¡Ä¹¤ÇÀ©¸Â¤µ¤ì¤Æ¤·¤Þ¤¦²ÄǽÀ¤¬¤¢¤ê¤Þ¤¹¡£200 ʸ»úÄøÅ٤˲¡
¤¨¤Æ¤ª¤¤¤¿Êý¤¬¤è¤¤¤Ç¤·¤ç¤¦ :-)¡£
6 ¸ì¤«¤é 7 ¸ì¤«¤é¤Ê¤ë¥Ñ¥¹¥Õ¥ì¡¼¥º¤¬¤Õ¤Ä¤¦¤Ç¤¹¡£¤Û¤È¤ó¤É¤ÎÉôʬ¤Ç¡¢
- S/Key ¤ä OPIE ¥·¥¹¥Æ¥à¤Ï Unix
+ OPIE ¥·¥¹¥Æ¥à¤Ï &unix;
¤Î¥Ñ¥¹¥ï¡¼¥É¥·¥¹¥Æ¥à¤È´°Á´¤ËÆÈΩ¤·¤ÆÆ°ºî¤¹¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£</para>
- <para>¥Ñ¥¹¥Õ¥ì¡¼¥º¤Ë²Ã¤¨¡¢S/Key ¤ä OPIE
+ <para>¥Ñ¥¹¥Õ¥ì¡¼¥º¤Ë²Ã¤¨¡¢OPIE
¥·¥¹¥Æ¥à¤Ë¤È¤Ã¤Æ½ÅÍ×¤Ê 2 ¼ïÎà¤Î¥Ç¡¼¥¿¤¬¤¢¤ê¤Þ¤¹¡£°ì¤Ä¤Ï
<quote>¥·¡¼¥É (seed: ¼ï)</quote> ¤Þ¤¿¤Ï
<quote>¥¡¼ (key: ¸°)</quote> ¤È¸Æ¤Ð¤ì¤ë¤â¤Î¤Ç¡¢2 ¤Ä¤Îʸ»ú¤È
5 ¤Ä¤Î¿ô»ú¤Ç¹½À®¤µ¤ì¤Þ¤¹¡£¤â¤¦°ì¤Ä¤Ï <quote>¥·¡¼¥±¥ó¥¹ÈÖ¹æ (iteration
- count)</quote> ¤Ç¡¢1 ¤«¤é 100 ¤Þ¤Ç¤ÎÀ°¿ô¤Ç¤¹¡£S/Key ¤Ï¤³¤³¤Þ¤Ç
+ count)</quote> ¤Ç¡¢1 ¤«¤é 100 ¤Þ¤Ç¤ÎÀ°¿ô¤Ç¤¹¡£OPIE ¤Ï¤³¤³¤Þ¤Ç
¤Ë½Ò¤Ù¤¿¥Ç¡¼¥¿¤òÍøÍѤ·¤Æ¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤òÀ¸À®¤·¤Þ¤¹¡£¤½¤ÎÊý
Ë¡¤Ï¡¢¤Þ¤º¥·¡¼¥É¤ÈÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º¤òÏ¢·ë¤·¡¢¤½¤ì¤ËÂФ·¤Æ¥·¡¼¥±
- ¥ó¥¹ÈÖ¹æ¤Î²ó¿ô¤À¤± MD4/MD5 ¥Ï¥Ã¥·¥å¤ò·«¤êÊÖ¤··×»»¤·¤Þ¤¹¡£
+ ¥ó¥¹ÈÖ¹æ¤Î²ó¿ô¤À¤± MD5 ¥Ï¥Ã¥·¥å¤ò·«¤êÊÖ¤··×»»¤·¤Þ¤¹¡£
¤½¤·¤Æ¤½¤Î·ë²Ì¤ò 6 ¤Ä¤Îû¤¤±Ññ¸ì¤ËÊÑ´¹¤·¤Þ¤¹¡£
ǧ¾Ú¥·¥¹¥Æ¥à (°ì¼¡Åª¤Ë¤Ï PAM)
¤Ï¡¢Á°²óºÇ¸å¤Ë¼õ¤±ÉÕ¤±¤¿¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤òµÏ¿¤·¤Æ¤¤¤Þ¤¹¡£
@@ -1243,40 +1230,35 @@
¤ëÊ£¿ô¤Î¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤òÀ¸À®¤¹¤ë¤³¤È¤ÏÉÔ²Äǽ¤Ç¤¹¡£¥·¡¼¥±
¥ó¥¹ÈÖ¹æ¤Ï¥í¥°¥¤¥ó¤¬À®¸ù¤¹¤ë¤¿¤Ó¤Ë°ì¤Ä¤º¤Ä¸º¤é¤µ¤ì¤Æ¡¢¥æ¡¼¥¶¤È¥í
¥°¥¤¥ó¥×¥í¥°¥é¥à¤Î´Ö¤ÇƱ´ü¤¬¼è¤é¤ì¤Þ¤¹¡£¥·¡¼¥±¥ó¥¹Èֹ椬 1 ¤Þ¤Ç
- ¸º¤Ã¤¿¤é¡¢S/Key ¤ä OPIE ¤òºÆÅÙ½é´ü²½¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
+ ¸º¤Ã¤¿¤é¡¢OPIE ¤òºÆÅÙ½é´ü²½¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
<para>¼¡¤Ë¡¢¤½¤ì¤¾¤ì¤Î¥·¥¹¥Æ¥à¤Ç´ØÏ¢¤¹¤ë
- 3 ¤Ä¤Î¥×¥í¥°¥é¥à¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
- <command>key</command> ¤È <command>opiekey</command>
- ¥×¥í¥°¥é¥à¤Ï¡¢¥·¡¼¥±¥ó¥¹ÈÖ¹æ¤È¡¢¥·¡¼¥É¤È¡¢
+ ¤¤¤¯¤Ä¤«¤Î¥×¥í¥°¥é¥à¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
+ <command>opiekey</command> ¥×¥í¥°¥é¥à¤Ï¡¢¥·¡¼¥±¥ó¥¹ÈÖ¹æ¤È¡¢¥·¡¼¥É¤È¡¢
ÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º¤ò¼õ¤±ÉÕ¤±¤Æ¡¢¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É 1 ¤Ä¡¢
¤Þ¤¿¤Ï°ìÏ¢¤Î¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤Î°ìÍ÷¤òÀ¸À®¤·¤Þ¤¹¡£
- <command>keyinit</command> ¤È <command>opiepasswd</command>
- ¥×¥í¥°¥é¥à¤Ï¡¢¤½¤ì¤¾¤ì S/Key ¤È OPIE
+ <command>opiepasswd</command>
+ ¥×¥í¥°¥é¥à¤Ï¡¢OPIE
¤ò½é´ü²½¤¹¤ë¤Î¤Ë»ÈÍѤµ¤ì¡¢¤Þ¤¿ÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º¡¢
¥·¡¼¥±¥ó¥¹ÈÖ¹æ¤ä¥·¡¼¥É¤òÊѹ¹¤¹¤ë¤¿¤á¤Ë¤â»ÈÍѤµ¤ì¤Þ¤¹¡£
- ¤½¤ì¤¾¤ì¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤Ë¤Ï¡¢ÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º¤«¡¢
+ ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤Ë¤Ï¡¢ÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º¤«¡¢
