diff options
-rw-r--r-- | debian/changelog | 22 | ||||
-rw-r--r-- | debian/control | 3 | ||||
-rw-r--r-- | debian/postinst | 9 | ||||
-rw-r--r-- | debian/templates | 84 | ||||
-rw-r--r-- | debian/templates.da | 157 | ||||
-rw-r--r-- | debian/templates.de | 95 | ||||
-rw-r--r-- | debian/templates.es | 207 | ||||
-rw-r--r-- | debian/templates.fr | 276 | ||||
-rw-r--r-- | debian/templates.ja | 205 | ||||
-rw-r--r-- | debian/templates.pt_BR | 181 | ||||
-rw-r--r-- | debian/templates.ru | 207 |
11 files changed, 1355 insertions, 91 deletions
diff --git a/debian/changelog b/debian/changelog index f2e32f13e..71a950772 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,3 +1,25 @@ | |||
1 | openssh (1:3.4p1-3) unstable; urgency=low | ||
2 | |||
3 | * Add myself to Uploaders: and begin acting as temporary maintainer, at | ||
4 | Matthew's request. (Normal service will resume in some months' time.) | ||
5 | * Add sharutils to Build-Depends (closes: #138465). | ||
6 | * Stop creating the /usr/doc/ssh symlink. | ||
7 | |||
8 | * Fix some debconf template typos (closes: #160358). | ||
9 | * Split debconf templates into one file per language. | ||
10 | * Add debconf template translations: | ||
11 | - Brazilian Portuguese (thanks, Andre Luis Lopes; closes: #106173). | ||
12 | - Danish (thanks, Claus Hindsgaul; closes: #126607). | ||
13 | - Japanese (thanks, Tomohiro KUBOTA; closes: #137427). | ||
14 | - Russian (thanks, Ilgiz Kalmetev; closes: #136610). | ||
15 | - Spanish (thanks, Carlos Valdivia YagЭe; closes: #129041). | ||
16 | * Update debconf template translations: | ||
17 | - French (thanks, Igor Genibel; closes: #151361). | ||
18 | - German (thanks, Axel Noetzold; closes: #147069). | ||
19 | * Some of these translations are fuzzy. Please send updates. | ||
20 | |||
21 | -- Colin Watson <cjwatson@debian.org> Sun, 13 Oct 2002 14:09:57 +0100 | ||
22 | |||
1 | openssh (1:3.4p1-2) unstable; urgency=high | 23 | openssh (1:3.4p1-2) unstable; urgency=high |
2 | 24 | ||
3 | * Get a security-fixed version into unstable | 25 | * Get a security-fixed version into unstable |
diff --git a/debian/control b/debian/control index 7063438ad..acda7997a 100644 --- a/debian/control +++ b/debian/control | |||
@@ -2,8 +2,9 @@ Source: openssh | |||
2 | Section: net | 2 | Section: net |
3 | Priority: standard | 3 | Priority: standard |
4 | Maintainer: Matthew Vernon <matthew@debian.org> | 4 | Maintainer: Matthew Vernon <matthew@debian.org> |
5 | Build-Depends: libwrap0-dev | libwrap-dev, zlib1g-dev | libz-dev, libssl-dev, libpam0g-dev | libpam-dev, libgnome-dev, groff, debhelper (>=1.1.17) | 5 | Build-Depends: libwrap0-dev | libwrap-dev, zlib1g-dev | libz-dev, libssl-dev, libpam0g-dev | libpam-dev, libgnome-dev, groff, debhelper (>=1.1.17), sharutils |
6 | Standards-Version: 3.5.2 | 6 | Standards-Version: 3.5.2 |
7 | Uploaders: Colin Watson <cjwatson@debian.org> | ||
7 | 8 | ||
8 | Package: ssh | 9 | Package: ssh |
9 | Architecture: any | 10 | Architecture: any |
diff --git a/debian/postinst b/debian/postinst index 34fee95d8..10d61d86e 100644 --- a/debian/postinst +++ b/debian/postinst | |||
@@ -315,15 +315,6 @@ setup_startup | |||
315 | setup_init | 315 | setup_init |
316 | 316 | ||
317 | 317 | ||
318 | # Automatically added by dh_installdocs | ||
319 | if [ "$1" = "configure" ]; then | ||
320 | if [ -d /usr/doc -a ! -e /usr/doc/ssh -a -d /usr/share/doc/ssh ]; then | ||
321 | ln -sf ../share/doc/ssh /usr/doc/ssh | ||
322 | fi | ||
323 | fi | ||
324 | # End automatically added section | ||
325 | |||
326 | |||
327 | [ -e /usr/share/debconf/confmodule ] && db_stop | 318 | [ -e /usr/share/debconf/confmodule ] && db_stop |
328 | 319 | ||
329 | exit 0 | 320 | exit 0 |
diff --git a/debian/templates b/debian/templates index a9b4394d4..b56f8a5ec 100644 --- a/debian/templates +++ b/debian/templates | |||
@@ -12,11 +12,11 @@ Description: Privilege separation | |||
12 | . | 12 | . |
13 | Privilege separation is turned on by default, so if you decide you | 13 | Privilege separation is turned on by default, so if you decide you |
14 | want it turned off, you need to add "UsePrivilegeSeparation no" to | 14 | want it turned off, you need to add "UsePrivilegeSeparation no" to |
15 | /etc/ssh/sshd_config | 15 | /etc/ssh/sshd_config. |
16 | . | 16 | . |
17 | NB! If you are running a 2.0 series Linux kernel, then privilege | 17 | NB! If you are running a 2.0 series Linux kernel, then privilege |
18 | separation will not work at all, and your sshd will fail to start | 18 | separation will not work at all, and your sshd will fail to start |
19 | unless you explicity turn privilege separation off. | 19 | unless you explicitly turn privilege separation off. |
20 | 20 | ||
21 | Template: ssh/privsep_ask | 21 | Template: ssh/privsep_ask |
22 | Type: boolean | 22 | Type: boolean |
@@ -54,7 +54,7 @@ Description: Generate new configuration file | |||
54 | edit sshd_config and set it to no if you wish. | 54 | edit sshd_config and set it to no if you wish. |
55 | . | 55 | . |
56 | It is strongly recommended that you let me generate a new configuration file | 56 | It is strongly recommended that you let me generate a new configuration file |
57 | for you | 57 | for you. |
58 | 58 | ||
59 | Template: ssh/protocol2_only | 59 | Template: ssh/protocol2_only |
60 | Type: boolean | 60 | Type: boolean |
@@ -89,21 +89,6 @@ Description: Do you want to continue (and risk killing active ssh sessions) ? | |||
89 | . | 89 | . |
90 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | 90 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the |
91 | start-stop-daemon line in the stop section of the file. | 91 | start-stop-daemon line in the stop section of the file. |
92 | Description-de: Wollen Sie weitermachen (und das Killen der Session riskieren)? | ||
93 | Die Version von /etc/init.d/ssh, die sie installiert haben, wird | ||
94 | vermutlich ihre aktiven ssh-Instanzen killen. Wenn Sie das Upgrade | ||
95 | via ssh erledigen, dann ist das ein Problem. | ||
96 | . | ||
97 | Sie koennen das Problem beheben, indem sie "--pidfile /var/run/sshd.pid" | ||
98 | an die start-stop-daemon Zeile in dem Bereich stop der Datei | ||
99 | /etc/init.d/ssh ergaenzen. | ||
100 | Description-fr: Voulez vous continuer (et risquer de rompre les sessions ssh actives) ? | ||
101 | Il est probable que la version de /etc/init.d/ssh install=E9e en ce moment | ||
102 | tue toutes les instances de sshd lanc=E9es en ce moment. Si vous faite une | ||
103 | mise =E0 jour via ssh, ca serait une Mauvaise Chose(tm). | ||
104 | . | ||
105 | Vous pouvez corriger /etc/init.d/ssh en ajoutant '--pidfile /var/run/sshd.pid' | ||
106 | a la ligne 'start-stop-daemon' dans la section 'stop' du fichier. | ||
107 | 92 | ||
108 | Template: ssh/forward_warning | 93 | Template: ssh/forward_warning |
109 | Type: note | 94 | Type: note |
@@ -115,36 +100,12 @@ Description: NOTE: Forwarding of X11 and Authorization disabled by default. | |||
115 | in one of the configuration files, or with the -X command line option. | 100 | in one of the configuration files, or with the -X command line option. |
116 | . | 101 | . |
117 | More details can be found in /usr/share/doc/ssh/README.Debian | 102 | More details can be found in /usr/share/doc/ssh/README.Debian |
118 | Description-de: HINWEIS: Forwarden von X11 und Authorisierung ist abgeschaltet. | ||
119 | Aus Sicherheitsgruenden haben die Debian Pakete von ssh ForwardX11 und | ||
120 | ForwardAgent auf "off" gesetzt. | ||
121 | . | ||
122 | Sie koenne dies fuer Server denen Sie trauen, entweder per Eintrag im | ||
123 | den Konfigurations Dateien oder per -X Kommando-Zeilen Option aendern. | ||
124 | . | ||
125 | Weitere Details koennen Sie in /usr/share/doc/ssh/README.Debian finden. | ||
126 | Description-fr: NOTE: Suivi de session X11 et d'agent d'autorisation d=E9sactiv=E9s par d=E9faut. | ||
127 | Pour des raisons de s=E9curit=E9, la version Debian de ssh positionne les | ||
128 | options ForwardX11 et ForwardAgent a ``Off'' par d=E9faut. | ||
129 | . | ||
130 | Vous pouvez activer ces options pour les serveurs en lesquels vous avez | ||
131 | confiance, soit dans un des fichiers de configuration, soit avec l'option | ||
132 | -X de la ligne de commande. | ||
133 | . | ||
134 | Plus d'informations sont disponibles dans /usr/share/doc/ssh/README.Debian. | ||
135 | 103 | ||
136 | Template: ssh/insecure_rshd | 104 | Template: ssh/insecure_rshd |
137 | Type: note | 105 | Type: note |
138 | Description: Warning: rsh-server is installed --- probably not a good idea | 106 | Description: Warning: rsh-server is installed --- probably not a good idea |
139 | having rsh-server installed undermines the security that you were probably | 107 | having rsh-server installed undermines the security that you were probably |
140 | wanting to obtain by installing ssh. I'd advise you to remove that package. | 108 | wanting to obtain by installing ssh. I'd advise you to remove that package. |
141 | Description-de: Warnung: rsh-server ist installiert --- moeglicherweise | ||
142 | ist es eine schlechte Idee den rsh-server installiert zu haben, da er | ||
143 | die Sicherheit untergraebt. Wir empfehlen das Paket zu entfernen. | ||
144 | Description-fr: Attention: le paquet rsh-server est install=E9 --- ce n'estprobablement pas une bonne id=E9e | ||
145 | Avoir un serveur rsh install=E9 affaibli la s=E9curit=E9 que vous vouliez | ||
146 | probablement obtenir en installant ssh. Je vous conseillerais de | ||
147 | d=E9installer ce paquet. | ||
148 | 109 | ||
149 | Template: ssh/insecure_telnetd | 110 | Template: ssh/insecure_telnetd |
150 | Type: note | 111 | Type: note |
@@ -153,17 +114,6 @@ Description: Warning: telnetd is installed --- probably not a good idea | |||
153 | need to offer telnet access) or install telnetd-ssl so that there is at | 114 | need to offer telnet access) or install telnetd-ssl so that there is at |
154 | least some chance that telnet sessions will not be sending unencrypted | 115 | least some chance that telnet sessions will not be sending unencrypted |
155 | login/password and session information over the network. | 116 | login/password and session information over the network. |
156 | Description-de: Warnung: telnetd ist installiert --- schlechte Idee | ||
157 | Wir empfehlen das telnetd Paket zu entfernen (wenn sie keine telnet Zugang | ||
158 | anbieten) oder telnetd-ssl zu installieren, so dass die Moeglichkeit besteht | ||
159 | dass das Login und Password nicht unverschluesselt durch das Netz gesendet | ||
160 | werden. | ||
161 | Description-fr: Attention: le paquet telnetd est install=E9 --- ce n'est probablement pas une bonne id=E9e | ||
162 | Je vous conseillerais de, soit enlever le paquet telnetd (si ce service | ||
163 | n'est pas n=E9cessaire), soit de le remplacer par le paquet telnetd-ssl | ||
164 | pour qu'il y ait au moins une chance que les sessions telnet soient | ||
165 | encrypt=E9es et que les mot de passes et logins ne passent pas en clair sur | ||
166 | le r=E9seau. | ||
167 | 117 | ||
168 | Template: ssh/encrypted_host_key_but_no_keygen | 118 | Template: ssh/encrypted_host_key_but_no_keygen |
169 | Type: note | 119 | Type: note |
@@ -173,15 +123,6 @@ Description: Warning: you must create a new host key | |||
173 | ssh-keygen utility from the old (non-free) SSH installation. | 123 | ssh-keygen utility from the old (non-free) SSH installation. |
174 | . | 124 | . |
175 | You will need to generate a new host key. | 125 | You will need to generate a new host key. |
176 | Description-de: Warnung: Sie muessen einen neuen Host Key erzeugen | ||
177 | Es existiert eine alte Variante von /etc/ssh/ssh_host_key welche | ||
178 | per IDEA verschluesselt ist. OpenSSH kann eine solche Host Key Datei | ||
179 | nicht lesen und ssh-keygen von der alten (nicht-freien) ssh Installation | ||
180 | kann nicht gefunden werden. | ||
181 | Description-fr: Attention: vous devez cr=E9er une nouvelle cl=E9 d'h=F4te | ||
182 | Il existe un vieux /etc/ssh/ssh_host_key qui est encrypt=E9 avec IDEA. | ||
183 | OpenSSH ne peut utiliser ce fichier de cl=E9, et je ne peux trouver | ||
184 | l'utilitaire ssh-keygen de l'installation pr=E9c=E9dente (non libre) de SSH. | ||
185 | 126 | ||
186 | Template: ssh/SUID_client | 127 | Template: ssh/SUID_client |
187 | Type: boolean | 128 | Type: boolean |
@@ -208,22 +149,3 @@ Description: Do you want to run the sshd server ? | |||
208 | If you are only interested in using the ssh client for outbound | 149 | If you are only interested in using the ssh client for outbound |
209 | connections on this machine, and don't want to log into it at all | 150 | connections on this machine, and don't want to log into it at all |
210 | using ssh, then you can disable sshd here. | 151 | using ssh, then you can disable sshd here. |
211 | Description-de: Wollen Sie den sshd Server starten? | ||
212 | Das Paket enthaelt sowohl den client als auch den sshd server. | ||
213 | . | ||
214 | Normal wird der sshd Secure Shell Server fuer Remote Logins per ssh | ||
215 | gestartet. | ||
216 | . | ||
217 | Wenn Sie nur den ssh client nutzen wollen, um sich mit anderen Rechner | ||
218 | zu verbinden und sich nicht per ssh in diesen Computer einloggen wollen, | ||
219 | dann koennen Sie hier den sshd abschalten. | ||
220 | Description-fr: Voulez vous utiliser le serveur sshd ? | ||
221 | Ce paquet contient a la fois le client ssh et le serveur sshd. | ||
222 | . | ||
223 | Normalement le serveur sshd sera lanc=E9 pour permettre les logins distants | ||
224 | via ssh. | ||
225 | . | ||
226 | Si vous d=E9sirez seulement utiliser le client ssh pour vous connecter a | ||
227 | distance sur d'autres machines a partir de celle-ci, et que vous ne | ||
228 | voulez pas vous logguer sur cette machine a distance via ssh, alors vous | ||
229 | pouvez d=E9sactiver sshd maintenant. | ||
diff --git a/debian/templates.da b/debian/templates.da new file mode 100644 index 000000000..c17c60039 --- /dev/null +++ b/debian/templates.da | |||
@@ -0,0 +1,157 @@ | |||
1 | Template: ssh/protocol2_only | ||
2 | Type: boolean | ||
3 | Default: true | ||
4 | Description: Allow SSH protocol 2 only | ||
5 | This version of OpenSSH supports version 2 of the ssh protocol, which is | ||
6 | much more secure. Disabling ssh 1 is encouraged, however this will slow | ||
7 | things down on low end machines and might prevent older clients from | ||
8 | connecting. | ||
9 | . | ||
10 | Also please note that keys used for protocol 1 are different so you will | ||
11 | not be able to use them if you only allow protocol 2 connections. | ||
12 | Description-da: Tillad kun SSH protokol 2 | ||
13 | Denne udgave af OpenSSH understЬtter version 2 af ssh-protokollen, som er | ||
14 | betydeligt mere sikker. Det anbefales af deaktivere version 1. Dog kan det | ||
15 | slЬve langsomme maskiner, og forhindre Фldre klienter i at opnЕ forbindelse. | ||
16 | |||
17 | Template: ssh/ssh2_keys_merged | ||
18 | Type: note | ||
19 | Description: ssh2 keys merged in configuration files | ||
20 | As of version 3 OpenSSH no longer uses seperate files for ssh1 and ssh2 | ||
21 | keys. This means the authorized_keys2 and known_hosts2 files are no longer | ||
22 | needed. They will still be read in order to maintain backwards | ||
23 | compatibility | ||
24 | Description-da: ssh2-nЬgler flettet i opsФtningsfilerne | ||
25 | Siden version 3 har OpenSSH ikke lФngere separate filer for ssh1- og | ||
26 | ssh2-nЬgler. Det betyder, at filerne authorized_keys2 og known_hosts2 ikke | ||
27 | lФngere er nЬdvendige. De vil stadig dog stadig blive lФst for | ||
28 | bagudkompatilitetens skyld. | ||
29 | |||
30 | Template: ssh/use_old_init_script | ||
31 | Type: boolean | ||
32 | Default: false | ||
33 | Description: Do you want to continue (and risk killing active ssh sessions) ? | ||
34 | The version of /etc/init.d/ssh that you have installed, is likely to kill | ||
35 | all running sshd instances. If you are doing this upgrade via an ssh | ||
36 | session, that would be a Bad Thing(tm). | ||
37 | . | ||
38 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | ||
39 | start-stop-daemon line in the stop section of the file. | ||
40 | Description-da: Vil du fortsФtte (og risikere at afbryde aktive ssh-forbindelser)? | ||
41 | Den udgave af /etc/init.d/ssh, du har installeret, vil sandsynligvis afbryde | ||
42 | alle sshd-dФmoner. Det vil vФre en rigtigt dЕrlig idИ, hvis du er ved at | ||
43 | opgradering via en ssh-forbindelse. | ||
44 | . | ||
45 | Du kan afhjФlpe dette ved at tilfЬje "--pidfile /var/run/sshd.pid" til | ||
46 | 'start-stop-daemon'-linjen i stop-afsnittet af filen. | ||
47 | |||
48 | |||
49 | Template: ssh/forward_warning | ||
50 | Type: note | ||
51 | Description: NOTE: Forwarding of X11 and Authorization disabled by default. | ||
52 | For security reasons, the Debian version of ssh has ForwardX11 and | ||
53 | ForwardAgent set to ``off'' by default. | ||
54 | . | ||
55 | You can enable it for servers you trust, either in one of the | ||
56 | configuration files, or with the -X command line option. | ||
57 | . | ||
58 | More details can be found in /usr/share/doc/ssh/README.Debian | ||
59 | Description-da: BEMфRK: Videregivelse af X11 og adgangkontrol er som standard deaktiveret. | ||
60 | Af sikkerhedsgrunde har Debianudgaven af ssh sat ForwardX11 og ForwardAgent | ||
61 | til 'off' som standard. | ||
62 | . | ||
63 | Du kan aktivere dem for servere, du stoler pЕ i en af opsФtningsfilerne | ||
64 | eller med kommandolinjetilvalget '-X'. | ||
65 | |||
66 | Template: ssh/insecure_rshd | ||
67 | Type: note | ||
68 | Description: Warning: rsh-server is installed --- probably not a good idea | ||
69 | having rsh-server installed undermines the security that you were probably | ||
70 | wanting to obtain by installing ssh. I'd advise you to remove that | ||
71 | package. | ||
72 | Description-da: Advarsel: rsh-serveren er installeret --- sikkert ikke en god idИ | ||
73 | Den sikkerhed, du nok Ьnskede at opnЕ ved at installere ssh undermineres | ||
74 | ved, at du har rsh-server installeret. Jeg vil rЕde dig til at fjerne | ||
75 | pakken rsh-server. | ||
76 | |||
77 | Template: ssh/insecure_telnetd | ||
78 | Type: note | ||
79 | Description: Warning: telnetd is installed --- probably not a good idea | ||
80 | I'd advise you to either remove the telnetd package (if you don't actually | ||
81 | need to offer telnet access) or install telnetd-ssl so that there is at | ||
82 | least some chance that telnet sessions will not be sending unencrypted | ||
83 | login/password and session information over the network. | ||
84 | Description-da: Advarsel: telnetd er installeret --- sikkert ikke en god idИ | ||
85 | Jeg vil rЕde dig til enten at fjerne pakken telnetd (hvis du i virkeligheden | ||
86 | ikke har brug for at tilbyde telnet-adgang) eller installere telnetd-ssl, sЕ | ||
87 | der i det mindste er en mulighed for, at telnet-sessioner ikke sender | ||
88 | adgangskoder og sessions-oplysninger ukrypteret over netvФrket. | ||
89 | |||
90 | Template: ssh/encrypted_host_key_but_no_keygen | ||
91 | Type: note | ||
92 | Description: Warning: you must create a new host key | ||
93 | There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH | ||
94 | can not handle this host key file, and I can't find the ssh-keygen utility | ||
95 | from the old (non-free) SSH installation. | ||
96 | . | ||
97 | You will need to generate a new host key. | ||
98 | Description-da: Advarsel: du skal oprette en ny vФrtsnЬgle | ||
99 | Der ligger en gammel, IDEA-krypteret /etc/ssh/ssh_host_key. OpenSSH kan | ||
100 | ikke hЕndtere sЕdan en vФrtsnЬglefil, og jeg kan ikke finde vФrktЬjet | ||
101 | ssh-keygen fra den gamle (ikke-frie, 'non-free') SSH-installation. | ||
102 | |||
103 | Template: ssh/SUID_client | ||
104 | Type: boolean | ||
105 | Default: false | ||
106 | Description: Do you want /usr/bin/ssh to be installed SUID root? | ||
107 | You have the option of installing the ssh client with the SUID bit set. | ||
108 | . | ||
109 | If you make ssh SUID, you will be able to use Rhosts/RhostsRSA | ||
110 | authentication, but will not be able to use socks via the LD_PRELOAD | ||
111 | trick. This is the traditional approach. | ||
112 | . | ||
113 | If you do not make ssh SUID, you will be able to use socks, but | ||
114 | Rhosts/RhostsRSA authentication will stop working, which may stop you | ||
115 | logging in to remote systems. It will also mean that the source port will | ||
116 | be above 1024, which may confound firewall rules you've set up. | ||
117 | . | ||
118 | If in doubt, I suggest you install it with SUID. If it causes problems | ||
119 | you can change your mind later by running: dpkg-reconfigure ssh | ||
120 | Description-da: Vil du have, at /usr/bin/ssh bliver installeret 'SUID root'? | ||
121 | Du har mulighed for at installere ssh-klienten med SUID-flaget sat. | ||
122 | . | ||
123 | Hvis du gЬr ssh SUID, vil du kunne bruge adgangskontrollen | ||
124 | Rhosts/RhostsRSA, men vil ikke kunne bruge socks med LD_PRELOAD-tricket. | ||
125 | Det vil vФre den almindelige fremgangsmЕde. | ||
126 | . | ||
127 | Hvis du ikke gЬr ssh SUID, vil du kunne bruge socks, men adgangskontrol | ||
128 | med Rhosts/RhostRSA vil holde op med at virke, hvilket kan forhindre dig | ||
129 | i at logge ind pЕ fjerne systemer. Det vil ogsЕ betyde, at kildeporten | ||
130 | vil ligge over 1024, hvilket kan kollidere med eventuelle brandmure, du | ||
131 | har sat op. | ||
132 | . | ||
133 | Hvis du er i tvivl, foreslЕr jeg, at du installerer den med SUID. Hvis det | ||
134 | giver problemer, kan du senere ombestemme dig ved at kЬre: | ||
135 | 'dpkg-reconfigure ssh'. | ||
136 | |||
137 | Template: ssh/run_sshd | ||
138 | Type: boolean | ||
139 | Default: true | ||
140 | Description: Do you want to run the sshd server ? | ||
141 | This package contains both the ssh client, and the sshd server. | ||
142 | . | ||
143 | Normally the sshd Secure Shell Server will be run to allow remote logins | ||
144 | via ssh. | ||
145 | . | ||
146 | If you are only interested in using the ssh client for outbound | ||
147 | connections on this machine, and don't want to log into it at all using | ||
148 | ssh, then you can disable sshd here. | ||
149 | Description-da: Vil du kЬre sshd-serveren? | ||
150 | Denne pakke indeholder bЕde ssh-klienten og sshd-serveren. | ||
151 | . | ||
152 | Normalt vil sshd sikker skalserver ('Secure Shell Server') blive aktiveret | ||