¤Þ¤¿¤Ï¡¢¥·¡¼¥±¥ó¥¹ÈÖ¹æ¤È¥·¡¼¥É¤È¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤Î
1 ÁȤ«¤Î¡¢¤É¤Á¤é¤«¤òÍ¿¤¨¤Þ¤¹¡£
- <command>keyinfo</command> ¤È <command>opieinfo</command> ¥×¥í¥°¥é¥à¤Ï¡¢
- ¤½¤ì¤¾¤ì¤ËÂбþ¤¹¤ëǧ¾Ú¥Õ¥¡¥¤¥ë (<filename>/etc/skeykeys</filename>
- ¤Þ¤¿¤Ï <filename>/etc/opiekeys</filename>)
- ¤òÄ´¤Ù¤Æ¡¢¥×¥í¥°¥é¥à¤òµ¯Æ°¤·¤¿¥æ¡¼¥¶¤Î¸½ºß¤Î¥·¡¼¥±¥ó¥¹ÈÖ¹æ¤È¥·¡¼¥É¤òɽ¼¨¤·¤Þ¤¹¡£</para>
+ <command>opieinfo</command> ¥×¥í¥°¥é¥à¤Ï¡¢
+ ǧ¾Ú¥Õ¥¡¥¤¥ë (<filename>/etc/opiekeys</filename>) ¤òÄ´¤Ù¤Æ¡¢
+ ¥×¥í¥°¥é¥à¤òµ¯Æ°¤·¤¿¥æ¡¼¥¶¤Î¸½ºß¤Î¥·¡¼¥±¥ó¥¹ÈÖ¹æ¤È¥·¡¼¥É¤òɽ¼¨¤·¤Þ¤¹¡£</para>
<para>¤³¤Îʸ½ñ¤Ç¤Ï¡¢4 ¼ïÎà¤Î°Û¤Ê¤ëÁàºî¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
- 1 ¤ÄÌܤϡ¢<command>keyinit</command> ¤Þ¤¿¤Ï
+ 1 ¤ÄÌܤϡ¢
<command>opiepasswd</command> ¤ò¿®Íê¤Ç¤¤ëÄÌ¿®Ï©¾å¤ÇÍøÍѤ·¤Æ¡¢
ºÇ½é¤Ë¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤òÀßÄꤷ¤¿¤ê¡¢
ÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º¤ä¥·¡¼¥É¤òÊѹ¹¤¹¤ëÁàºî¤Ç¤¹¡£
- 2 ¤ÄÌܤϡ¢Æ±¤¸¤³¤È¤ò¹Ô¤¦¤¿¤á¤Ë <command>keyinit</command>
- ¤Þ¤¿¤Ï <command>opiepasswd</command>
- ¤ò¿®Íê¤Ç¤¤Ê¤¤ÄÌ¿®Ï©¾å¤ÇÍøÍѤ¹¤ëÁàºî¤Ç¤¹¡£
- ¤³¤Î¾ì¹ç¤Ï¿®Íê¤Ç¤¤ëÄÌ¿®Ï©·Ðͳ¤Î
- <command>key</command> ¤Þ¤¿¤Ï <command>opiekey</command>
- ¤òÊ»ÍѤ·¤Þ¤¹¡£3 ¤ÄÌܤϡ¢<command>key</command> ¤Þ¤¿¤Ï
- <command>opiekey</command>
+ 2 ¤ÄÌܤϡ¢Æ±¤¸¤³¤È¤ò¹Ô¤¦¤¿¤á¤Ë
+ <command>opiepasswd</command> ¤ò¿®Íê¤Ç¤¤Ê¤¤ÄÌ¿®Ï©¾å¤ÇÍøÍѤ¹¤ëÁàºî¤Ç¤¹¡£
+ ¤³¤Î¾ì¹ç¤Ï¿®Íê¤Ç¤¤ëÄÌ¿®Ï©·Ðͳ¤Î <command>opiekey</command>
+ ¤òÊ»ÍѤ·¤Þ¤¹¡£3 ¤ÄÌܤϡ¢<command>opiekey</command>
¤ò»È¤¤¡¢¿®Íê¤Ç¤¤Ê¤¤ÄÌ¿®Ï©¤òÄ̤¸¤Æ¥í¥°¥¤¥ó¤¹¤ëÁàºî¤Ç¤¹¡£
- 4 ÈÖÌܤϡ¢<command>key</command> ¤Þ¤¿¤Ï <command>opiekey</command>
+ 4 ÈÖÌܤϡ¢<command>opiekey</command>
¤ò»È¤Ã¤ÆÊ£¿ô¤Î¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤ò°ìµ¤¤ËÀ¸À®¤¹¤ëÁàºî¤Ç¤¹¡£
¤³¤³¤ÇÀ¸À®¤·¤¿Ê£¿ô¤Î¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤Ï¡¢
¥á¥â¤·¤¿¤ê°õºþ¤·¤¿¤ê¤·¤Æ·ÈÂÓ¤·¡¢
@@ -1288,32 +1270,9 @@
<sect2>
<title>¿®Íê¤Ç¤¤ëÄÌ¿®Ï©¤Ç¤Î½é´ü²½</title>
- <para>¿®Íê¤Ç¤¤ëÄÌ¿®Ï© (¤¿¤È¤¨¤Ð¤¢¤ë¥Þ¥·¥ó¤Î¥³¥ó¥½¡¼¥ë²èÌ̤䡢
- <application>ssh</application>
- ¤ò»È¤Ã¤Æ¤¤¤ë»þ¤Ê¤É) ¤òÍøÍѤ·¤Æ¤¤¤ë¤È¤¤Ë¡¢S/Key ¤ò½é¤á¤Æ½é´ü²½
- ¤¹¤ë¤³¤È¡¢S/Key ¤ÎÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º¤òÊѹ¹¤¹¤ë¤³¤È¡¢¤Þ¤¿¤Ï¥·¡¼
- ¥É¤òÊѹ¹¤¹¤ë¤³¤È¡¢¤ò¤ª¤³¤Ê¤¦¤³¤È¤¬¤Ç¤¤Þ¤¹¡£¤½¤Î¤¿¤á¤Ë¤Ï¡¢¤Þ¤º
- ¤¢¤Ê¤¿¼«¿È¤¬¥í¥°¥¤¥ó¤·¡¢<command>keyinit</command> ¥³¥Þ¥ó¥É¤ò
- °Ê²¼¤Î¤è¤¦¤Ë¥Ñ¥é¥á¡¼¥¿¤Ê¤·¤Ç¼Â¹Ô¤·¤Þ¤¹¡£</para>
+ <para>OPIE ¤ò½é¤á¤Æ½é´ü²½¤¹¤ë¤Ë¤Ï¡¢<command>opiepasswd</command>
+ ¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
- <screen>&prompt.user; <userinput>keyinit</userinput>
-Adding unfurl:
-Reminder - Only use this method if you are directly connected.
-If you are using telnet or rlogin exit with no password and use keyinit -s.