153 | og tillade fjerne brugere i at logge pЕ via ssh. | ||
154 | . | ||
155 | Hvis du udelukkende er interesseret i at bruge ssh-klienten til udgЕende | ||
156 | forbindelser fra denne maskine, og ikke Ьnsker at tilgЕ denne maskine | ||
157 | udefra via ssh, kan du nu deaktivere sshd. | ||
diff --git a/debian/templates.de b/debian/templates.de new file mode 100644 index 000000000..5feb24cd9 --- /dev/null +++ b/debian/templates.de | |||
@@ -0,0 +1,95 @@ | |||
1 | Template: ssh/use_old_init_script | ||
2 | Type: boolean | ||
3 | Default: false | ||
4 | Description: Do you want to continue (and risk killing active ssh sessions) ? | ||
5 | The version of /etc/init.d/ssh that you have installed, is likely to kill | ||
6 | all running sshd instances. If you are doing this upgrade via an ssh | ||
7 | session, that would be a Bad Thing(tm). | ||
8 | . | ||
9 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | ||
10 | start-stop-daemon line in the stop section of the file. | ||
11 | Description-de: Wollen Sie weitermachen (und das Killen der Session riskieren)? | ||
12 | Die Version von /etc/init.d/ssh, die Sie installiert haben, wird | ||
13 | vermutlich Ihre aktiven ssh-Instanzen killen. Wenn Sie das Upgrade | ||
14 | via ssh erledigen, dann ist das ein Problem. | ||
15 | . | ||
16 | Sie kЖnnen das Problem beheben, indem sie "--pidfile /var/run/sshd.pid" | ||
17 | an die start-stop-daemon Zeile in dem Bereich stop der Datei | ||
18 | /etc/init.d/ssh ergДnzen. | ||
19 | |||
20 | Template: ssh/forward_warning | ||
21 | Type: note | ||
22 | Description: NOTE: Forwarding of X11 and Authorization disabled by default. | ||
23 | For security reasons, the Debian version of ssh has ForwardX11 and | ||
24 | ForwardAgent set to ``off'' by default. | ||
25 | . | ||
26 | You can enable it for servers you trust, either | ||
27 | in one of the configuration files, or with the -X command line option. | ||
28 | . | ||
29 | More details can be found in /usr/share/doc/ssh/README.Debian | ||
30 | Description-de: HINWEIS: Forwarden von X11 und Authorisierung ist abgeschaltet. | ||
31 | Aus SicherheitsgrЭnden sind die Debian Pakete von ssh ForwardX11 und | ||
32 | ForwardAgent auf "off" gesetzt. | ||
33 | . | ||
34 | Sie kЖnnen dies fЭr Server, denen Sie trauen, entweder per Eintrag in | ||
35 | die Konfigurations Dateien oder per Kommando-Zeilen Option -X Дndern. | ||
36 | . | ||
37 | Weitere Details koennen Sie in /usr/share/doc/ssh/README.Debian finden. | ||
38 | |||
39 | Template: ssh/insecure_rshd | ||
40 | Type: note | ||
41 | Description: Warning: rsh-server is installed --- probably not a good idea | ||
42 | having rsh-server installed undermines the security that you were probably | ||
43 | wanting to obtain by installing ssh. I'd advise you to remove that package. | ||
44 | Description-de: Warnung: rsh-server ist installiert --- mЖglicherweise | ||
45 | ist es eine schlechte Idee, den rsh-server installiert zu haben, da er | ||
46 | die Sicherheit untergrДbt. Wir empfehlen, das Paket zu entfernen. | ||
47 | |||
48 | Template: ssh/insecure_telnetd | ||
49 | Type: note | ||
50 | Description: Warning: telnetd is installed --- probably not a good idea | ||
51 | I'd advise you to either remove the telnetd package (if you don't actually | ||
52 | need to offer telnet access) or install telnetd-ssl so that there is at | ||
53 | least some chance that telnet sessions will not be sending unencrypted | ||
54 | login/password and session information over the network. | ||
55 | Description-de: Warnung: telnetd ist installiert --- schlechte Idee | ||
56 | Wir empfehlen das telnetd Paket zu entfernen (falls Sie keinen telnet Zugang | ||
57 | anbieten) oder telnetd-ssl zu installieren, so daъ Sie verhindern kЖnnen, | ||
58 | daъ Login und Password unverschlЭsselt durch das Netz gesendet | ||
59 | werden. | ||
60 | |||
61 | Template: ssh/encrypted_host_key_but_no_keygen | ||
62 | Type: note | ||
63 | Description: Warning: you must create a new host key | ||
64 | There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. | ||
65 | OpenSSH can not handle this host key file, and I can't find the | ||
66 | ssh-keygen utility from the old (non-free) SSH installation. | ||
67 | . | ||
68 | You will need to generate a new host key. | ||
69 | Description-de: Warnung: Sie mЭssen einen neuen Host Key erzeugen | ||
70 | Es existiert eine alte Variante von /etc/ssh/ssh_host_key welche | ||
71 | per IDEA verschlЭsselt ist. OpenSSH kann eine solche Host Key Datei | ||
72 | nicht lesen und ssh-keygen von der alten (nicht-freien) ssh Installation | ||
73 | kann nicht gefunden werden. | ||
74 | |||
75 | Template: ssh/run_sshd | ||
76 | Type: boolean | ||
77 | Default: true | ||
78 | Description: Do you want to run the sshd server ? | ||
79 | This package contains both the ssh client, and the sshd server. | ||
80 | . | ||
81 | Normally the sshd Secure Shell Server will be run to allow remote | ||
82 | logins via ssh. | ||
83 | . | ||
84 | If you are only interested in using the ssh client for outbound | ||
85 | connections on this machine, and don't want to log into it at all | ||
86 | using ssh, then you can disable sshd here. | ||
87 | Description-de: MЖchten Sie den sshd Server starten? | ||
88 | Das Paket enthДlt sowohl den Client als auch den sshd Server. | ||
89 | . | ||
90 | Normal wird der sshd Secure Shell Server fЭr Remote Logins per ssh | ||
91 | gestartet. | ||
92 | . | ||
93 | Wenn Sie nur den ssh client nutzen wollen, um sich mit anderen Rechnern | ||
94 | zu verbinden und sich nicht per ssh in diesen Computer einloggen wollen, | ||
95 | dann kЖnnen Sie hier den sshd abschalten. | ||
diff --git a/debian/templates.es b/debian/templates.es new file mode 100644 index 000000000..c3cc971ca --- /dev/null +++ b/debian/templates.es | |||
@@ -0,0 +1,207 @@ | |||
1 | Template: ssh/new_config | ||
2 | Type: boolean | ||
3 | Default: true | ||
4 | Description: Generate new configuration file | ||
5 | This version of OpenSSH has a considerably changed configuration file from | ||
6 | the version shipped in Debian 'Potato', which you appear to be upgrading | ||
7 | from. I can now generate you a new configuration file | ||
8 | (/etc/ssh/sshd.config), which will work with the new server version, but | ||
9 | will not contain any customisations you made with the old version. | ||
10 | . | ||
11 | Please note that this new configuration file will set the value of | ||
12 | 'PermitRootLogin' to yes (meaning that anyone knowing the root password | ||
13 | can ssh directly in as root). It is the opinion of the maintainer that | ||
14 | this is the correct default (see README.Debian for more details), but you | ||
15 | can always edit sshd_config and set it to no if you wish. | ||
16 | . | ||
17 | It is strongly recommended that you let me generate a new configuration | ||
18 | file for you | ||
19 | Description-es: Generar un fichero de configuraciСn nuevo | ||
20 | Esta versiСn de OpenSSH tiene un fichero de configuraciСn muy distinto del | ||
21 | que incluМa la versiСn de 'Potato'. Parece que estА actualizando desde esa | ||
22 | versiСn, por lo que puede generar un nuevo fichero de configuraciСn | ||
23 | (/etc/ssh/sshd.config), que funcionarА con la nueva versiСn del servidor, | ||
24 | pero no tendrА ninguno de los cambios que hubiera hecho a la versiСn | ||
25 | antigua. | ||
26 | . | ||
27 | Debe saber que este nuevo fichero de configuraciСn pondrА el valor de | ||
28 | 'PermitRootLogin' a "yes" (por lo que root podrА entrar directamente por | ||
29 | ssh). El mantenedor opina que Иsta es la opciСn por defecto mАs adecuada | ||
30 | (consulte README.Debian para conocer mАs detalles), pero recuerde que | ||
31 | siempre puede editar sshd_config y cambiarlo. | ||
32 | . | ||
33 | Es muy recomendable generar ahora automАticamente un nuevo fichero de | ||
34 | configuraciСn. | ||
35 | |||
36 | Template: ssh/protocol2_only | ||
37 | Type: boolean | ||
38 | Default: true | ||
39 | Description: Allow SSH protocol 2 only | ||
40 | This version of OpenSSH supports version 2 of the ssh protocol, which is | ||
41 | much more secure. Disabling ssh 1 is encouraged, however this will slow | ||
42 | things down on low end machines and might prevent older clients from | ||
43 | connecting (the ssh client shipped with "potato" is affected). | ||
44 | . | ||
45 | Also please note that keys used for protocol 1 are different so you will | ||
46 | not be able to use them if you only allow protocol 2 connections. | ||
47 | . | ||
48 | If you later change your mind about this setting, README.Debian has | ||
49 | instructions on what to do to your sshd_config file. | ||
50 | Description-es: Permitir sСlo la versiСn 2 del protocolo SSH | ||
51 | Esta versiСn de OpenSSH soporta la versiСn 2 del protocolo ssh, que es | ||
52 | mucho mАs segura que la anterior. Se recomienda no usar ssh versiСn 1, | ||
53 | aunque irА mАs lento en mАquinas modestas y puede impedir que se conecten | ||
54 | clientes antiguos, como por ejemplo el cliente de ssh incluido en | ||
55 | "potato". | ||
56 | . | ||
57 | TambiИn tenga en cuenta que las claves utilizadas para el protocolo 1 son | ||
58 | diferentes, por lo que no podrА usarlas si Зnicamente permite conexiones | ||
59 | mediante el protocolo 2. | ||
60 | . | ||
61 | Si cambia de opiniСn mАs tarde, el fichero README.Debian contiene | ||
62 | instrucciones sobre quИ ha de cambiar en el fichero sshd_config. | ||
63 | |||
64 | Template: ssh/ssh2_keys_merged | ||
65 | Type: note | ||
66 | Description: ssh2 keys merged in configuration files | ||
67 | As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 | ||
68 | keys. This means the authorized_keys2 and known_hosts2 files are no longer | ||
69 | needed. They will still be read in order to maintain backwards | ||
70 | compatibility | ||
71 | Description-es: Las claves ssh2 ya se incluyen en los ficheros de configuraciСn | ||
72 | A partir de la versiСn 3, OpenSSH ya no utiliza ficheros diferentes para | ||
73 | las claves ssh1 y ssh2. Esto quiere decir que ya no son necesarios los | ||
74 | ficheros authorized_keys2 y known_hosts2, aunque aЗn se seguirАn leyendo | ||
75 | para mantener compatibilidad hacia atrАs. | ||
76 | |||
77 | Template: ssh/use_old_init_script | ||
78 | Type: boolean | ||
79 | Default: false | ||
80 | Description: Do you want to continue (and risk killing active ssh sessions) ? | ||
81 | The version of /etc/init.d/ssh that you have installed, is likely to kill | ||
82 | all running sshd instances. If you are doing this upgrade via an ssh | ||
83 | session, that would be a Bad Thing(tm). | ||
84 | . | ||
85 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | ||
86 | start-stop-daemon line in the stop section of the file. | ||
87 | Description-es: ©Desea continuar, aЗn a riesgo de matar todas las sesiones ssh? | ||
88 | La versiСn de /etc/init.d/ssh que tiene instalada, es muy probable que | ||
89 | mate el demonio ssh. Si estА actualizando mediante una sesiСn ssh, puede | ||
90 | no ser muy buena idea. | ||
91 | . | ||
92 | Puede arreglarlo aЯadiendo "--pidfile /var/run/sshd.pid" a la lМnea | ||
93 | 'start-stop-daemon' en la secciСn 'stop' del fichero. | ||
94 | |||
95 | Template: ssh/forward_warning | ||
96 | Type: note | ||
97 | Description: NOTE: Forwarding of X11 and Authorization disabled by default. | ||
98 | For security reasons, the Debian version of ssh has ForwardX11 and | ||
99 | ForwardAgent set to ``off'' by default. | ||
100 | . | ||
101 | You can enable it for servers you trust, either in one of the | ||
102 | configuration files, or with the -X command line option. | ||
103 | . | ||
104 | More details can be found in /usr/share/doc/ssh/README.Debian | ||
105 | Description-es: NOTA: ReenvМo de X11 y AutorizaciСn desactivadas por defecto. | ||
106 | Por razones de seguridad, la versiСn de ssh de Debian tiene por defecto | ||
107 | ForwardX11 y ForwardAgent puestas a ``off''. | ||
108 | . | ||
109 | Puede activar estas opciones para los servidores en los que confМe, en | ||
110 | los ficheros de configuraciСn o con la opciСn -X en lМnea de comandos. | ||
111 | . | ||
112 | Puede encontrar mАs detalles en /usr/share/doc/ssh/README.Debian. | ||
113 | |||
114 | Template: ssh/insecure_rshd | ||
115 | Type: note | ||
116 | Description: Warning: rsh-server is installed --- probably not a good idea | ||
117 | having rsh-server installed undermines the security that you were probably | ||
118 | wanting to obtain by installing ssh. I'd advise you to remove that | ||
119 | package. | ||
120 | Description-es: Aviso: tiene rsh-server instalado (no es una buena idea) | ||
121 | Tener rsh-server instalado representa un menoscabo de la seguridad que | ||
122 | probablemente desea obtener instalando ssh. Le aconsejarМa borrar ese | ||
123 | paquete. | ||
124 | |||
125 | Template: ssh/insecure_telnetd | ||
126 | Type: note | ||
127 | Description: Warning: telnetd is installed --- probably not a good idea | ||
128 | I'd advise you to either remove the telnetd package (if you don't actually | ||
129 | need to offer telnet access) or install telnetd-ssl so that there is at | ||
130 | least some chance that telnet sessions will not be sending unencrypted | ||
131 | login/password and session information over the network. | ||
132 | Description-es: Aviso: tiene telnetd instalado (no es una buena idea) | ||
133 | Le aconsejarМa borrar el paquete telnetd si no necesita realmente | ||
134 | ofrecer acceso mediante telnet o instalar telnetd-ssl para que las | ||
135 | contraseЯas, login y demАs informaciСn de las sesiones telnet no viajen | ||
136 | sin cifrar por la red. | ||
137 | |||
138 | Template: ssh/encrypted_host_key_but_no_keygen | ||
139 | Type: note | ||
140 | Description: Warning: you must create a new host key | ||
141 | There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH | ||
142 | can not handle this host key file, and I can't find the ssh-keygen utility | ||
143 | from the old (non-free) SSH installation. | ||
144 | . | ||
145 | You will need to generate a new host key. | ||
146 | Description-es: Aviso: debe crear una nueva clave para su servidor | ||
147 | Su sistema tiene un /etc/ssh/ssh_host_key antiguo, que usa cifrado IDEA. | ||
148 | OpenSSH no puede manejar este fichero de claves y tampoco se encuentra la | ||
149 | utilidad ssh-keygen incluida en el paquete ssh no libre. | ||
150 | . | ||
151 | NecesitarА generar una nueva clave para su servidor. | ||
152 | |||
153 | Template: ssh/SUID_client | ||
154 | Type: boolean | ||
155 | Default: true | ||
156 | Description: Do you want /usr/bin/ssh to be installed SUID root? | ||
157 | You have the option of installing the ssh client with the SUID bit set. | ||
158 | . | ||
159 | If you make ssh SUID, you will be able to use Rhosts/RhostsRSA | ||
160 | authentication, but will not be able to use socks via the LD_PRELOAD | ||
161 | trick. This is the traditional approach. | ||
162 | . | ||
163 | If you do not make ssh SUID, you will be able to use socks, but | ||
164 | Rhosts/RhostsRSA authentication will stop working, which may stop you | ||
165 | logging in to remote systems. It will also mean that the source port will | ||
166 | be above 1024, which may confound firewall rules you've set up. | ||
167 | . | ||
168 | If in doubt, I suggest you install it with SUID. If it causes problems | ||
169 | you can change your mind later by running: dpkg-reconfigure ssh | ||
170 | Description-es: ©Desea hacer que /usr/bin/ssh se ejecute con permisos de root? | ||
171 | Tiene la posibilidad de instalar el cliente ssh setuid root. | ||
172 | . | ||
173 | Instalarlo setuid root le permitirА usar la autentificaciСn | ||
174 | Rhosts/RhostsRSA, pero no podrА usar socks mediante el truco de | ||
175 | LD_PRELOAD. Tradicionalmente, este ha sido el enfoque mАs habitual. | ||
176 | . | ||
177 | Si no hace ssh setuid, podrА usar socks pero la autentificaciСn | ||
178 | Rhosts/RhostsRSA dejarА de funcionar, lo cual le puede impedir el acceso | ||
179 | a sistemas remotos. TambiИn significarА que el puerto de origen se | ||
180 | encontrarА por encima del 1024, lo cual puede confundir a las reglas del | ||
181 | cortafuegos que haya configurado. | ||
182 | . | ||
183 | Si tiene dudas, le sugiero que lo instale sin setuid. Si esto le causa | ||
184 | algЗn problema puede cambiar posteriormente la configuraciСn ejecutando: | ||
185 | dpkg-reconfigure ssh | ||
186 | |||
187 | Template: ssh/run_sshd | ||
188 | Type: boolean | ||
189 | Default: true | ||
190 | Description: Do you want to run the sshd server ? | ||
191 | This package contains both the ssh client, and the sshd server. | ||
192 | . | ||
193 | Normally the sshd Secure Shell Server will be run to allow remote logins | ||
194 | via ssh. | ||
195 | . | ||
196 | If you are only interested in using the ssh client for outbound | ||
197 | connections on this machine, and don't want to log into it at all using | ||
198 | ssh, then you can disable sshd here. | ||
199 | Description-es: ©Quiere ejecutar el servidor sshd? | ||
200 | Este paquete contiene el cliente ssh y el servidor sshd. | ||
201 | . | ||
202 | Generalmente, el servidor de ssh se ejecuta para permitir el acceso | ||
203 | mediante ssh. | ||
204 | . | ||
205 | Si sСlo estА interesado en usar el cliente ssh en conexiones salientes de | ||
206 | esta mАquina, y no quiere acceder a ella mediante ssh, entonces puede | ||
207 | desactivar sshd. | ||
diff --git a/debian/templates.fr b/debian/templates.fr new file mode 100644 index 000000000..f23a83ae1 --- /dev/null +++ b/debian/templates.fr | |||
@@ -0,0 +1,276 @@ | |||
1 | Template: ssh/privsep_tell | ||
2 | Type: note | ||
3 | Description: Privilege separation | ||
4 | This version of OpenSSH contains the new privilege separation | ||
5 | option. This significantly reduces the quantity of code that runs as | ||
6 | root, and therefore reduces the impact of security holes in sshd. | ||
7 | . | ||
8 | Unfortunately, privilege separation interacts badly with PAM. Any | ||
9 | PAM session modules that need to run as root (pam_mkhomedir, for | ||
10 | example) will fail, and PAM keyboard-interactive authentication | ||
11 | won't work. | ||
12 | . | ||
13 | Privilege separation is turned on by default, so if you decide you | ||
14 | want it turned off, you need to add "UsePrivilegeSeparation no" to | ||
15 | /etc/ssh/sshd_config | ||
16 | . | ||
17 | NB! If you are running a 2.0 series Linux kernel, then privilege | ||
18 | separation will not work at all, and your sshd will fail to start | ||
19 | unless you explicity turn privilege separation off. | ||
20 | Description-fr: La sИparation des privilХges | ||
21 | Cette version d'OpenSSH est livrИe avec la nouvelle option de | ||
22 | sИparation des privilХges. CelЮ rИduit de maniХre signifiante la | ||
23 | quantitИ de code s'exИctutant en tant que root, et donc rИduit | ||
24 | l'impact des trous de sИcuritИ dans sshd. | ||
25 | . | ||
26 | Malheureusement, la sИparation des privilХges intИragit mal avec PAM. | ||
27 | Tous les modules de session PAM ayant besoin d'Йtre exИcutИ en tant que | ||
28 | root (pam_mkhomedir, par exemple) ne s'exИcutera pas, et | ||
29 | l'authentification intИractive au clavier ne fonctionnera pas. | ||
30 | . | ||
31 | La sИparation des privilХges est activИe par dИfaut, donc si vous | ||
32 | souhaitez la dИsactiver, vous devez ajouter ╚UsePrivilegeSeparation no╩ | ||
33 | dans /etc/ssh/sshd_config | ||
34 | . | ||
35 | NB! Si vous avez un noyau Linux de la sИrie des 2.0, alors la | ||
36 | sИparation des privilХges ne fonctionnera pas, et votre dИmon sshd ne | ||
37 | se lancera pas jusqu'Ю ce que vous dИsactiviez explicitement la | ||
38 | sИparation des privilХges. | ||
39 | |||
40 | Template: ssh/privsep_ask | ||
41 | Type: boolean | ||
42 | Default: true | ||
43 | Description: Enable Privilege separation | ||
44 | This version of OpenSSH contains the new privilege separation | ||
45 | option. This significantly reduces the quantity of code that runs as | ||
46 | root, and therefore reduces the impact of security holes in sshd. | ||
47 | . | ||
48 | Unfortunately, privilege separation interacts badly with PAM. Any | ||
49 | PAM session modules that need to run as root (pam_mkhomedir, for | ||
50 | example) will fail, and PAM keyboard-interactive authentication | ||
51 | won't work. | ||
52 | . | ||
53 | Since you've opted to have me generate an sshd_config file for you, | ||
54 | you can choose whether or not to have Privilege Separation turned on | ||
55 | or not. Unless you are running 2.0 (in which case you *must* say no | ||
56 | here or your sshd won't start at all) or know you need to use PAM | ||
57 | features that won't work with this option, you should say yes here. | ||
58 | Description-fr: Activation de la sИparation des privilХges | ||
59 | Cette version d'OpenSSH est livrИe avec la nouvelle option de | ||
60 | sИparation des privilХges. CelЮ rИduit de maniХre signifiante la | ||
61 | quantitИ de code s'exИctutant en tant que root, et donc rИduit | ||
62 | l'impact des trous de sИcuritИ dans sshd. | ||
63 | . | ||
64 | Malheureusement, la sИparation des privilХges intИragit mal avec PAM. | ||
65 | Tous les modules de session PAM ayant besoin d'Йtre exИcutИ en tant que | ||
66 | root (pam_mkhomedir, par exemple) ne s'exИcutera pas, et | ||
67 | l'authentification intИractive au clavier ne fonctionnera pas. | ||
68 | . | ||
69 | Comme vous souhaitez que je gИnХre le fichier de configuration Ю votre | ||
70 | place, vous pouvez choisir d'activer ou non l'option de sИparation des | ||
71 | privilХges. Si vous utilisez un noyau 2.0 (dans ce cas vous *devez* | ||
72 | rИpondre non ici ou bien sshd ne se lancera pas) ou bien si vous avez | ||
73 | besoin de fonctionnalitИs PAM, cela ne fonctionnera pas avec cette | ||
74 | option d'activИe, dans le cas contraire vous pouvez dire oui. | ||
75 | |||
76 | Template: ssh/new_config | ||
77 | Type: boolean | ||
78 | Default: true | ||
79 | Description: Generate new configuration file | ||
80 | This version of OpenSSH has a considerably changed configuration file from | ||
81 | the version shipped in Debian 'Potato', which you appear to be upgrading from. | ||
82 | I can now generate you a new configuration file (/etc/ssh/sshd.config), which | ||
83 | will work with the new server version, but will not contain any customisations | ||
84 | you made with the old version. | ||
85 | . | ||
86 | Please note that this new configuration file will set the value of | ||