- ) `keyinit' ¥³¥Þ¥ó¥É¤¬½ÐÎϤ¹¤ëÃí°Õ¤Ç¤¹¡£Ìõ¤¹¤È¡¢
- ) Ãí°Õ - ¤³¤ÎÆ°ºî¥â¡¼¥É¤Ï¥Þ¥·¥ó¤ËľÀÜÆþÎϤ·¤Æ¤¤¤ë¤È¤¤Î¤ßÍøÍÑ
- ) ¤¹¤ë¤³¤È¡£¤â¤·º£ telnet ¤ä rlogin ¤ò»È¤Ã¤Æ¤¤¤ë¤Ê¤é¡¢ÈëÌ©¤Î¥Ñ
- ) ¥¹¥Õ¥ì¡¼¥º¤òÆþÎϤ»¤º¤Ë¤³¤Î¤Þ¤Þ¥³¥Þ¥ó¥É¤ò½ªÎ»¤·¡¢¤«¤ï¤ê¤Ë
- ) keyinit -s ¤ò¼Â¹Ô¤¹¤ë¤³¤È¡£
-Enter secret password:
-Again secret password:
-
-ID unfurl s/key is 99 to17757
-DEFY CLUB PRO NASH LACE SOFT</screen>
-
- <para>OPIE ¤Ç¤Ï <command>opiepasswd</command>
- ¤¬Âå¤ï¤ê¤Ë»È¤ï¤ì¤Þ¤¹¡£</para>
-
<screen>&prompt.user; <userinput>opiepasswd -c</userinput>
[grimreaper] ~ $ opiepasswd -f -c
Adding unfurl:
@@ -1356,35 +1315,19 @@ MOS MALL GOAT ARM AVID COED
<title>¿®Íê¤Ç¤¤Ê¤¤ÄÌ¿®Ï©¤Ç¤Î½é´ü²½</title>
<para>¿®Íê¤Ç¤¤Ê¤¤ÄÌ¿®Ï©¤ò»È¤Ã¤ÆÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º¤ò½é´ü²½¤Þ¤¿¤ÏÊѹ¹¤¹¤ë¤¿¤á¤Ë¤Ï¡¢
- ¤½¤ì¤È¤ÏÊÌ¤Ë <command>key</command> ¤Þ¤¿¤Ï <command>opiekey</command>
+ ¤½¤ì¤È¤ÏÊÌ¤Ë <command>opiekey</command>
¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤¿¤á¤Î¿®Íê¤Ç¤¤ëÄÌ¿®Ï©¤òÍÑ°Õ¤·¤Æ¤ª¤¯É¬Íפ¬¤¢¤ê¤Þ¤¹¡£
- ¤¿¤È¤¨¤Ð¤½¤ì¤Ï¡¢¤¢¤Ê¤¿¤¬¿®Íê¤Ç¤¤ë &macintosh;
- ¤Î¥Ç¥¹¥¯¥¢¥¯¥»¥µ¥ê¤ä¿®Íê¤Ç¤¤ë¥Þ¥·¥ó¤Î¥·¥§¥ë¥×¥í¥ó¥×¥È¤À¤Ã¤¿¤ê
- ¤¹¤ë¤Ç¤·¤ç¤¦¡£(ÌõÃí: ¤³¤³¤Ç¤ÎÄÌ¿®Ï©¤È¤Ï¥Þ¥·¥ó¤½¤Î¤â¤Î¤Ë¤Ê¤ê¤Þ
+ ¤¿¤È¤¨¤Ð¤½¤ì¤Ï¡¢
+ ¿®Íê¤Ç¤¤ë¥Þ¥·¥ó¤Î¥·¥§¥ë¥×¥í¥ó¥×¥È¤À¤Ã¤¿¤ê¤¹¤ë¤Ç¤·¤ç¤¦¡£
+ (ÌõÃí: ¤³¤³¤Ç¤ÎÄÌ¿®Ï©¤È¤Ï¥Þ¥·¥ó¤½¤Î¤â¤Î¤Ë¤Ê¤ê¤Þ
¤¹¡£¿®Íê¤Ç¤¤ë¥Þ¥·¥ó¤È¤Ï¡¢¿®Íê¤Ç¤¤ë¿Í¤¬¤·¤Ã¤«¤ê´ÉÍý¤·¤Æ¤¤¤ë¥Þ
¥·¥ó¤È¤¤¤¦¤³¤È¤Ç¤¹)¡£Â¾¤Ë½àÈ÷¤·¤Æ¤ª¤¯¤â¤Î¤È¤·¤Æ¡¢¥·¡¼¥±¥ó¥¹ÈÖ
¹æ (100 ¤ÏŬÀÚ¤ÊÃͤȤ¤¤¨¤ë¤Ç¤·¤ç¤¦) ¤È¡¢¾ì¹ç¤Ë¤è¤Ã¤Æ¤Ï¼«Ê¬¤Ç¹Í
¤¨¤¿¡¢¤Þ¤¿¤Ï¥é¥ó¥À¥à¤ËÀ¸À®¤µ¤ì¤¿¥·¡¼¥É¤¬¤¢¤ê¤Þ¤¹¡£(¤¢¤Ê¤¿¤¬
S/Key ¤ò½é´ü²½¤·¤è¤¦¤È¤·¤Æ¤¤¤ë¥Þ¥·¥ó¤Ø¤Î) ¿®Íê¤Ç¤¤Ê¤¤ÄÌ¿®Ï©¤ò
- »È¤¦¤È¤¤Ë¤Ï¡¢<command>keyinit -s</command> ¥³¥Þ¥ó¥É¤ò°Ê²¼¤Î¤è
- ¤¦¤Ë»ÈÍѤ·¤Þ¤¹¡£</para>
+ »È¤¦¤È¤¤Ë¤Ï¡¢<command>opiepasswd</command>
+ ¥³¥Þ¥ó¥É¤ò°Ê²¼¤Î¤è¤¦¤Ë»ÈÍѤ·¤Þ¤¹¡£</para>
- <screen>&prompt.user; <userinput>keyinit -s</userinput>
-Updating unfurl:
-Old key: to17758
-Reminder you need the 6 English words from the key command.
- ) `keyinit' ¥³¥Þ¥ó¥É¤¬½ÐÎϤ¹¤ëÃí°Õ¤Ç¤¹¡£Ìõ¤¹¤È¡¢
- ) Ãí°Õ - skey ¥³¥Þ¥ó¥É¤Î½ÐÎϤ¹¤ë 6 ±Ññ¸ì¤¬É¬Íפˤʤê¤Þ¤¹¡£
-Enter sequence count from 1 to 9999: <userinput>100</userinput>
-Enter new key [default to17759]:
-s/key 100 to 17759
-s/key access password:
-s/key access password:<userinput>CURE MIKE BANE HIM RACY GORE</userinput>
-</screen>
-
- <para>OPIE ¤Ç¤Ï¡¢<command>opiepasswd</command>
- ¤ò»È¤¤¤Þ¤¹¡£</para>
-
<screen>&prompt.user; <userinput>opiepasswd</userinput>
Updating unfurl:
@@ -1402,22 +1345,11 @@ ID mark OTP key is 499 gr4269
LINE PAP MILK NELL BUOY TROY
</screen>
- <para>¥Ç¥Õ¥©¥ë¥È¤Î¥·¡¼¥É (<command>keyinit</command> ¥×¥í¥°¥é¥à
- ¤Ïº¤¤Ã¤¿¤³¤È¤Ë¤³¤ì¤ò <literal>key</literal>
- ¤È¸Æ¤ó¤Ç¤¤¤ë¤Î¤Ç¤¹¤¬¡¢º®Í𤷤ʤ¤¤è¤¦Ãí°Õ¤·¤Æ¤¯¤À¤µ¤¤)
- ¤Ç¹½¤ï¤Ê¤±¤ì¤Ð¡¢<keycap>Return</keycap>
+ <para>¥Ç¥Õ¥©¥ë¥È¤Î¥·¡¼¥É¤Ç¹½¤ï¤Ê¤±¤ì¤Ð¡¢<keycap>Return</keycap>
¤ò²¡¤·¤Æ¤¯¤À¤µ¤¤¡£¼¡¤Ë¡¢¥¢¥¯¥»¥¹¥Ñ¥¹¥ï¡¼¥É¤òÆþ¤ì¤ëÁ°¤Ë¡¢¤¢¤é¤«
- ¤¸¤áÍÑ°Õ¤·¤Æ¤ª¤¤¤¿¿®Íê¤Ç¤¤ëÄÌ¿®Ï©(¿®Íê¤Ç¤¤ë¥Þ¥·¥ó¤ä¿®Íê¤Ç¤
- ¤ë S/Key ¥Ç¥¹¥¯¥¢¥¯¥»¥µ¥ê¤Ê¤É) ¤Ø°Ü¤Ã¤Æ¡¢Àè¤Û¤É¤ÈƱ¤¸¥Ñ¥é¥á¡¼¥¿
- ¤òÆþÎϤ·¤Þ¤¹¡£</para>
+ ¤¸¤áÍÑ°Õ¤·¤Æ¤ª¤¤¤¿¿®Íê¤Ç¤¤ëÄÌ¿®Ï©¤Ø°Ü¤Ã¤Æ¡¢
+ Àè¤Û¤É¤ÈƱ¤¸¥Ñ¥é¥á¡¼¥¿¤òÆþÎϤ·¤Þ¤¹¡£</para>
- <screen>&prompt.user; <userinput>key 100 to17759</userinput>
-Reminder - Do not use this program while logged in via telnet or rlogin.