87 | 'PermitRootLogin' to yes (meaning that anyone knowing the root password can | ||
88 | ssh directly in as root). It is the opinion of the maintainer that this is | ||
89 | the correct default (see README.Debian for more details), but you can always | ||
90 | edit sshd_config and set it to no if you wish. | ||
91 | . | ||
92 | It is strongly recommended that you let me generate a new configuration file | ||
93 | for you | ||
94 | Description-fr: GИnИration du fichier de configuration | ||
95 | Cette version d'OpenSSH possХde un fichier de configuration | ||
96 | considИrablement diffИrent de celui fournit avec la Debian 'Potato', | ||
97 | qui apparement est la version Ю partir de laquelle vous effectuez la | ||
98 | mise Ю jour. Je peux gИnИrer pour vous un nouveau fichier de | ||
99 | configuration (/etc/ssh/sshd_config), lequel fonctionnera avec la | ||
100 | nouvelle version du serveur, mais ne contiendra aucuns des paramИtrages | ||
101 | personnels que vous avaient dИjЮ fait. | ||
102 | . | ||
103 | Notez que le nouveau fichier de configuration mettre l'option | ||
104 | 'PermitRootLogin' Ю yes (signifiant que toute personne connaissant le | ||
105 | mot de passe root pourra directement se connecter en tant que root). | ||
106 | C'est ce que considХre comme option par dИfaut le mainteneur (voir le | ||
107 | fichier README.Debian pour plus de dИtails), mais vous pouvez toujours | ||
108 | Иditer le fichier sshd_config et mettre la valeur Ю no si vous le | ||
109 | souhaitez. | ||
110 | . | ||
111 | Il est fortement conseillИ de me laisser gИnИrer le nouveau fichier de | ||
112 | configuration Ю votre place. | ||
113 | |||
114 | Template: ssh/protocol2_only | ||
115 | Type: boolean | ||
116 | Default: true | ||
117 | Description: Allow SSH protocol 2 only | ||
118 | This version of OpenSSH supports version 2 of the ssh protocol, which | ||
119 | is much more secure. Disabling ssh 1 is encouraged, however this | ||
120 | will slow things down on low end machines and might prevent older | ||
121 | clients from connecting (the ssh client shipped with "potato" is affected). | ||
122 | . | ||
123 | Also please note that keys used for protocol 1 are different so you will | ||
124 | not be able to use them if you only allow protocol 2 connections. | ||
125 | . | ||
126 | If you later change your mind about this setting, README.Debian has | ||
127 | instructions on what to do to your sshd_config file. | ||
128 | Description-fr: Permettre seulement la version 2 du protocole SSH | ||
129 | Cette version d'OpenSSH supporte la version 2 du protocole ssh, lequel | ||
130 | Иtant beaucoup plus sИcurisИ. DИsactiver ssh 1 est conseillИ, sinon | ||
131 | cela risque de ralentir les transactions et les machines et cela peut | ||
132 | prИvenir de la connexion d'anciens client (le client ssh fournit dans | ||
133 | la ╚potato╩ est affectИ). | ||
134 | . | ||
135 | De plus, les clИs utilisИs par la version 1 du protocol sont | ||
136 | diffИrentes et vous ne serez donc plus capable de les utiliser si vous | ||
137 | n'autoriser seulement que les connexions utilisant la version 2 du | ||
138 | protocole. | ||
139 | . | ||
140 | Si vous changez d'avis ultИrieurement par rapport Ю ce point de | ||
141 | configuration, les instructions sur ce que vous devez modifier dans le | ||
142 | fichier sshd_config sont fournies dans le README.Debian. | ||
143 | |||
144 | Template: ssh/ssh2_keys_merged | ||
145 | Type: note | ||
146 | Description: ssh2 keys merged in configuration files | ||
147 | As of version 3 OpenSSH no longer uses separate files for ssh1 and | ||
148 | ssh2 keys. This means the authorized_keys2 and known_hosts2 files | ||
149 | are no longer needed. They will still be read in order to maintain | ||
150 | backwards compatibility | ||
151 | Description-fr: AgrИgation des clИs ssh2 dans le fichier de configuration | ||
152 | иtant donnИ que la version 3 d'OpenSSH n'utilise plus de fichiers | ||
153 | sИparИ pour les clИs ssh1 et ssh2. Cela signifie que les fichier | ||
154 | authorized_key2 et known_hosts2 ne sont plus nИcessaires. Ils sont | ||
155 | quand mЙme lus afin de concerver une compatibilitИ ascendante. | ||
156 | |||
157 | Template: ssh/use_old_init_script | ||
158 | Type: boolean | ||
159 | Default: false | ||
160 | Description: Do you want to continue (and risk killing active ssh sessions) ? | ||
161 | The version of /etc/init.d/ssh that you have installed, is likely to kill | ||
162 | all running sshd instances. If you are doing this upgrade via an ssh | ||
163 | session, that would be a Bad Thing(tm). | ||
164 | . | ||
165 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | ||
166 | start-stop-daemon line in the stop section of the file. | ||
167 | Description-fr: Voulez vous continuer (et risquer de rompre les sessions ssh actives) ? | ||
168 | Il est probable que la version de /etc/init.d/ssh installИe en ce moment | ||
169 | tue toutes les instances de sshd lancИes en ce moment. Si vous faite une | ||
170 | mise Ю jour via ssh, ca serait une Mauvaise Chose(tm). | ||
171 | . | ||
172 | Vous pouvez corriger /etc/init.d/ssh en ajoutant '--pidfile /var/run/sshd.pid' | ||
173 | a la ligne 'start-stop-daemon' dans la section 'stop' du fichier. | ||
174 | |||
175 | Template: ssh/forward_warning | ||
176 | Type: note | ||
177 | Description: NOTE: Forwarding of X11 and Authorization disabled by default. | ||
178 | For security reasons, the Debian version of ssh has ForwardX11 and | ||
179 | ForwardAgent set to ``off'' by default. | ||
180 | . | ||
181 | You can enable it for servers you trust, either | ||
182 | in one of the configuration files, or with the -X command line option. | ||
183 | . | ||
184 | More details can be found in /usr/share/doc/ssh/README.Debian | ||
185 | Description-fr: NOTE: Suivi de session X11 et d'agent d'autorisation dИsactivИs par dИfaut. | ||
186 | Pour des raisons de sИcuritИ, la version Debian de ssh positionne les | ||
187 | options ForwardX11 et ForwardAgent a ``Off'' par dИfaut. | ||
188 | . | ||
189 | Vous pouvez activer ces options pour les serveurs en lesquels vous avez | ||
190 | confiance, soit dans un des fichiers de configuration, soit avec l'option | ||
191 | -X de la ligne de commande. | ||
192 | . | ||
193 | Plus d'informations sont disponibles dans /usr/share/doc/ssh/README.Debian. | ||
194 | |||
195 | Template: ssh/insecure_rshd | ||
196 | Type: note | ||
197 | Description: Warning: rsh-server is installed --- probably not a good idea | ||
198 | having rsh-server installed undermines the security that you were probably | ||
199 | wanting to obtain by installing ssh. I'd advise you to remove that package. | ||
200 | Description-fr: Attention: le paquet rsh-server est installИ --- ce n'est probablement pas une bonne idИe | ||
201 | Avoir un serveur rsh installИ affaibli la sИcuritИ que vous vouliez | ||
202 | probablement obtenir en installant ssh. Je vous conseillerais de | ||
203 | dИinstaller ce paquet. | ||
204 | |||
205 | Template: ssh/insecure_telnetd | ||
206 | Type: note | ||
207 | Description: Warning: telnetd is installed --- probably not a good idea | ||
208 | I'd advise you to either remove the telnetd package (if you don't actually | ||
209 | need to offer telnet access) or install telnetd-ssl so that there is at | ||
210 | least some chance that telnet sessions will not be sending unencrypted | ||
211 | login/password and session information over the network. | ||
212 | Description-fr: Attention: le paquet telnetd est installИ --- ce n'est probablement pas une bonne idИe | ||
213 | Je vous conseillerais de, soit enlever le paquet telnetd (si ce service | ||
214 | n'est pas nИcessaire), soit de le remplacer par le paquet telnetd-ssl | ||
215 | pour qu'il y ait au moins une chance que les sessions telnet soient | ||
216 | encryptИes et que les mot de passes et logins ne passent pas en clair sur | ||
217 | le rИseau. | ||
218 | |||
219 | Template: ssh/encrypted_host_key_but_no_keygen | ||
220 | Type: note | ||
221 | Description: Warning: you must create a new host key | ||
222 | There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. | ||
223 | OpenSSH can not handle this host key file, and I can't find the | ||
224 | ssh-keygen utility from the old (non-free) SSH installation. | ||
225 | . | ||
226 | You will need to generate a new host key. | ||
227 | Description-fr: Attention: vous devez crИer une nouvelle clИ d'hТte | ||
228 | Il existe un vieux /etc/ssh/ssh_host_key qui est encryptИ avec IDEA. | ||
229 | OpenSSH ne peut utiliser ce fichier de clИ, et je ne peux trouver | ||
230 | l'utilitaire ssh-keygen de l'installation prИcИdente (non libre) de SSH. | ||
231 | |||
232 | Template: ssh/SUID_client | ||
233 | Type: boolean | ||
234 | Default: true | ||
235 | Description: Do you want /usr/lib/ssh-keysign to be installed SUID root? | ||
236 | You have the option of installing the ssh-keysign helper with the SUID | ||
237 | bit set. | ||
238 | . | ||
239 | If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 | ||
240 | host-based authentication. | ||
241 | . | ||
242 | If in doubt, I suggest you install it with SUID. If it causes | ||
243 | problems you can change your mind later by running: dpkg-reconfigure ssh | ||
244 | Description-fr: Souhaitez-vous que /usr/lib/ssh-keysign soit installИ avec le bit SETUID root d'activИ ? | ||
245 | Vous avez la possibilitИ d'installer ssh-keysign avec le bit SETIUD | ||
246 | d'activИ. | ||
247 | . | ||
248 | Si vous mettez sshХkeysign avec le bit SETUID, vous permettrez | ||
249 | l'authentification basИ sur les hТtes de la version 2 du protocole ssh. | ||
250 | . | ||
251 | Dans le doute, je vous suggХre de l'installer avec le bit SETUID | ||
252 | d'activИ. Si cela vous cause des problХmes vous pourrez revenir sur | ||
253 | votre dИsicion: dpkg-reconfigure ssh | ||
254 | |||
255 | Template: ssh/run_sshd | ||
256 | Type: boolean | ||
257 | Default: true | ||
258 | Description: Do you want to run the sshd server ? | ||
259 | This package contains both the ssh client, and the sshd server. | ||
260 | . | ||
261 | Normally the sshd Secure Shell Server will be run to allow remote | ||
262 | logins via ssh. | ||
263 | . | ||
264 | If you are only interested in using the ssh client for outbound | ||
265 | connections on this machine, and don't want to log into it at all | ||
266 | using ssh, then you can disable sshd here. | ||
267 | Description-fr: Voulez vous utiliser le serveur sshd ? | ||
268 | Ce paquet contient a la fois le client ssh et le serveur sshd. | ||
269 | . | ||
270 | Normalement le serveur sshd sera lancИ pour permettre les logins distants | ||
271 | via ssh. | ||
272 | . | ||
273 | Si vous dИsirez seulement utiliser le client ssh pour vous connecter a | ||
274 | distance sur d'autres machines a partir de celle-ci, et que vous ne | ||
275 | voulez pas vous logguer sur cette machine a distance via ssh, alors vous | ||
276 | pouvez dИsactiver sshd maintenant. | ||
diff --git a/debian/templates.ja b/debian/templates.ja new file mode 100644 index 000000000..cdcc829cc --- /dev/null +++ b/debian/templates.ja | |||
@@ -0,0 +1,205 @@ | |||
1 | Template: ssh/new_config | ||
2 | Type: boolean | ||
3 | Default: true | ||
4 | Description: Generate new configuration file | ||
5 | This version of OpenSSH has a considerably changed configuration file from | ||
6 | the version shipped in Debian 'Potato', which you appear to be upgrading from. | ||
7 | I can now generate you a new configuration file (/etc/ssh/sshd.config), which | ||
8 | will work with the new server version, but will not contain any customisations | ||
9 | you made with the old version. | ||
10 | . | ||
11 | Please note that this new configuration file will set the value of | ||
12 | 'PermitRootLogin' to yes (meaning that anyone knowing the root password can | ||
13 | ssh directly in as root). It is the opinion of the maintainer that this is | ||
14 | the correct default (see README.Debian for more details), but you can always | ||
15 | edit sshd_config and set it to no if you wish. | ||
16 | . | ||
17 | It is strongly recommended that you let me generate a new configuration file | ||
18 | for you | ||
19 | Description-ja: ©╥╓╥╓╓юъдЙ╔у╔║╔╓╔К╓Р╨Н╓Й╓ч╓╧ | ||
20 | OpenSSH ╓н╓Ё╓н╔п║╪╔╦╔Г╔С╓о║╒Debian 'Potato' ╓к╢ч╓ч╓Л╓ф╓╓╓К╔п║╪╔╦╔Г╔С | ||
21 | (╓╓╓ч║╒╓╫╓н╔п║╪╔╦╔Г╔С╓╚╓И╓н╔п║╪╔╦╔Г╔С╔╒╔ц╔в╓Р╩Н╓ъ╓ф╓╓╓К╓х╓Ё╓М) ╓╚╓И║╒ | ||
22 | юъдЙ╔у╔║╔╓╔К╓╛бГиЩ╓кйя╡╫╓╥╓ф╓╓╓ч╓╧║ё╓╓╓ч║╒©╥╓╥╓╓╔п║╪╔╦╔Г╔С╓н╔╣║╪╔п╓г | ||
23 | ╩х╓╕╓Ё╓х╓╛╓г╓╜╓К©╥╓╥╓╓юъдЙ╔у╔║╔╓╔К (/etc/ssh/sshd/config) ╓Р╪╚ф╟ю╦ю╝ | ||
24 | ╓╧╓К╓Ё╓х╓╛╓г╓╜╓ч╓╧╓╛║╒╓╫╓н╔у╔║╔╓╔К╓о║╒╦е╓╓╔п║╪╔╦╔Г╔С╓нюъдЙ╔у╔║╔╓╔К╓к | ||
25 | ╢ч╓ч╓Л╓К╓╒╓й╓©╓нюъдЙ╓╛а╢╓╞╢ч╓ч╓Л╓ч╓╩╓С║ё | ||
26 | . | ||
27 | ╓Ё╓н©╥╓╥╓╓юъдЙ╔у╔║╔╓╔К╓о║╒║жPermitRootLogin║в╓Р║жyes║в╓кюъдЙ╓╥╓ч╓╧║ё | ||
28 | (╓д╓ч╓Й║╒root ╓н╔я╔╧╔О║╪╔и╓Рцн╓ц╓ф╓╓╓К©м╓й╓Иц╞╓г╓Бд╬юэ╔М╔╟╔╓╔С╓г╓╜╓ч | ||
29 | ╓╧)║ё╓Ё╓Л╓г╓Х╓╓║╒╓х╓╓╓╕╓н╓╛╓Ё╓н╔я╔ц╔╠║╪╔╦╓н╔А╔С╔ф╔й╓н╟у╦╚╓г╓╧╓╛ (╬э╓╥ | ||
30 | ╓╞╓о README.Debian ╓Рфи╓С╓г╡╪╓╣╓╓)║╒sshd_config ╓Рйт╫╦╓╥╓ф║жno║в╓кюъ | ||
31 | дЙ╓╧╓К╓Ё╓х╓Б╓г╓╜╓ч╓╧║ё | ||
32 | . | ||
33 | ©╥╓╥╓╓юъдЙ╔у╔║╔╓╔К╓Р╪╚ф╟ю╦ю╝╓╧╓К╓Ё╓х╓Р╤╞╓╞╓╙╢╚╓А╓╥╓ч╓╧║ё | ||
34 | |||
35 | Template: ssh/protocol2_only | ||
36 | Type: boolean | ||
37 | Default: true | ||
38 | Description: Allow SSH protocol 2 only | ||
39 | This version of OpenSSH supports version 2 of the ssh protocol, which | ||
40 | is much more secure. Disabling ssh 1 is encouraged, however this | ||
41 | will slow things down on low end machines and might prevent older | ||
42 | clients from connecting (the ssh client shipped with "potato" is affected). | ||
43 | . | ||
44 | Also please note that keys used for protocol 1 are different so you will | ||
45 | not be able to use them if you only allow protocol 2 connections. | ||
46 | . | ||
47 | If you later change your mind about this setting, README.Debian has | ||
48 | instructions on what to do to your sshd_config file. | ||
49 | Description-ja: SSH ╔в╔М╔х╔Ё╔К 2 ╓н╓ъ╓Р╣Ж╡д╓╥╓ч╓╧ | ||
50 | OpenSSH ╓н╓Ё╓н╔п║╪╔╦╔Г╔С╓о║╒╓╨╓ц╓х╟ба╢╓й║╒ssh ╔в╔М╔х╔Ё╔К╓н╔п║╪╔╦╔Г╔С | ||
51 | 2 ╓Р╔╣╔щ║╪╔х╓╥╓ф╓╓╓ч╓╧║ёssh 1 ╓Р╤ь╩ъ╓╧╓К╓Ё╓х╓Р╓╙╢╚╓А╓╥╓ч╓╧╓╛║╒цы╓╓╔ч | ||
52 | ╔╥╔С╓г╓оф╟╨Н╓╛цы╓╞╓й╓ц╓©╓Й║╒╦е╓╓╔╞╔И╔╓╔╒╔С╔х╓╚╓ИюэбЁ╓г╓╜╓й╓╞╓й╓ц╓©╓Й | ||
53 | ╓╥╓ч╓╧ ("potato" ╓н ssh ╔╞╔И╔╓╔╒╔С╔х╓БюэбЁ╓г╓╜╓й╓╞╓й╓Й╓ч╓╧)║ё | ||
54 | . | ||
55 | ╓ч╓©║╒╔в╔М╔х╔Ё╔К 1 ╓г╩х╓╕╔╜║╪╓о╟ш╓й╓К╓©╓А║╒╔в╔М╔х╔Ё╔К 2 ╓Рм╜╦З╓к╓╥╓© | ||
56 | ╓ю╓╠╓г╓о╓╫╓н╔╜║╪╓Р╩х╓╕╓Ё╓х╓╛╓г╓╜╓ч╓╩╓С║ё | ||
57 | . | ||
58 | ╓Б╓╥╨ё╦Е╓╒╓й╓©╓╛╧м╓╗╓Рйя╓╗╓©╓И║╒README.Debian ╓Рфи╓Ю╓х sshd_config ╓Р | ||
59 | ╓и╓н╓Х╓╕╓кйя╧╧╓╥╓©╓И╓Х╓╓╓╚╓╛й╛╓╚╓Й╓ч╓╧║ё | ||
60 | |||
61 | Template: ssh/ssh2_keys_merged | ||
62 | Type: note | ||
63 | Description: ssh2 keys merged in configuration files | ||
64 | As of version 3 OpenSSH no longer uses separate files for ssh1 and | ||
65 | ssh2 keys. This means the authorized_keys2 and known_hosts2 files | ||
66 | are no longer needed. They will still be read in order to maintain | ||
67 | backwards compatibility | ||
68 | Description-ja: ssh2 ╔╜║╪╓оюъдЙ╔у╔║╔╓╔К╓кеЩ╧Г╓╣╓Л╓ч╓╧ | ||
69 | OpenSSH ╓н╔п║╪╔╦╔Г╔С 3 ╓о║╒ssh1 ╓х ssh2 ╓н╔╜║╪╓к╦дйл╓н╔у╔║╔╓╔К╓Р╩х╓╓ | ||
70 | ╓ч╓╩╓С║ё╓д╓ч╓Й║╒authorized_keys2 ╔у╔║╔╓╔К╓х known_hosts2 ╔у╔║╔╓╔К╓о╓Б | ||
71 | ╓о╓Дитмв╓х╓й╓Й╓ч╓╥╓©║ё╦ЕйЩ╦ъ╢╧ю╜╓Рйщ╓д╓©╓А╓к╓о╓Ё╓Л╓И╓н╔у╔║╔╓╔К╓╛и╛мв | ||
72 | ╓г╓╧║ё | ||
73 | |||
74 | Template: ssh/use_old_init_script | ||
75 | Type: boolean | ||
76 | Default: false | ||
77 | Description: Do you want to continue (and risk killing active ssh sessions) ? | ||
78 | The version of /etc/init.d/ssh that you have installed, is likely to kill | ||
79 | all running sshd instances. If you are doing this upgrade via an ssh | ||
80 | session, that would be a Bad Thing(tm). | ||
81 | . | ||
82 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | ||
83 | start-stop-daemon line in the stop section of the file. | ||
84 | Description-ja: бЁ╓╠╓ф╓╓╓╓╓г╓╧╓╚ (юэбЁцФ╓н ssh ╔╩╔ц╔╥╔Г╔С╓╛юз╓Л╓К╓╚╓Б╓╥╓Л╓ч╓╩╓С) | ||
85 | ╓╓╓ч╔╓╔С╔╧╔х║╪╔К╓╥╓© /etc/init.d/ssh ╓о║╒╓╙╓╫╓И╓╞╪б╧тцФ╓н sshd ╓Ра╢╓ф | ||
86 | дД╩ъ╓╣╓╩╓ч╓╧║ё╓Ё╓н╔п║╪╔╦╔Г╔С╔╒╔ц╔в╓Р ssh ╔╩╔ц╔╥╔Г╔С╓Рмя╓╓╓ф╧т╓╕╓н╓о╢ж | ||
87 | ╟Ц╓ц╓©╓Д╓Й╓╚╓©╓г╓╧║ё | ||
88 | . | ||
89 | ╓Ё╓н╬У╤╥╓Р╫╓ю╣╓╧╓К╓к╓о║╒/etc/init.d/ssh ╓н stop ╔╩╔╞╔╥╔Г╔С╓н | ||
90 | start-stop-daemon ╓н╧т╓к║ж--pidfile /var/run/sshd.pid║в╓хди╡ц╓╥╓ч╓╧║ё | ||
91 | |||
92 | Template: ssh/forward_warning | ||
93 | Type: note | ||
94 | Description: NOTE: Forwarding of X11 and Authorization disabled by default. | ||
95 | For security reasons, the Debian version of ssh has ForwardX11 and | ||
96 | ForwardAgent set to ``off'' by default. | ||
97 | . | ||
98 | You can enable it for servers you trust, either | ||
99 | in one of the configuration files, or with the -X command line option. | ||
100 | . | ||
101 | More details can be found in /usr/share/doc/ssh/README.Debian | ||
102 | Description-ja: цМ╟у: X11 ╓хг╖╬з╓н╔у╔╘╔О║╪╔г╔ё╔С╔╟╓о╔г╔у╔╘╔К╔х╓г╓о╤ь╩ъ╓╣╓Л╓ч╓╧ | ||
103 | ╔╩╔╜╔Е╔Й╔ф╔ё╬Е╓нмЩмЁ╓╚╓И║╒Debian ╓н ssh ╓г╓о ForwardX11 ╓х | ||
104 | ForwardAgent ╓о╔г╔у╔╘╔К╔х╓г╓о║жoff║в╓кюъдЙ╓╣╓Л╓ч╓╧║ё | ||
105 | . | ||
106 | юъдЙ╔у╔║╔╓╔К╓Р╩х╓ц╓©╓Й║╒-X ╔Ё╔ч╔С╔и╔И╔╓╔С╔╙╔в╔╥╔Г╔С╓Р╩х╓ц╓©╓Й╓╧╓К | ||
107 | ╓Ё╓х╓г║╒©╝мя╓г╓╜╓К╔╣║╪╔п╓кбп╓╥╓ф╣Ж╡д╓╧╓К╓Ё╓х╓╛╓г╓╜╓ч╓╧║ё | ||
108 | . | ||
109 | ╬э╨ы╓о /usr/share/doc/ssh/README.Debian ╓Рфи╓С╓г╡╪╓╣╓╓║ё | ||
110 | |||
111 | Template: ssh/insecure_rshd | ||
112 | Type: note | ||
113 | Description: Warning: rsh-server is installed --- probably not a good idea | ||
114 | having rsh-server installed undermines the security that you were probably | ||
115 | wanting to obtain by installing ssh. I'd advise you to remove that package. | ||
116 | Description-ja: ╥ы╧П: rsh-server ╓╛╔╓╔С╔╧╔х║╪╔К╓╣╓Л╓ф╓╓╓ч╓╧║ё╓©╓ж╓Сни╓╓╧м╓╗╓г╓о╓╒╓Й╓ч╓╩╓С | ||
117 | rsh-server ╓╛╔╓╔С╔╧╔х║╪╔К╓╣╓Л╓ф╓╓╓К╓х║╒╓╒╓й╓©╓╛ ssh ╓к╓Х╓ц╓ффю╓©╓╓╓х | ||
118 | ╩в╓ц╓ф╓╓╓К╓г╓╒╓М╓╕╔╩╔╜╔Е╔Й╔ф╔ё╓╛б╩╓й╓О╓Л╓ч╓╧║ё╓╫╓н╔я╔ц╔╠║╪╔╦╓Р╔╒╔С╔╓ | ||
119 | ╔С╔╧╔х║╪╔К╓╧╓К╓Ё╓х╓Р╓╙╢╚╓А╓╥╓ч╓╧║ё | ||
120 | |||
121 | Template: ssh/insecure_telnetd | ||
122 | Type: note | ||
123 | Description: Warning: telnetd is installed --- probably not a good idea | ||
124 | I'd advise you to either remove the telnetd package (if you don't actually | ||
125 | need to offer telnet access) or install telnetd-ssl so that there is at | ||
126 | least some chance that telnet sessions will not be sending unencrypted | ||
127 | login/password and session information over the network. | ||
128 | Description-ja: ╥ы╧П: telnetd ╓╛╔╓╔С╔╧╔х║╪╔К╓╣╓Л╓ф╓╓╓ч╓╧║ё╓©╓ж╓Сни╓╓╧м╓╗╓г╓о╓╒╓Й╓ч╓╩╓С | ||
129 | (╓Б╓╥ telnet ╔╒╔╞╔╩╔╧╓РдС╤║╓╥╓©╓╓╓х╩в╓ц╓ф╓╓╓й╓╓╓н╓г╓╥╓©╓И) telnetd | ||
130 | ╔я╔ц╔╠║╪╔╦╓Р╔╒╔С╔╓╔С╔╧╔х║╪╔К╓╧╓К╓╚║╒╓ч╓©╓о║╒telnetd-ssh ╔я╔ц╔╠║╪╔╦╓Р | ||
131 | ╔╓╔С╔╧╔х║╪╔К╓╥╓ф╬╞╓й╓╞╓х╓Б╔м╔ц╔х╔О║╪╔╞╬Е╓Р╟е╧Ф╡╫╓╣╓Л╓ф╓╓╓й╓╓╔Ф║╪╔╤л╬ | ||
132 | ╓Д╔я╔╧╔О║╪╔и╓Д╔╩╔ц╔╥╔Г╔С╬ПйС╓╛н╝╓Л╓й╓╓╓Х╓╕╓к╓╧╓К╓Ё╓х╓Р╓╙╢╚╓А╓╥╓ч╓╧║ё | ||
133 | |||
134 | Template: ssh/encrypted_host_key_but_no_keygen | ||
135 | Type: note | ||
136 | Description: Warning: you must create a new host key | ||
137 | There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. | ||
138 | OpenSSH can not handle this host key file, and I can't find the | ||
139 | ssh-keygen utility from the old (non-free) SSH installation. | ||
140 | . | ||
141 | You will need to generate a new host key. | ||
142 | Description-ja: ╥ы╧П: ©╥╓╥╓╓╔ш╔╧╔х╔╜║╪╓Р╨Н╓И╓й╓╓╓х╓╓╓╠╓ч╓╩╓С | ||
143 | IDEA ╓г╟е╧Ф╡╫╓╣╓Л╓©╦е╓╓╔╜║╪╓╛ /etc/ssh/ssh_host_key ╓к╓╒╓Й╓ч╓╧║ё | ||
144 | OpenSSH ╓о╓Ё╓н╔ш╔╧╔х╔╜║╪╔у╔║╔╓╔К╓Р╟╥╓╗╓ч╓╩╓С║ё╓ч╓©║╒╨ё╔╓╔С╔╧╔х║╪╔К | ||
145 | ╓╣╓Л╓ф╓╓╓К╦е╓╓ (╔у╔Й║╪╓г╓о╓й╓╓) SSH ╓к╓о ssh-keygen ╔Ф║╪╔ф╔ё╔Й╔ф╔ё | ||
146 | ╓╛╢ч╓ч╓Л╓ф╓╓╓ч╓╩╓С║ё | ||
147 | . | ||
148 | ©╥╓╥╓╓╔ш╔╧╔х╔╜║╪╓Р╨Н╓Ки╛мв╓╛╓╒╓Й╓ч╓╧║ё | ||
149 | |||
150 | Template: ssh/SUID_client | ||
151 | Type: boolean | ||
152 | Default: true | ||
153 | Description: Do you want /usr/bin/ssh to be installed SUID root? | ||
154 | You have the option of installing the ssh client with the SUID bit set. | ||
155 | . | ||
156 | If you make ssh SUID, you will be able to use Rhosts/RhostsRSA | ||
157 | authentication, but will not be able to use socks via the LD_PRELOAD | ||
158 | trick. This is the traditional approach. | ||
159 | . | ||
160 | If you do not make ssh SUID, you will be able to use socks, but | ||
161 | Rhosts/RhostsRSA authentication will stop working, which may stop you | ||
162 | logging in to remote systems. It will also mean that the source | ||
163 | port will be above 1024, which may confound firewall rules you've set up. | ||
164 | . | ||
165 | If in doubt, I suggest you install it with SUID. If it causes | ||
166 | problems you can change your mind later by running: dpkg-reconfigure ssh | ||
167 | Description-ja: /usr/bin/ssh ╓Р SUID root ╓г╔╓╔С╔╧╔х║╪╔К╓╥╓ч╓╧╓╚? | ||
168 | ssh ╔╞╔И╔╓╔╒╔С╔х╓Р╔╓╔С╔╧╔х║╪╔К╓╧╓К╨щ║╒SUID ╔с╔ц╔х╓РюъдЙ╓╧╓К╓╚╓╥╓й╓╓╓╚ | ||
169 | ╓Ра╙╓ж╓Ё╓х╓╛╓г╓╜╓ч╓╧║ё | ||
170 | . | ||
171 | SUID ╓РюъдЙ╓╧╓Л╓п║╒Rhosts/RhostsRSA г╖╬з╓Р╩х╓╕╓Ё╓х╓╛╓г╓╜╓ч╓╧╓╛║╒ | ||
172 | LD_PRELOAD ╔х╔Й╔ц╔╞╓Рмя╓╓╓ф socks ╓Р╩х╓╕╓Ё╓х╓╛╓г╓╜╓й╓╞╓й╓Й╓ч╓╧║ё╓Ё╓Л | ||
173 | ╓оеаеЩе╙╓й╓Д╓Й╓╚╓©╓г╓╧║ё | ||
174 | . | ||
175 | SUID ╓РюъдЙ╓╥╓й╓╠╓Л╓п║╒socks ╓Р╩х╓╕╓Ё╓х╓╛╓г╓╜╓ч╓╧╓╛║╒Rhosts/RhostRSA | ||
176 | г╖╬з╓╛ф╞╓╚╓й╓╞╓й╓Й║╒╔Й╔Б║╪╔х╔╥╔╧╔ф╔Ю╓ь╓н╔М╔╟╔╓╔С╓╛╓г╓╜╓й╓╞╓й╓К╓╚╓Б╓╥ | ||
177 | ╓Л╓ч╓╩╓С║ё╓ч╓©║╒╔╫║╪╔╧╔щ║╪╔х╓╛ 1024 ╟й╬Е╓х╓й╓Й║╒╓╒╓й╓©╓╛юъдЙ╓╥╓©╔у╔║ | ||
178 | ╔╓╔╒╔╕╔╘║╪╔К╓н╔К║╪╔К╓Р╨╝мП╓╣╓╩╓К╓╚╓Б╓╥╓Л╓ч╓╩╓С║ё | ||
179 | . | ||
180 | ╓Б╓╥й╛╓╚╓И╓й╓╠╓Л╓п║╒SUID ╓РюъдЙ╓╥╓©╬Убж╓г╔╓╔С╔╧╔х║╪╔К╓╧╓К╓Ё╓х╓Р╓╙╢╚╓А | ||
181 | ╓╥╓ч╓╧║ё╓╫╓Л╓г╓Б╓╥╡©╓╚лДбЙ╓╛╓╒╓Л╓п║╒dpkg-reconfigure ssh ╓Р╪б╧т╓╧╓К╓Ё | ||
182 | ╓х╓гюъдЙ╓Рйя╧╧╓╧╓К╓Ё╓х╓╛╓г╓╜╓ч╓╧║ё | ||
183 | |||
184 | Template: ssh/run_sshd | ||
185 | Type: boolean | ||
186 | Default: true | ||
187 | Description: Do you want to run the sshd server ? | ||
188 | This package contains both the ssh client, and the sshd server. | ||
189 | . | ||
190 | Normally the sshd Secure Shell Server will be run to allow remote | ||
191 | logins via ssh. | ||
192 | . | ||
193 | If you are only interested in using the ssh client for outbound | ||
194 | connections on this machine, and don't want to log into it at all | ||
195 | using ssh, then you can disable sshd here. | ||
196 | Description-ja: sshd ╔╣║╪╔п╓Р╪б╧т╓╥╓ч╓╧╓╚? | ||
197 | ╓Ё╓н╔я╔ц╔╠║╪╔╦╓о║╒ssh ╔╞╔И╔╓╔╒╔С╔х╓х sshd ╔╣║╪╔п╓нн╬йЩ╓Р╢ч╓С╓г╓╓╓ч╓╧║ё | ||
198 | . | ||
199 | дл╬О║╒sshd ╔╩╔╜╔Е╔╒╔╥╔╖╔К╔╣║╪╔п╓о║╒ssh ╓Рмя╓╓╓©╔Й╔Б║╪╔х╓╚╓И╓н╔М╔╟╔╓╔С | ||
200 | ╓Р╡дг╫╓к╓╧╓К╓©╓А╓к╪б╧т╓╥╓ч╓╧║ё | ||
201 | . | ||
202 | ╓Б╓╥ ssh ╔╞╔И╔╓╔╒╔С╔х╓Р╩х╓ц╓ф╓Ё╓н╔ч╔╥╔С╓╚╓Иб╬╔ч╔╥╔С╓ь╓хюэбЁ╓╧╓К╓ю╓╠╓г | ||
203 | ╓г║╒╓Ё╓н╔ч╔╥╔С╓ь╓х ssh ╓Р╩х╓ц╓ф╔М╔╟╔╓╔С╓╥╓й╓╓╓н╓г╓╥╓©╓И║╒╓Ё╓Ё╓г sshd | ||