-Enter secret password: <userinput><ÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º></userinput>
-CURE MIKE BANE HIM RACY GORE</screen>
-
- <para>OPIE ¤Ç¤Ï¡¢</para>
-
<screen>&prompt.user; <userinput>opiekey 498 to4268</userinput>
Using the MD5 algorithm to compute response.
Reminder: Don't use opiekey from telnet or dial-in sessions.
@@ -1432,7 +1364,7 @@ GAME GAG WELT OUT DOWN CHAT
<sect2>
<title>¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤ò°ì¤ÄÀ¸À®¤¹¤ë</title>
- <para>S/Key ¤Þ¤¿¤Ï OPIE ¤ò½é´ü²½¤·¤¿¤é¡¢
+ <para>OPIE ¤ò½é´ü²½¤·¤¿¤é¡¢
¥í¥°¥¤¥ó»þ¤Ë¤Ï°Ê²¼¤Î¤è¤¦¤Ê¥×¥í¥ó¥×¥È¤¬½Ð¤Æ¤¯¤ë¤Ç¤·¤ç¤¦¡£</para>
<screen>&prompt.user; <userinput>telnet example.com</userinput>
@@ -1443,23 +1375,10 @@ Escape character is '^]'.
FreeBSD/i386 (example.com) (ttypa)
login: <userinput><¥æ¡¼¥¶Ì¾></userinput>
-s/key 97 fw13894
-Password: </screen>
-
- <para>OPIE ¤Ë¤Ä¤¤¤Æ¤Ï¡¢</para>
-
-<screen>&prompt.user; <userinput>telnet example.com</userinput>
-Trying 10.0.0.1...
-Connected to example.com
-Escape character is '^]'.
-
-FreeBSD/i386 (example.com) (ttypa)
-
-login: <userinput><username></userinput>
otp-md5 498 gr4269 ext
Password: </screen>
- <para>¤³¤³¤Ç¤Ïɽ¼¨¤·¤Æ¤¤¤Þ¤»¤ó¤¬¡¢S/Key ¤È OPIE
+ <para>¤³¤³¤Ç¤Ïɽ¼¨¤·¤Æ¤¤¤Þ¤»¤ó¤¬¡¢OPIE
¤Î¥×¥í¥ó¥×¥È¤Ë¤ÏÊØÍø¤Êµ¡Ç½¤¬È÷¤ï¤Ã¤Æ¤¤¤Þ¤¹¡£
¥Ñ¥¹¥ï¡¼¥É¥×¥í¥ó¥×¥È¤ËÂФ·¤Æ¡¢²¿¤âÆþÎϤ»¤º¤Ë
<keycap>Return</keycap> ¤ò²¡¤¹¤È¥¨¥³¡¼¥â¡¼¥É¤ËÀÚ¤êÂؤï¤ê¤Þ¤¹¡£
@@ -1473,7 +1392,7 @@ Password: </screen>
<para>¼¡¤Ë¡¢
¤³¤Î¥í¥°¥¤¥ó¥×¥í¥ó¥×¥È¤ËÂФ·¤ÆÆþÎϤ¹¤ë¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤òÀ¸À®¤·¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£
- ¤³¤ì¤Ï¡¢<command>key</command> ¤Þ¤¿¤Ï <command>opiekey</command>
+ ¤³¤ì¤Ï¡¢<command>opiekey</command>
¥×¥í¥°¥é¥à¤ò»È¤¨¤ë¿®Íê¤Ç¤¤ë¥Þ¥·¥ó¾å¤Ç¹Ô¤ï¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£
(¤³¤ì¤é¤Î¥×¥í¥°¥é¥à¤Ë¤Ï DOS ¤ä &windows;, &macos; ÈǤ¬¤¢¤ê¤Þ¤¹)¡£
¤É¤Á¤é¤â¡¢¥³¥Þ¥ó¥É¥é¥¤¥ó¤«¤é¥·¡¼¥±¥ó¥¹ÈÖ¹æ¤È¥·¡¼¥É¤ò»ØÄꤷ¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£
@@ -1481,13 +1400,6 @@ Password: </screen>
<para>¿®Íê¤Ç¤¤ë¥·¥¹¥Æ¥à¤Ç</para>
- <screen>&prompt.user; <userinput>key 97 fw13894</userinput>
-Reminder - Do not use this program while logged in via telnet or rlogin.
-Enter secret password:
-WELD LIP ACTS ENDS ME HAAG</screen>
-
- <para>OPIE ¤Ç¤Ï</para>
-
<screen>&prompt.user; <userinput>opiekey 498 to4268</userinput>
Using the MD5 algorithm to compute response.
Reminder: Don't use opiekey from telnet or dial-in sessions.
@@ -1496,14 +1408,6 @@ GAME GAG WELT OUT DOWN CHAT</screen>
<para>¤³¤³¤Ç¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤¬ÆÀ¤é¤ì¤Þ¤·¤¿¡£
¥í¥°¥¤¥ó¤ò³¤±¤Þ¤·¤ç¤¦¡£</para>
-
- <screen>login: <userinput><username></userinput>
-s/key 97 fw13894
-Password: <userinput><return to enable echo></userinput>
-s/key 97 fw13894
-Password [echo on]: WELD LIP ACTS ENDS ME HAAG
-Last login: Tue Mar 21 11:56:41 from 10.0.0.2 ...</screen>
-
</sect2>
<sect2>
@@ -1512,22 +1416,10 @@ Last login: Tue Mar 21 11:56:41 from 10.0.0.2 ...</scr
<para>ÅÔ¹ç¤Ë¤è¤Ã¤Æ¤Ï¡¢
¿®Íê¤Ç¤¤ë¥Þ¥·¥ó¤ä¿®Íê¤Ç¤¤ëÄÌ¿®Ï©¤¬°ìÀÚ³ÎÊݤǤ¤Ê¤¤¤è¤¦¤Ê¤È¤³¤í¤Ç
S/Key ¤ò»È¤¦É¬Íפ¬¤¢¤ë¤Ç¤·¤ç¤¦¡£
- ¤³¤Î¤è¤¦¤Ê¾ì¹ç¤Ë¤Ï¡¢<command>key</command> ¤ª¤è¤Ó
- <command>opiekey</command>
+ ¤³¤Î¤è¤¦¤Ê¾ì¹ç¤Ë¤Ï¡¢<command>opiekey</command>
¥³¥Þ¥ó¥É¤ò»È¤Ã¤ÆÊ£¿ô¤Î¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤ò¤¢¤é¤«¤¸¤á°ìµ¤¤ËÀ¸À®¤·¡¢
»æ¤Ë°õºþ¤·¤Æ·ÈÂÓ¤·¤Æ¤¤¤¯¤³¤È¤¬¤Ç¤¤Þ¤¹¡£¤¿¤È¤¨¤Ð</para>
- <screen>&prompt.user; <userinput>key -n 5 30 zz99999</userinput>
-Reminder - Do not use this program while logged in via telnet or rlogin.
-Enter secret password: <userinput><ÈëÌ©¤Î¥Ñ¥¹¥Õ¥ì¡¼¥º></userinput>
-26: SODA RUDE LEA LIND BUDD SILT
-27: JILT SPY DUTY GLOW COWL ROT
-28: THEM OW COLA RUNT BONG SCOT
-29: COT MASH BARR BRIM NAN FLAG
-30: CAN KNEE CAST NAME FOLK BILK</screen>
-
- <para>OPIE ¤Î¾ì¹ç¤Ë¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£</para>
-
<screen>&prompt.user; <userinput>opiekey -n 5 30 zz99999</userinput>
Using the MD5 algorithm to compute response.
Reminder: Don't use opiekey from telnet or dial-in sessions.
@@ -1555,66 +1447,10 @@ Enter secret pass phrase: <userinput><secret passwo
<sect2>
<title>&unix; ¥Ñ¥¹¥ï¡¼¥É¤ÎÍøÍѤòÀ©¸Â¤¹¤ë</title>
- <para>S/Key ¤Ï¡¢¥í¥°¥¤¥ó¤ò¼õ¤±ÉÕ¤±¤ëºÝ¤Î¥Û¥¹¥È̾¡¢¥æ¡¼¥¶Ì¾¡¢
- üËö¤Î¥Ý¡¼¥È¡¢IP ¥¢¥É¥ì¥¹¤Ê¤É¤òÍøÍѤ·¤Æ¡¢
- &unix; ¥Ñ¥¹¥ï¡¼¥É¤ÎÍøÍѤòÀ©¸Â¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
- ÀßÄê¥Õ¥¡¥¤¥ë <filename>/etc/skey.access</filename> ¤Ë¡¢
- À©¸Â¤¬µºÜ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
- ¤³¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Î¾ÜºÙ¤Ë´Ø¤·¤Æ¤Ï¥Þ¥Ë¥å¥¢¥ë &man.skey.access.5;
- ¤ò¤´Í÷¤¯¤À¤µ¤¤¡£
- ¥Þ¥Ë¥å¥¢¥ë¤Ë¤Ï¤³¤Îµ¡Ç½¤Ë´Ø¤ï¤ë¥»¥¥å¥ê¥Æ¥£¤Ë¤Ä¤¤¤Æ¡¢
- ¤¤¤¯¤Ä¤«¤Î·Ù¹ð¤¬µ½Ò¤·¤Æ¤¢¤ê¤Þ¤¹¡£
- ¤³¤Îµ¡Ç½¤ò»È¤Ã¤Æ¥»¥¥å¥ê¥Æ¥£¤ò¹â¤á¤è¤¦¤È¤¹¤ë¤Î¤Ê¤é¤Ð¡¢
- ÀäÂФˤ³¤Î¥Þ¥Ë¥å¥¢¥ë¤òÆɤó¤Ç¤¯¤À¤µ¤¤¡£</para>
-
- <para>¤â¤· <filename>/etc/skey.access</filename>
- ¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤·¤Ê¤¤¤Ê¤é¤Ð (&os; 4.X
- ¤Î¥Ç¥Õ¥©¥ë¥È¾õÂ֤ǤϤ½¤¦¤Ç¤¹)¡¢¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤¬ &unix;
- ¥Ñ¥¹¥ï¡¼¥É¤òÍøÍѤ¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
- µÕ¤Ë¡¢¤â¤·¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤¹¤ë¤Ê¤é¤Ð¡¢
- <filename>skey.access</filename>
- ¥Õ¥¡¥¤¥ë¤ËÌÀ¼¨Åª¤Ëµ½Ò¤µ¤ì¤Æ¤¤¤Ê¤¤¸Â¤ê¡¢¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤Ï S/Key
- ¤ÎÍøÍѤòÍ׵ᤵ¤ì¤Þ¤¹¡£¤É¤Á¤é¤Î¾ì¹ç¤Ë¤ª¤¤¤Æ¤â¡¢
- ¤½¤Î¥Þ¥·¥ó¤Î¥³¥ó¥½¡¼¥ë¤«¤é¤Ï¤¤¤Ä¤Ç¤â &unix;
- ¥Ñ¥¹¥ï¡¼¥É¤ò»È¤Ã¤Æ¥í¥°¥¤¥ó¤¹¤ë¤³¤È¤¬²Äǽ¤Ç¤¹¡£</para>
-
- <para>°Ê²¼¤Ë¤è¤¯»È¤ï¤ì¤ë¤Ç¤¢¤í¤¦»°¼ïÎà¤ÎÀßÄê¤ò´Þ¤àÀßÄê¥Õ¥¡¥¤¥ë
- <filename>skey.access</filename> ¤ÎÎã¤ò¼¨¤·¤Þ¤¹¡£</para>
-
- <programlisting>permit internet 192.168.0.0 255.255.0.0
-permit user fnord
-permit port ttyd0</programlisting>
-
- <para>¤Ï¤¸¤á¤Î¹Ô (<literal>permit internet</literal>) ¤Ç¡¢telnet
- ¤Ê¤É¤ÇÀܳ¤¹¤ë¤È¤¤Î IP ¤Î¥½¡¼¥¹¥¢¥É¥ì¥¹ (Ãí°Õ: ¤³¤ì¤Ïµ¶Â¤¤µ¤ì
- ¤ë¤ª¤½¤ì¤¬¤¢¤ê¤Þ¤¹) ¤¬ÆÃÄê¤ÎÃͤȥޥ¹¥¯¤Ë°ìÃפ·¤Æ¤¤¤ë¾ì¹ç¤Ë¡¢
- &unix; ¥Ñ¥¹¥ï¡¼¥É¤ÎÍøÍѤòµö²Ä¤¹¤ë¤³¤È¤ò»ØÄꤷ¤Æ¤¤¤Þ¤¹¡£
- ¤³¤ÎÀßÄ꼫ÂΤϥ»¥¥å¥ê¥Æ¥£¤ò¹â¤á¤ë¤¿¤á¤Îµ¡Ç½¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¡£¤½¤¦¤Ç¤Ï
- ¤Ê¤¯¡¢¥í¥°¥¤¥ó¤Î¸¢Íø¤ò»ý¤Äµö²Ä¤µ¤ì¤¿¥æ¡¼¥¶¤ËÂФ·¤Æ¡¢¸½ºß¤½¤Î¥æ¡¼
- ¥¶¤¬»È¤Ã¤Æ¤¤¤ë¥Í¥Ã¥È¥ï¡¼¥¯¤¬¿®Íê¤Ç¤¤Ê¤¤¤È¹Í¤¨¤é¤ì¤ë¤Î¤Ç S/Key
- ¤ò»È¤¦¤Ù¤¤Ç¤¢¤ë¡¢¤È¤¤¤¦¤³¤È¤òµ¤¤Å¤«¤»¤ë¤¿¤á¤Îµ¡Ç½¤Ç¤¢¤ë¤È¹Í¤¨
- ¤Æ¤¯¤À¤µ¤¤¡£</para>
-
- <para>Æó¹ÔÌÜ (<literal>permit user</literal>)
- ¤Ë¤è¤Ã¤Æ¡¢¤¢¤ëÆÃÄê¤Î¥æ¡¼¥¶¡¢¤³¤Î¾ì¹ç¤Ï
- <systemitem class="username">fnord</systemitem>¡¢¤ËÂФ·¤Æ¡¢
- ¤¤¤Ä¤Ç¤â &unix;
- ¥Ñ¥¹¥ï¡¼¥É¤ÎÍøÍѤòµö²Ä¤¹¤ë¤è¤¦¤Ë»ØÄꤷ¤Æ¤¤¤Þ¤¹¡£
- °ìÈÌŪ¤Ë¤Ï¤³¤ÎÀßÄê¤ò¤ª¤³¤Ê¤¦¤Ù¤¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¡£
- <command>key</command> ¥×¥í¥°¥é¥à¤¬¤É¤¦¤·¤Æ¤â»È¤¨¤Ê¤¤´Ä¶¤Ë¤¤
- ¤ë¿Í¤ä¡¢¥À¥àüËö¤·¤«¤Ê¤¤´Ä¶¤Ë¤¤¤ë¿Í¡¢¤Þ¤¿¤Ï²¿ÅÙ¶µ¤¨¤Æ¤âʹ¤¯¼ª
- ¤ò»ý¤¿¤Ê¤¤¤è¤¦¤Ê¿Í¤ò¥µ¥Ý¡¼¥È¤¹¤ëɬÍפ¬¤¢¤ë¾ì¹ç¤Ë¤Î¤ßÀßÄê¤ò¤ª¤³
- ¤Ê¤Ã¤Æ¤¯¤À¤µ¤¤¡£</para>
-
- <para>»°¹ÔÌÜ (<literal>permit port</literal>) ¤Ë¤è¤Ã¤Æ¡¢¤¢¤ëÆÃÄê
- ¤ÎüËö¥Ý¡¼¥È¤«¤é¥í¥°¥¤¥ó¤·¤è¤¦¤È¤¹¤ë¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤ËÂФ·¤Æ
- &unix; ¥Ñ¥¹¥ï¡¼¥É¤ÎÍøÍѤòµö²Ä¤¹¤ë¤è¤¦¤Ë»ØÄꤷ¤Æ¤¤¤Þ¤¹¡£¤³¤ÎÀßÄê
- ¤Ï¥À¥¤¥ä¥ë¥¢¥Ã¥×²óÀþ¤ËÂФ¹¤ëÀßÄê¤È¤·¤ÆÍøÍѤǤ¤ë¤Ç¤·¤ç¤¦¡£</para>
-
- <para>OPIE ¤Ï S/Key ¤¬¹Ô¤¦¤è¤¦¤Ê¡¢¥í¥°¥¤¥ó¥»¥Ã¥·¥ç¥ó¤Î IP
+ <para>OPIE ¤Ï¡¢¥í¥°¥¤¥ó¥»¥Ã¥·¥ç¥ó¤Î IP
¥¢¥É¥ì¥¹¤ò¥Ù¡¼¥¹¤È¤·¤¿ &unix; ¥Ñ¥¹¥ï¡¼¥É¤Î»ÈÍѤòÀ©¸Â¤Ç¤¤Þ¤¹¡£
- ´ØÏ¢¥Õ¥¡¥¤¥ë¤Ï¡¢<filename>/etc/opieaccess</filename> ¤Ç¤¹¡£
- &os; 5.0 °Ê¹ß¤Î¥·¥¹¥Æ¥à¤Ç¤Ï¥Ç¥ª¥Õ¥©¥ë¥È¤ÇÍÑ°Õ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
+ ´ØÏ¢¥Õ¥¡¥¤¥ë¤Ï¡¢<filename>/etc/opieaccess</filename> ¤Ç¡¢
+ ¥Ç¥Õ¥©¥ë¥È¤ÇÍÑ°Õ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¤³¤Î¥Õ¥¡¥¤¥ë¤Î¾ÜºÙ¤ä¡¢