204 | ╓Р╪б╧т╓╥╓й╓╓╓г╓╙╓╜╓ч╓╧║ё | ||
205 | |||
diff --git a/debian/templates.pt_BR b/debian/templates.pt_BR new file mode 100644 index 000000000..2d0b3e1e7 --- /dev/null +++ b/debian/templates.pt_BR | |||
@@ -0,0 +1,181 @@ | |||
1 | Template: ssh/upgrade_to_openssh | ||
2 | Type: boolean | ||
3 | Description: Are you sure you want to upgrade to OpenSSH? | ||
4 | This version of ssh (a.k.a. OpenSSH) is supposed to be a 100% compatible | ||
5 | drop in replacement for the original (non-free) implemetation. | ||
6 | . | ||
7 | If you find that it is not, please report the problem as a bug. | ||
8 | . | ||
9 | You can still find the old version of ssh in the ssh-nonfree package | ||
10 | (although the only reason you are likely to want that is if you also | ||
11 | want to install the ssh2 package). | ||
12 | . | ||
13 | NOTE: If you're upgrading a machine remotely, via ssh, make sure you have at | ||
14 | least one other ssh session running as root, and once this is installed, | ||
15 | check that you can still log in (with a third session), before logging out. | ||
16 | Description-pt_BR: VocЙ tem certeza que quer atualizar para o OpenSSH ? | ||
17 | Esta versЦo do ssh (tambИm conhecida como OpenSSH) И supostamente um | ||
18 | substituto 100% compatМvel para a implementaГЦo original (non-free). | ||
19 | . | ||
20 | Caso vocЙ ache que nЦo И, por favor reporte o problema como um bug. | ||
21 | . | ||
22 | VocЙ continuarА a encontrar a versЦo antiga do ssh no pacote ssh-nonfree | ||
23 | (embora a Зnica razЦo pela qual vocЙ queira isso И se vocЙ tambИm quer | ||
24 | instalar o pacote ssh2). | ||
25 | . | ||
26 | NOTA: Se vocЙ estА atualizando uma mАquina remotamente, via ssh, | ||
27 | certifique-se que vocЙ possui pelo menos outra sessЦo ssh executando como | ||
28 | root e, uma vez que o pacote esteja instalado, verifique se vocЙ continua | ||
29 | podendo se logar (com uma terceira sessЦo) antes de se desconectar | ||
30 | (logging out). | ||
31 | |||
32 | Template: ssh/ancient_version | ||
33 | Type: note | ||
34 | Description: You are trying to upgrade from an ancient version of non-free ssh | ||
35 | This is bound to be using IDEA encryption for your identity files. | ||
36 | You should upgrade to a vaguely contemporary (1.2.15 or later) version of | ||
37 | non-free ssh, and then upgrade all your key files using ssh-keygen -u | ||
38 | before attempting to migrate to OpenSSH. | ||
39 | . | ||
40 | Alternatively, you could just forget about that, and generate new keys. | ||
41 | Description-pt_BR: VocЙ estА tentando atualizar a partir de uma versЦo antiga do ssh non-free | ||
42 | Isto estА ligado a estar usando encriptaГЦo IDEA para seus arquivos de | ||
43 | identidade. VocЙ deverА atualizar para uma versЦo vagamente contemporБnea | ||
44 | (1.2.15 ou superior) do ssh non-free, e entЦo atualizar todos seus | ||
45 | arquivos de chaves usando ssh-keygen -u antes de tentar migrar para | ||
46 | OpenSSH. | ||
47 | . | ||
48 | Alternativamente, vocЙ poderia somente esquecer tudo isso e gerar | ||
49 | novas chaves. | ||
50 | |||
51 | Template: ssh/use_old_init_script | ||
52 | Type: boolean | ||
53 | Description: Do you want to continue (and risk killing active ssh sessions) ? | ||
54 | The version of /etc/init.d/ssh that you have installed, is likely to kill | ||
55 | all running sshd instances. If you are doing this upgrade via an ssh | ||
56 | session, that would be a Bad Thing(tm). | ||
57 | . | ||
58 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | ||
59 | start-stop-daemon line in the stop section of the file. | ||
60 | Description-pt_BR: VocЙ quer continuar (e arriscar matar sessУes ssh ativas) ? | ||
61 | A versЦo de /etc/init.d/ssh que vocЙ possui instalada estА prestes a | ||
62 | matar todas as instБncias sshd sendo executadas. Se vocЙ estА fazendo | ||
63 | esta atualizaГЦo atravИs de uma sessЦo ssh, isto seria uma Coisa | ||
64 | Ruim(tm). | ||
65 | . | ||
66 | VocЙ pode corrigir isto adicionando "--pidfile /var/run/sshd.pid" na | ||
67 | linha start-stop-daemon na seГЦo stop deste arquivo. | ||
68 | |||
69 | Template: ssh/forward_warning | ||
70 | Type: note | ||
71 | Description: NOTE: Forwarding of X11 and Authorization disabled by default. | ||
72 | For security reasons, the Debian version of ssh has ForwardX11 and | ||
73 | ForwardAgent set to ``off'' by default. | ||
74 | . | ||
75 | You can enable it for servers you trust, either | ||
76 | in one of the configuration files, or with the -X command line option. | ||
77 | . | ||
78 | More details can be found in /usr/share/doc/ssh/README.Debian | ||
79 | Description-pt_BR: NOTA: Forwarding de X11 e Authorization desabilitados por padrЦo. | ||
80 | Por razТes de seguranГa, a versЦo Debian do ssh tem as opГУes ForwardX11 | ||
81 | e ForwardAgent definidas como ``off'' por padrЦo. | ||
82 | . | ||
83 | VocЙ pode habilitar isso para servidores que vocЙ confia, ou em um dos | ||
84 | arquivos de configuraГЦo, ou com a opГЦo de linha de comando -X. | ||
85 | . | ||
86 | Maiores detalhes podem ser encontrados em | ||
87 | /usr/share/doc/ssh/README.Debian. | ||
88 | |||
89 | Template: ssh/insecure_rshd | ||
90 | Type: note | ||
91 | Description: Warning: rsh-server is installed --- probably not a good idea | ||
92 | having rsh-server installed undermines the security that you were probably | ||
93 | wanting to obtain by installing ssh. I'd advise you to remove that package. | ||
94 | Description-pt_BR: Aviso: rsh-server estА instalado --- provavelmente nЦo И uma boa idИia | ||
95 | Possuir o rsh-server instalado minarА a seguranГa que vocЙ estava | ||
96 | provavelmente querendo obter instalando o ssh. Eu recomendaria a vocЙ | ||
97 | remover este pacote. | ||
98 | |||
99 | Template: ssh/insecure_telnetd | ||
100 | Type: note | ||
101 | Description: Warning: telnetd is installed --- probably not a good idea | ||
102 | I'd advise you to either remove the telnetd package (if you don't actually | ||
103 | need to offer telnet access) or install telnetd-ssl so that there is at | ||
104 | least some chance that telnet sessions will not be sending unencrypted | ||
105 | login/password and session information over the network. | ||
106 | Description-pt_BR: Aviso: telnetd estА instalado --- provavelmente nЦo И uma boa idИia | ||
107 | Eu recomendaria a vocЙ ou remover o pacote telnetd (se vocЙ atualmente | ||
108 | nЦo precisa oferecer acesso telnet) ou instalar telnetd-ssl. Assim existe | ||
109 | pelo menos uma chance das sessУes telnet nЦo enviarem login/senha nЦo | ||
110 | encriptados e informaГУes de sessЦo atravИs da rede. | ||
111 | |||
112 | Template: ssh/encrypted_host_key_but_no_keygen | ||
113 | Type: note | ||
114 | Description: Warning: you must create a new host key | ||
115 | There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. | ||
116 | OpenSSH can not handle this host key file, and I can't find the | ||
117 | ssh-keygen utility from the old (non-free) SSH installation. | ||
118 | . | ||
119 | You will need to generate a new host key. | ||
120 | Description-pt_BR: Aviso: vocЙ deve criar uma nova host key | ||
121 | Existe uma antiga /etc/ssh/ssh_host_key, a qual И encriptada usando IDEA. | ||
122 | O OpenSSH nЦo pode gerenciar este arquivo host key e eu nЦo consigo | ||
123 | encontrar o utilitАrio ssh-keygen da antiga (non-free) instalaГЦo SSH. | ||
124 | . | ||
125 | VocЙ precisarА gerar uma nova host key. | ||
126 | |||
127 | Template: ssh/SUID_client | ||
128 | Type: boolean | ||
129 | Default: false | ||
130 | Description: Do you want /usr/bin/ssh to be installed SUID root? | ||
131 | You have the option of installing the ssh client with the SUID bit set. | ||
132 | . | ||
133 | If you make ssh SUID, you will be able to use Rhosts/RhostsRSA | ||
134 | authentication, but will not be able to use socks via the LD_PRELOAD | ||
135 | trick. This is the traditional approach. | ||
136 | . | ||
137 | If you do not make ssh SUID, you will be able to use socks, but | ||
138 | Rhosts/RhostsRSA authentication will stop working, which may stop you | ||
139 | logging in to remote systems. It will also mean that the source | ||
140 | port will be above 1024, which may confound firewall rules you've set up. | ||
141 | . | ||
142 | If in doubt, I suggest you install it without SUID. If it causes | ||
143 | problems you can change your mind later by running: dpkg-reconfigure ssh | ||
144 | Description-pt_BR: VocЙ quer que /usr/bin/ssh seja instalado SUID root ? | ||
145 | VocЙ tem a opГЦo de instalar o cliente ssh com o bit SUID setado. | ||
146 | . | ||
147 | Se vocЙ fizer o ssh SUID, vocЙ conseguirА usar autenticaГЦo | ||
148 | Rhosts/RhostsRSA, mas nЦo serА capaz de usar socks atravИs do truque | ||
149 | LD_PRELOAD. Isto И o tradicional. | ||
150 | . | ||
151 | Se vocЙ nЦo fizer o ssh SUID, vocЙ poderА usar socks, mas a autenticaГЦo | ||
152 | Rhosts/RhostsRSA irА parar de funcionar, o que poderА lhe impedir de | ||
153 | logar em sistemas remotos. Isto significarА tambИm que a porta fonte | ||
154 | estarА acima de 1024, o que poderА confundir regras de firewall que vocЙ | ||
155 | tenha definido. | ||
156 | . | ||
157 | Caso esteja em dЗvida, eu sugiro a vocЙ instalar sem SUID. Se isso causar | ||
158 | problemas vocЙ pode mudar sua escolha posteriormente executando: | ||
159 | dpkg-reconfigure ssh. | ||
160 | |||
161 | Template: ssh/run_sshd | ||
162 | Type: boolean | ||
163 | Default: true | ||
164 | Description: Do you want to run the sshd server ? | ||
165 | This package contains both the ssh client, and the sshd server. | ||
166 | . | ||
167 | Normally the sshd Secure Shell Server will be run to allow remote | ||
168 | logins via ssh. | ||
169 | . | ||
170 | If you are only interested in using the ssh client for outbound | ||
171 | connections on this machine, and don't want to log into it at all | ||
172 | using ssh, then you can disable sshd here. | ||
173 | Description-pt_BR: VocЙ quer executar o servidor sshd ? | ||
174 | Este pacote contИm ambos o cliente ssh e o servidor sshd. | ||
175 | . | ||
176 | Normalmente o sshd Secure Shell Server serА executado para permitir | ||
177 | logins remotos via ssh. | ||
178 | . | ||
179 | Se vocЙ estА interessado somente em usar o cliente ssh para conexУes | ||
180 | para fora desta mАquina, e nЦo quer logar na mesma usando ssh, entЦo vocЙ | ||
181 | pode desabilitar o sshd aqui. | ||
diff --git a/debian/templates.ru b/debian/templates.ru new file mode 100644 index 000000000..39038ff22 --- /dev/null +++ b/debian/templates.ru | |||
@@ -0,0 +1,207 @@ | |||
1 | Template: ssh/upgrade_to_openssh | ||
2 | Type: boolean | ||
3 | Description: Are you sure you want to upgrade to OpenSSH? | ||
4 | This version of ssh (a.k.a. OpenSSH) is supposed to be a 100% compatible | ||
5 | drop in replacement for the original (non-free) implemetation. | ||
6 | . | ||
7 | If you find that it is not, please report the problem as a bug. | ||
8 | . | ||
9 | You can still find the old version of ssh in the ssh-nonfree package | ||
10 | (although the only reason you are likely to want that is if you also | ||
11 | want to install the ssh2 package). | ||
12 | . | ||
13 | NOTE: If you're upgrading a machine remotely, via ssh, make sure you have at | ||