¤³¤Î¥Õ¥¡¥¤¥ë¤ò»ÈÍѤ¹¤ëºÝ¤Ë¹Íθ¤¹¤Ù¤¥»¥¥å¥ê¥£¤Ë¤Ä¤¤¤Æ¤Ï
&man.opieaccess.5; ¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
@@ -2568,14 +2404,8 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat Apr 29 17:50:09
¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
<programlisting>kerberos5_server_enable="YES"
-kadmind5_server_enable="YES"
-kerberos_stash="YES"</programlisting>
+kadmind5_server_enable="YES"</programlisting>
- <note>
- <para><option>kerberos_stash</option> ¤Ï¡¢
- &os; 4.X ¤Ç¤Î¤ßÍøÍѲÄǽ¤Ç¤¹¡£</para>
- </note>
-
<para>¼¡¤Ë¡¢<application>Kerberos</application>
¤ÎÀßÄê¥Õ¥¡¥¤¥ë <filename>/etc/krb5.conf</filename>
¤òÊÔ½¸¤·¤Þ¤¹¡£</para>
@@ -3584,8 +3414,8 @@ Connection closed by foreign host.</screen>
¼ÂÁõ¤ò¥Ù¡¼¥¹¤È¤·¤Æ¤¤¤Þ¤¹¡£</para>
<note>
- <para>FreeBSD 5.X ¤Ç¤Ï <quote>hardware
- accelerated</quote> IPsec ¥¹¥¿¥Ã¥¯¤¬Äɲ䵤ì¤Þ¤·¤¿¡£
+ <para>FreeBSD ¤Ë¤Ï <quote>hardware
+ accelerated</quote> IPsec ¥¹¥¿¥Ã¥¯¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£
¤³¤ì¤Ï¡¢<quote>Fast IPsec</quote> ¤È¤·¤ÆÃΤé¤ì¤Æ¤¤¤ë¤â¤Î¤Ç¡¢
OpenBSD ¤«¤é°Ü¿¢¤µ¤ì¤Þ¤·¤¿¡£
IPsec ¤Î¥Ñ¥Õ¥©¡¼¥Þ¥ó¥¹¤òºÇŬ²½¤¹¤ë¤¿¤á¤Ë¡¢(ÍøÍѤǤ¤ë¾ì¹ç¤Ë¤Ï)
@@ -3917,44 +3747,39 @@ Network #2 [ Internal Hosts ]
gif ¥Ç¥Ð¥¤¥¹¤Î¥µ¥Ý¡¼¥È¤òÁȤßÆþ¤ì¤Æ¥³¥ó¥Ñ¥¤¥ë¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
°Ê²¼¤Î¹Ô¤ò²Ã¤¨¤ë¤³¤È¤ÇÀßÄê¤Ç¤¤Þ¤¹¡£</para>
- <programlisting>pseudo-device gif</programlisting>
+ <programlisting>device gif</programlisting>
<para>ξÊý¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Î¥«¡¼¥Í¥ë¥³¥ó¥Õ¥£¥°¥ì¡¼¥·¥ç¥ó¥Õ¥¡¥¤¥ë¤Ë¾åµ¤Î¹Ô¤ò²Ã¤¨¡¢
¥³¥ó¥Ñ¥¤¥ë¡¢¥¤¥ó¥¹¥È¡¼¥ë¤·¡¢Ä̾ïÄ̤êºÆµ¯Æ°¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
<para>¥È¥ó¥Í¥ë¤ÎÀßÄê¤Ï 2 ¤Ä¤Î¥×¥í¥»¥¹¤Ç¹Ô¤¤¤Þ¤¹¡£
- ºÇ½é¤Ï¡¢&man.gifconfig.8; ¤ò»È¤Ã¤Æ¡¢
+ ºÇ½é¤Ï¡¢&man.ifconfig.8; ¤ò»È¤Ã¤Æ¡¢
³°Éô (¥Ñ¥Ö¥ê¥Ã¥¯) IP ¥¢¥É¥ì¥¹¤òÀßÄꤹ¤ë¤·¤Þ¤¹¡£
¤½¤Î¸å¡¢¥×¥é¥¤¥Ù¡¼¥È IP ¥¢¥É¥ì¥¹¤ò
&man.ifconfig.8; ¤ò»È¤Ã¤ÆÀßÄꤷ¤Þ¤¹¡£</para>
- <note>
- <para>&os; 5.X ¤Ç¤Ï¡¢
- &man.gifconfig.8; ¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤¬Ä󶡤·¤Æ¤¤¤¿µ¡Ç½¤Ï¡¢
- &man.ifconfig.8; ¤Ë¥Þ¡¼¥¸¤µ¤ì¤Þ¤·¤¿¡£</para></note>
-
<para>¥Í¥Ã¥È¥ï¡¼¥¯ #1 ¤Ë¤¢¤ë¥²¡¼¥È¥¦¥§¥¤¥³¥ó¥Ô¥å¡¼¥¿¤Ç°Ê²¼¤Î
2 ¤Ä¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¥È¥ó¥Í¥ë¤òºîÀ®¤·¤Þ¤¹¡£</para>
- <programlisting>gifconfig gif0 A.B.C.D W.X.Y.Z
+ <programlisting>ifconfig gif0 A.B.C.D W.X.Y.Z
ifconfig gif0 inet 192.168.1.1 192.168.2.1 netmask 0xffffffff
</programlisting>
<para>¤â¤¦ÊÒÊý¤Î¥²¡¼¥È¥¦¥§¥¤¥³¥ó¥Ô¥å¡¼¥¿¤Ç¡¢
IP ¥¢¥É¥ì¥¹¤Î½ç¤òµÕ¤Ë¤·¤ÆƱ¤¸¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Þ¤¹¡£</para>
- <programlisting>gifconfig gif0 W.X.Y.Z A.B.C.D
+ <programlisting>ifconfig gif0 W.X.Y.Z A.B.C.D
ifconfig gif0 inet 192.168.2.1 192.168.1.1 netmask 0xffffffff
</programlisting>
<para>°Ê²¼¤ò¼Â¹Ô¤·¤Æ¡¢ÀßÄê¤ò³Îǧ¤ò¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
- <programlisting>gifconfig gif0</programlisting>
+ <programlisting>ifconfig gif0</programlisting>
<para>¤¿¤È¤¨¤Ð¡¢¥Í¥Ã¥È¥ï¡¼¥¯ #1 ¤Î¥²¡¼¥È¥¦¥§¥¤¤Ë¤ª¤¤¤Æ¤Ï¡¢
°Ê²¼¤Î¤è¤¦¤Ë³Îǧ¤Ç¤¤Þ¤¹¡£</para>
- <screen>&prompt.root; <userinput>gifconfig gif0</userinput>
+ <screen>&prompt.root; <userinput>ifconfig gif0</userinput>
gif0: flags=8011<UP,POINTTOPOINT,MULTICAST> mtu 1280
inet 192.168.1.1 --> 192.168.2.1 netmask 0xffffffff
physical address inet A.B.C.D --> W.X.Y.Z
@@ -4082,8 +3907,8 @@ Destination Gateway Flags Refs Use
<itemizedlist>
<title>¤Þ¤È¤á</title>
<listitem>
- <para>ξÊý¤Î¥«¡¼¥Í¥ë¤ò <quote>pseudo-device
- gif</quote> ¤Ç¹½ÃÛ¤·¤Þ¤¹¡£</para>
+ <para>ξÊý¤Î¥«¡¼¥Í¥ë¤ò <quote>device gif</quote>
+ ¤Ç¹½ÃÛ¤·¤Þ¤¹¡£</para>
</listitem>
<listitem>
<para>¥²¡¼¥È¥¦¥§¥¤¥Û¥¹¥È #1 ¤Î <filename>/etc/rc.conf</filename>
@@ -4190,14 +4015,15 @@ options IPSEC_ESP
¤Ç¥»¥¥å¥ê¥Æ¥£¥¢¥½¥·¥¨¡¼¥·¥ç¥ó¤ò´ÉÍý¤¹¤ë¥Ç¡¼¥â¥ó¤Ï¿ô¿¤¯¤¢¤ê¤Þ¤¹¡£
¤³¤Îʸ½ñ¤Ç¤Ï¡¢¤½¤ÎÃæ¤Î°ì¤Ä¤Î racoon ¤Î»È¤¤Êý¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
racoon ¤Ï¡¢&os; Ports Collection ¤Î
- <filename role="package">security/racoon</filename>
+ <filename role="package">security/ipsec-tools</filename>
¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤¤Þ¤¹¡£</para>
<indexterm>
<primary>racoon</primary>
</indexterm>
- <para>racoon ¤Ï¡¢Î¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¥Û¥¹¥È¤Ç¼Â¹Ô¤µ¤ì¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+ <para><application>racoon</application> ¥½¥Õ¥È¥¦¥§¥¢¤Ï¡¢
+ ξÊý¤Î¥²¡¼¥È¥¦¥§¥¤¥Û¥¹¥È¤Ç¼Â¹Ô¤µ¤ì¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
¤½¤ì¤¾¤ì¤Î¥Û¥¹¥È¤Ç¡¢¤â¤¦°ì¤Ä¤Î VPN ¤Îü¤Î IP ¥¢¥É¥ì¥¹¤ª¤è¤Ó
(¤¢¤Ê¤¿¤¬ÁªÂò¤·¤¿¤â¤Î¤Ç¡¢Î¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¤ÇƱ¤¸É¬ÍפΤ¢¤ë)
ÈëÌ©¸°¤ÇÀßÄꤹ¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
@@ -4212,7 +4038,7 @@ options IPSEC_ESP
-- Èà¤é¤¬¥«¥®¤ò¥¯¥é¥Ã¥¯¤·¤¿¤È¤¤Ë¤Ï¡¢
2 ¤Ä¤Î¥Ç¡¼¥â¥ó¤Ï¾¤Î¸°¤òÁªÂò¤·¤Æ¤¤¤ë¤³¤È¤Ç¤·¤ç¤¦¡£</para>
- <para>racoon's ¤ÎÀßÄê¤Ï¡¢
+ <para>racoon ¤ÎÀßÄê¤Ï¡¢
<filename>${PREFIX}/etc/racoon</filename> ¤Ç¹Ô¤ï¤ì¤Þ¤¹¡£
¤³¤³¤Ë¤Ï¡¢ÀßÄê¥Õ¥¡¥¤¥ë¤¬ÃÖ¤«¤ì¤Æ¤¤¤Þ¤¹¤¬¡¢
¤½¤ì¤Û¤É¿¤¯Êѹ¹¤¹¤ëɬÍפϤ¢¤ê¤Þ¤»¤ó¡£
@@ -4508,7 +4334,8 @@ options IPSEC_ESP
</listitem>
<listitem>
<para><filename
- role="package">security/racoon</filename> ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¡£
+ role="package">security/ipsec-tools</filename>
+ ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¡£
ξÊý¤Î¥²¡¼¥È¥¦¥§¥¤¥Û¥¹¥È¤Ë¤ª¤¤¤Æ¡¢
<filename>${PREFIX}/etc/racoon/psk.txt</filename> ¤òÊѹ¹¤·¤Æ¡¢
¥ê¥â¡¼¥È¥Û¥¹¥È¤Î IP
@@ -4587,7 +4414,7 @@ ipfw add 1 allow ipencap from W.X.Y.Z to A.B.C.D
¤³¤ì¤Ï <command>rlogin</command>,
<command>rsh</command>, <command>rcp</command>,
<command>telnet</command> ¤ò¤½¤Î¤Þ¤ÞÃÖ¤´¹¤¨¤Æ»È¤¨¤Þ¤¹¡£
- ¤Þ¤¿¡¢Â¾¤Î¤¢¤é¤æ¤ë TCP/IP Àܳ¤ò
+ ¤Þ¤¿¡¢TCP/IP Àܳ¤ò
SSH ·Ðͳ¤Ç¥»¥¥å¥¢¤Ë¥È¥ó¥Í¥ë/¥Õ¥©¥ï¡¼¥É¤¹¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£
<application>OpenSSH</application> ¤Ï¤¹¤Ù¤Æ¤Î¥È¥é¥Õ¥£¥Ã¥¯¤ò°Å¹æ²½¤·¡¢
ÅðÄ°¤äÀܳ¤Î¾è¤Ã¼è¤êÅù¤Î¥Í¥Ã¥È¥ï¡¼¥¯¥ì¥Ù¥ë¤Î¹¶·â¤ò»ö¼Â¾å̵¸ú²½¤·¤Þ¤¹¡£</para>
@@ -4595,8 +4422,7 @@ ipfw add 1 allow ipencap from W.X.Y.Z to A.B.C.D
<para><application>OpenSSH</application>
¤Ï OpenBSD ¥×¥í¥¸¥§¥¯¥È¤Ë¤è¤Ã¤Æ°Ý»ý´ÉÍý¤µ¤ì¤Æ¤ª¤ê¡¢SSH v1.2.12
¤ËºÇ¿·¤Î¤¹¤Ù¤Æ¤Î¥Ð¥°½¤Àµ¤È¹¹¿·¤òŬÍѤ·¤¿¤â¤Î¤ò¥Ù¡¼¥¹¤Ë¤·¤Æ¤¤¤Þ¤¹¡£
- <application>OpenSSH</application> ¥¯¥é¥¤¥¢¥ó¥È¤Ï SSH ¥×¥í¥È¥³¥ë 1 ¤È 2 ¤ÎξÊý¤Ë¸ß´¹À¤¬¤¢¤ê¤Þ¤¹¡£
- <application>OpenSSH</application> ¤Ï FreeBSD 4.0 °Ê¹ß¥Ù¡¼¥¹¥·¥¹¥Æ¥à¤Ë¼è¤ê¹þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£</para>
+ <application>OpenSSH</application> ¥¯¥é¥¤¥¢¥ó¥È¤Ï SSH ¥×¥í¥È¥³¥ë 1 ¤È 2 ¤ÎξÊý¤Ë¸ß´¹À¤¬¤¢¤ê¤Þ¤¹¡£</para>
<sect2>
<title>OpenSSH ¤ò»È¤¦¤³¤È¤ÎÍøÅÀ</title>
@@ -4616,10 +4442,11 @@ ipfw add 1 allow ipencap from W.X.Y.Z to A.B.C.D
<secondary>͸ú²½</secondary>
</indexterm>
- <para><application>sshd</application> ¥Ç¡¼¥â¥ó¤Ï¡¢
- &os; 4.X ¤ª¤è¤Ó &os; 5.X ¤Ë¤ª¤¤¤Æ¥Ç¥Õ¥©¥ë¥È¤Ç͸ú¤Ç¤¹¡£
- &os; 5.X ¤Ç¤Ï¥¤¥ó¥¹¥È¡¼¥ë»þ¤Ë̵¸ú¤Ë¤¹¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£
- ͸ú¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤«¤É¤¦¤«¤ò³Îǧ¤¹¤ë¤Ë¤Ï¡¢
+ <para><application>sshd</application> ¤Ï¡¢
+ &os; ¤Î <literal>Standard</literal> ¥¤¥ó¥¹¥È¡¼¥ë¤ÎÅÓÃæ¤Ç¡¢
+ ¥ª¥×¥·¥ç¥ó¤È¤·¤Æɽ¼¨¤µ¤ì¤Þ¤¹¡£
+ <application>sshd</application>