14 | least one other ssh session running as root, and once this is installed, | ||
15 | check that you can still log in (with a third session), before logging out. | ||
16 | Description-ru: Вы уверены, что хотите обновить OpenSSH? | ||
17 | Эта версия ssh(он же OpenSSH) является 100%-совместимой с оригинальной | ||
18 | (несвободной) реализацией. | ||
19 | . | ||
20 | Если вы обнаружили различие, то, пожалуйста, сообщите об этой ошибке. | ||
21 | . | ||
22 | Вы можете по прежнему найти старую версию ssh в пакете ssh-nonfree | ||
23 | (хотя действительно необходимо его использовать только, если вы хотите | ||
24 | установить еще и пакет ssh2). | ||
25 | . | ||
26 | Примечание: Если вы удаленно обновляете машину через ssh, то убедитесь | ||
27 | что как минимум еще одна сессия ssh запущена от root, и как только | ||
28 | процесс обновления закончится, убедитесь, что вы сможете войти в | ||
29 | систему (установив третью сессию), перед тем как отсоединяться. | ||
30 | |||
31 | Template: ssh/protocol2_default | ||
32 | Type: note | ||
33 | Description: SSH uses protocol 2 by default. | ||
34 | This version of SSH (unlike previous ones) uses ssh | ||
35 | protocol version 2 by default. The key file formats have changed | ||
36 | between the protocol versions, so your old key files will not be | ||
37 | useful. You may either pass the '-1' option to ssh to force it to use | ||
38 | the older protocol (and your old keys), or generate new keys. Protocol | ||
39 | version 2 is thought to be more secure, so this is the preferred | ||
40 | course of action. See README.Debian for a little more information | ||
41 | . | ||
42 | Also, due to problems with IPv4 and IPv6 interoperation, IPv4 is now | ||
43 | the default (this is a change from previous versions). Passing ssh the | ||
44 | -6 flag will cause IPv6 addresses to be used. Once the current issues | ||
45 | with using IPv6 on machines with IPv4 addresses have been solved, the | ||
46 | previous default will be restored | ||
47 | Description-ru: SSH использует по умолчанию протокол версии 2. | ||
48 | Эта версия SSH (в отличии от предыдущих) использует по умолчанию | ||
49 | протокол версии 2. В этой версии протокола изменен формат файлов | ||
50 | ключей, так что ваши старые ключи станут бесполезными. Вы можете либо | ||
51 | указывать опцию '-1' для ssh, чтобы принудительно использовать более | ||
52 | старую версию протокола, либо сгенерируйте новый ключи. Протокол | ||
53 | версии 2 более защищенный, и поэтому предопределен по умолчанию. См. | ||
54 | подробности в файле README.Debian. | ||
55 | . | ||
56 | Также из-за проблем взаимосоответствия IPv4 и IPv6, сейчас по | ||
57 | умолчанию по умолчанию используется IPv4 (в отличии от предыдущих | ||
58 | версий). Чтобы использовать IPv6, надо задать флаг -6. Как только все | ||
59 | сложности с использованием IPv6 на машинах с адресами IPv4 будут | ||
60 | решены, то прежнее поведение по умолчанию будет восстановлено. | ||
61 | |||
62 | Template: ssh/ancient_version | ||
63 | Type: note | ||
64 | Description: You are trying to upgrade from an ancient version of non-free ssh | ||
65 | This is bound to be using IDEA encryption for your identity files. | ||
66 | You should upgrade to a vaguely contemporary (1.2.15 or later) version of | ||
67 | non-free ssh, and then upgrade all your key files using ssh-keygen -u | ||
68 | before attempting to migrate to OpenSSH. | ||
69 | . | ||
70 | Alternatively, you could just forget about that, and generate new keys. | ||
71 | Description-ru: Вы пытаетесь обновить древнюю версию коммерческого ssh | ||
72 | Она ограничена использованием шифрования IDEA для ваших файлов | ||
73 | идентификации. Рекомендуется обновить более современные версии (1.2.15 | ||
74 | или более поздние) коммерческого ssh, и потом обновить ваши ключевые | ||
75 | файлы командой `ssh-keygen -u` перед попыткой перейти на OpenSSH. | ||
76 | . | ||
77 | Как вариант, можете забыть обо всем этом и сгенерировать новые ключи. | ||
78 | |||
79 | Template: ssh/use_old_init_script | ||
80 | Type: boolean | ||
81 | Description: Do you want to continue (and risk killing active ssh sessions) ? | ||
82 | The version of /etc/init.d/ssh that you have installed, is likely to kill | ||
83 | all running sshd instances. If you are doing this upgrade via an ssh | ||
84 | session, that would be a Bad Thing(tm). | ||
85 | . | ||
86 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | ||
87 | start-stop-daemon line in the stop section of the file. | ||
88 | Description-ru: Вы хотите продолжить (рискуя потерять активные ssh-соединения)? | ||
89 | Версия /etc/init.d/ssh, которую вы устанавливаете, может убить все | ||
90 | запущенные процессы ssh. Если вы осуществляете это обновление через | ||
91 | ssh сессию, то это Плохая Вещь (tm). | ||
92 | . | ||
93 | Это можно исправить добавлением "--pidfile /var/run/sshd.pid" в строке | ||
94 | start-stop-daemon в разделе stop этого файла. | ||
95 | |||
96 | Template: ssh/forward_warning | ||
97 | Type: note | ||
98 | Description: NOTE: Forwarding of X11 and Authorization disabled by default. | ||
99 | For security reasons, the Debian version of ssh has ForwardX11 and | ||
100 | ForwardAgent set to ``off'' by default. | ||
101 | . | ||
102 | You can enable it for servers you trust, either | ||
103 | in one of the configuration files, or with the -X command line option. | ||
104 | . | ||
105 | More details can be found in /usr/share/doc/ssh/README.Debian | ||
106 | Description-ru: ПРИМЕЧАНИЕ: Форвардинг X11 и Authorization запрещен по умолчанию. | ||
107 | По причинам безопасности, в версии для Debian ssh имеет ForwardX11 и | ||
108 | ForwardAgent установленными в ``off'' по умолчанию. | ||
109 | . | ||
110 | Вы можете разрешить их для серверов, которым доверяете либо в одном из | ||
111 | настроечных файлов, или параметром командной строки -X. | ||
112 | . | ||
113 | Дополнительую информацию можно найти в /usr/share/doc/ssh/README.Debian | ||
114 | |||
115 | Template: ssh/insecure_rshd | ||
116 | Type: note | ||
117 | Description: Warning: rsh-server is installed --- probably not a good idea | ||
118 | having rsh-server installed undermines the security that you were probably | ||
119 | wanting to obtain by installing ssh. I'd advise you to remove that package. | ||
120 | Description-ru: Предупреждение: установлен rsh-server --- видимо, не очень хорошо | ||
121 | Установленный rsh-server снижает безопасность, которую вы вероятно | ||
122 | хотите повысить устанавливая ssh. Рекомендуется удалить этот пакет. | ||
123 | |||
124 | Template: ssh/insecure_telnetd | ||
125 | Type: note | ||
126 | Description: Warning: telnetd is installed --- probably not a good idea | ||
127 | I'd advise you to either remove the telnetd package (if you don't actually | ||
128 | need to offer telnet access) or install telnetd-ssl so that there is at | ||
129 | least some chance that telnet sessions will not be sending unencrypted | ||
130 | login/password and session information over the network. | ||
131 | Description-ru: Предупреждение: установлен telnetd --- видимо, не очень хорошо | ||
132 | Я рекомендовал бы вам удалить пакет telnetd (если вам действительно не | ||
133 | нужен доступ telnet) или установить telnet-ssl, чтобы иметь хотя бы | ||
134 | возможность не передавать по сети незашифрованные имена и пароли | ||
135 | пользователей и прочую информацию в telnet-сессиях. | ||
136 | |||
137 | Template: ssh/encrypted_host_key_but_no_keygen | ||
138 | Type: note | ||
139 | Description: Warning: you must create a new host key | ||
140 | There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. | ||
141 | OpenSSH can not handle this host key file, and I can't find the | ||
142 | ssh-keygen utility from the old (non-free) SSH installation. | ||
143 | . | ||
144 | You will need to generate a new host key. | ||
145 | Description-ru: Предупреждение: вы должны создать новый ключ машины. | ||
146 | Есть старый /etc/ssh/ssh_host_key, который зашифрован IDEA. OpenSSH не | ||
147 | может работать с этим ключом машины, и я не могу найти утилиту | ||
148 | ssh-keygen от старой (несвободной) инсталляции SSH. | ||
149 | . | ||
150 | Вам надо будет сгенерировать новый ключ хоста. | ||
151 | |||
152 | Template: ssh/SUID_client | ||
153 | Type: boolean | ||
154 | Default: true | ||
155 | Description: Do you want /usr/bin/ssh to be installed SUID root? | ||
156 | You have the option of installing the ssh client with the SUID bit set. | ||
157 | . | ||
158 | If you make ssh SUID, you will be able to use Rhosts/RhostsRSA | ||
159 | authentication, but will not be able to use socks via the LD_PRELOAD | ||
160 | trick. This is the traditional approach. | ||
161 | . | ||
162 | If you do not make ssh SUID, you will be able to use socks, but | ||
163 | Rhosts/RhostsRSA authentication will stop working, which may stop you | ||
164 | logging in to remote systems. It will also mean that the source | ||
165 | port will be above 1024, which may confound firewall rules you've set up. | ||
166 | . | ||
167 | If in doubt, I suggest you install it with SUID. If it causes | ||
168 | problems you can change your mind later by running: dpkg-reconfigure ssh | ||
169 | Description-ru: Хотите установить /usr/bin/ssh как SUID root? | ||
170 | Вы имеете возможность установить /usr/bin/ssh с установленным битом | ||
171 | SUID. | ||
172 | . | ||
173 | Если вы делаете ssh SUID, то вы сможете использовать аутентификацию | ||
174 | Rhosts/RhostsRSA, но не сможете использовать socks через LD_PRELOAD. | ||
175 | Это традиционное поведение. | ||
176 | . | ||
177 | Если вы сделаете ssh SUID, то вы сможете использовать socks, но зато | ||
178 | аутентификация Rhosts/RhostsRSA не будет работать, что может сделать | ||
179 | невозможным вашу регистрацию на удаленных системах. Также это означает | ||
180 | что номер источникового порта будет больше 1024, что может не нарушить | ||
181 | работу установленных вами правил файрвола. | ||
182 | . | ||
183 | Если вы не знаете, что решить, то рекомендуется установить его с битом | ||
184 | SUID. Если вы потом передумаете, то эту установку можно будет изменить | ||
185 | командой: "dpkg-reconfigure ssh". | ||
186 | |||
187 | Template: ssh/run_sshd | ||
188 | Type: boolean | ||
189 | Default: true | ||
190 | Description: Do you want to run the sshd server ? | ||
191 | This package contains both the ssh client, and the sshd server. | ||
192 | . | ||
193 | Normally the sshd Secure Shell Server will be run to allow remote | ||
194 | logins via ssh. | ||
195 | . | ||
196 | If you are only interested in using the ssh client for outbound | ||
197 | connections on this machine, and don't want to log into it at all | ||
198 | using ssh, then you can disable sshd here. | ||
199 | Description-ru: Хотите запустить сервер sshd? | ||
200 | Этот пакет содержит и ssh-клиент, и ssh-сервер. | ||
201 | . | ||
202 | Обычно sshd Secure Shell Server запускается для удаленного входа в | ||
203 | регистрации в системе через ssh. | ||
204 | . | ||
205 | Если вас интересует только использование ssh-клиента для исходящих | ||
206 | соединений с этой машины, и вы не хотите входить в ее систему через | ||
207 | ssh, то вы можете сейчас запретить sshd. | ||