+ ¤¬Í¸ú¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤«¤É¤¦¤«¤ò³Îǧ¤¹¤ë¤Ë¤Ï¡¢
<filename>rc.conf</filename> ¥Õ¥¡¥¤¥ë¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
<screen>sshd_enable="YES"</screen>
@@ -4627,9 +4454,11 @@ ipfw add 1 allow ipencap from W.X.Y.Z to A.B.C.D
<para>¼¡¤Ëµ¯Æ°¤·¤¿¤È¤¤«¤é
<application>OpenSSH</application> ¤Î¥Ç¡¼¥â¥ó¥×¥í¥°¥é¥à¤Ç¤¢¤ë
&man.sshd.8; ¤¬µ¯Æ°¤·¤Þ¤¹¡£
- ¤â¤·¤¯¤Ï¥³¥Þ¥ó¥É¥é¥¤¥ó¤«¤éñ¤Ë <command>sshd</command>
- ¤ÈÆþÎϤ·¤Æ¡¢Ä¾ÀÜ <application>sshd</application>
- ¥Ç¡¼¥â¥ó¤ò¼Â¹Ô¤·¤Æ¤â¹½¤¤¤Þ¤»¤ó¡£</para>
+ ¤â¤·¤¯¤Ï <filename>/etc/rc.d/sshd</filename> &man.rc.8;
+ ¥¹¥¯¥ê¥×¥È¤ò»È¤Ã¤Æ¡¢<application>OpenSSH</application>
+ ¤òµ¯Æ°¤¹¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£</para>
+
+ <programlisting>/etc/rc.d/sshd start</programlisting>
</sect2>
<sect2>
@@ -5241,11 +5070,11 @@ drwxr-xr-x 2 robert robert 512 Nov 10 11:54 public_
¥¢¥«¥¦¥ó¥È¤ËÁ÷¤é¤ì¤Þ¤¹¡£
¤³¤Î»þÅÀ¤Ç¤Ï¡¢ÀßÄê¤ÏɬÍפ¢¤ê¤Þ¤»¤ó¡£</para>
- <para>¥¤¥ó¥¹¥È¡¼¥ë¤¬½ª¤ï¤Ã¤¿¤é¡¢´ÉÍý¼Ô¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¡¢
- <filename class="directory">/var/db/portaudit</filename>
- ¤Ë¥í¡¼¥«¥ë¤ÇÊݸ¤µ¤ì¤Æ¤¤¤ë¥Ç¡¼¥¿¥Ù¡¼¥¹¤ò¥¢¥Ã¥×¥Ç¡¼¥È¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
+ <para>¥¤¥ó¥¹¥È¡¼¥ë¤¬½ª¤ï¤Ã¤¿¤é¡¢´ÉÍý¼Ô¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤¹¤ë¤³¤È¤Ç¡¢
+ ¥Ç¡¼¥¿¥Ù¡¼¥¹¤ò¥¢¥Ã¥×¥Ç¡¼¥È¤·¡¢¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë
+ package ¤ÎÀȼåÀ¤òÄ´¤Ù¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
- <screen>&prompt.root; <userinput>portaudit -F</userinput></screen>
+ <screen>&prompt.root; <userinput>portaudit -Fda</userinput></screen>
<note>
<para>¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ï¡¢
@@ -5255,12 +5084,13 @@ drwxr-xr-x 2 robert robert 512 Nov 10 11:54 public_
</note>
<para>Ports Collection
- ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¥µ¡¼¥É¥Ñ¡¼¥Æ¥£À½¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ò´Æºº¤¹¤ë¤¿¤á¤Ë¤Ï¡¢
+ ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¥µ¡¼¥É¥Ñ¡¼¥Æ¥£À½¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ò´Æºº¤¹¤ë¤Ë¤Ï¡¢
´ÉÍý¼Ô¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤À¤±¤ò¼Â¹Ô¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
<screen>&prompt.root; <userinput>portaudit -a</userinput></screen>
- <para>°Ê²¼¤Ï½ÐÎϤÎÎã¤Ç¤¹¡£</para>
+ <para><application>Portaudit</application> ¤Ï¡¢ÀȼåÀ¤Î¤¢¤ë package
+ ¤Ë¤Ä¤¤¤Æ°Ê²¼¤Î¤è¤¦¤Ê½ÐÎϤò¹Ô¤¤¤Þ¤¹¡£</para>
<programlisting>Affected package: cups-base-1.1.22.0_1
Type of problem: cups-base -- HPGL buffer overflow vulnerability.
@@ -5335,7 +5165,7 @@ Corrected: 2003-09-23 16:42:59 UTC (RELENG_4, 4.9
2003-09-23 16:51:24 UTC (RELENG_4_5, 4.5-RELEASE-p33)
2003-09-23 16:52:45 UTC (RELENG_4_4, 4.4-RELEASE-p43)
2003-09-23 16:54:39 UTC (RELENG_4_3, 4.3-RELEASE-p39)<co xml:id="co-corrected"/>
-&os; only: NO<co xml:id="co-only"/>
+<acronym>CVE</acronym> Name: CVE-XXXX-XXXX<co xml:id="co-cve"/>
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
@@ -5429,10 +5259,9 @@ VII. References<co xml:id="co-ref"/></programlisting>
¥¿¥¤¥à¥¾¡¼¥ó¡¢¤ª¤è¤Ó¥ê¥ê¡¼¥¹¤¬¼¨¤µ¤ì¤Þ¤¹¡£</para>
</callout>
- <callout arearefs="co-only">
- <para><literal>&os; only</literal> ¥Õ¥£¡¼¥ë¥É¤Ï¡¢
- ¤³¤ÎÀȼåÀ¤¬¡¢&os; ¤Ë¤Î¤ß±Æ¶Á¤¹¤ë¤«¡¢¤â¤·¤¯¤Ï¡¢
- ¾¤Î¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤Ë¤âƱÍͤ˱ƶÁ¤¹¤ë¤«¤É¤¦¤«¤ò¼¨¤·¤Þ¤¹¡£</para>
+ <callout arearefs="co-cve">
+ <para>¶¦Ä̤ÎÀȼåÀ¥Ç¡¼¥¿¥Ù¡¼¥¹¥·¥¹¥Æ¥à¤Ë¤ª¤¤¤Æ¡¢
+ ÀȼåÀ¤òõ¤¹¤¿¤á¤Ë»ÈÍѤǤ¤ë¼±Ê̾ðÊó¤ò¼¨¤·¤Þ¤¹¡£</para>
</callout>
<callout arearefs="co-backround">
More information about the svn-doc-head
mailing list