diff options
Diffstat (limited to 'debian')
35 files changed, 6276 insertions, 0 deletions
diff --git a/debian/.cvsignore b/debian/.cvsignore new file mode 100644 index 000000000..907978a06 --- /dev/null +++ b/debian/.cvsignore | |||
@@ -0,0 +1,6 @@ | |||
1 | files | ||
2 | ssh-askpass-gnome | ||
3 | templates | ||
4 | tmp | ||
5 | *.debhelper | ||
6 | *substvars | ||
diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 000000000..ca928f9f0 --- /dev/null +++ b/debian/README.Debian | |||
@@ -0,0 +1,226 @@ | |||
1 | OpenSSH for Debian | ||
2 | ------------------ | ||
3 | |||
4 | Although this package is widely referred to as OpenSSH, it is actually | ||
5 | a branch of an early version of ssh which has been tidied up by the | ||
6 | OpenBSD folks. | ||
7 | |||
8 | It has been decided that this version should have the privilege of | ||
9 | carrying the ``ssh'' name in Debian, since it is the only version of | ||
10 | ssh that is going to make it into Debian proper, being the only one | ||
11 | that complies with the Debian Free Software Guidelines. | ||
12 | |||
13 | If you were expecting to get the non-free version of ssh (1.2.27 or | ||
14 | whatever) when you installed this package, then you're out of luck, as | ||
15 | Debian don't ship it. | ||
16 | |||
17 | =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | ||
18 | |||
19 | UPGRADE ISSUES | ||
20 | ============== | ||
21 | |||
22 | Privilege Separation | ||
23 | -------------------- | ||
24 | |||
25 | As of 3.3, openssh has employed privilege separation to reduce the | ||
26 | quantity of code that runs as root, thereby reducing the impact of | ||
27 | some security holes in sshd. | ||
28 | |||
29 | Unfortunately, privilege separation interacts badly with PAM. Any PAM | ||
30 | session modules that need to run as root (pam_mkhomedir, for example) | ||
31 | will fail, and PAM keyboard-interactive authentication won't work. | ||
32 | |||
33 | Privilege separation is turned on by default, so if you decide you | ||
34 | want it turned off, you need to add "UsePrivilegeSeparation no" to | ||
35 | /etc/ssh/sshd_config | ||
36 | |||
37 | PermitRootLogin set to yes | ||
38 | -------------------------- | ||
39 | |||
40 | This is now the default setting (in line with upstream), and people | ||
41 | who asked for an automatically-generated configuration file when | ||
42 | upgrading from potato (or on a new install) will have this setting in | ||
43 | their /etc/ssh/sshd_config file. | ||
44 | |||
45 | Should you wish to change this setting, edit /etc/ssh/sshd_config, and | ||
46 | change: | ||
47 | PermitRootLogin yes | ||
48 | to: | ||
49 | PermitRootLogin no | ||
50 | |||
51 | Having PermitRootLogin set to yes means that an attacker that knows | ||
52 | the root password can ssh in directly (without having to go via a user | ||
53 | account). If you set it to no, then they must compromise a normal user | ||
54 | account. In the vast majority of cases, this does not give added | ||
55 | security; remember that any account you su to root from is equivalent | ||
56 | to root - compromising this account gives an attacker access to root | ||
57 | easily. If you only ever log in as root from the physical console, | ||
58 | then you probably want to set this value to no. | ||
59 | |||
60 | As an aside, PermitRootLogin can also be set to "without-password" or | ||
61 | "forced-commands-only" - see sshd(8) for more details. | ||
62 | |||
63 | DO NOT FILE BUG REPORTS SAYING YOU THINK THIS DEFAULT IS INCORRECT! | ||
64 | |||
65 | The argument above is somewhat condensed; I have had this discussion | ||
66 | at great length with many people. If you think the default is | ||
67 | incorrect, and feel strongly enough to want to argue with me about it, | ||
68 | then send me email to matthew@debian.org. I will close bug reports | ||
69 | claiming the default is incorrect. | ||
70 | |||
71 | SSH now uses protocol 2 by default | ||
72 | ---------------------------------- | ||
73 | |||
74 | This means all your keyfiles you used for protocol version 1 need to | ||
75 | be re-generated. The server keys are done automatically, but for RSA | ||
76 | authentication, please read the ssh-keygen manpage. | ||
77 | |||
78 | If you have an automatically generated configuration file, and decide | ||
79 | at a later stage that you do want to support protocol version 1 (not | ||
80 | recommended, but note that the ssh client shipped with Debian potato | ||
81 | only supported protocol version 1), then you need to do the following: | ||
82 | |||
83 | Change /etc/ssh/sshd_config such that: | ||
84 | Protocol 2 | ||
85 | becomes: | ||
86 | Protocol 2,1 | ||
87 | Also add the line: | ||
88 | HostKey /etc/ssh/ssh_host_key | ||
89 | |||
90 | (you may need to generate a host key if you do not already have one) | ||
91 | |||
92 | X11 Forwarding | ||
93 | -------------- | ||
94 | |||
95 | ssh's default for ForwardX11 has been changed to ``no'' because it has | ||
96 | been pointed out that logging into remote systems administered by | ||
97 | untrusted people is likely to open you up to X11 attacks, so you | ||
98 | should have to actively decide that you trust the remote machine's | ||
99 | root, before enabling X11. I strongly recommend that you do this on a | ||
100 | machine-by-machine basis, rather than just enabling it in the default | ||
101 | host settings. | ||
102 | |||
103 | In order for X11 forwarding to work, you need to install xauth on the | ||
104 | server. In Debian this is in the xbase-clients package. | ||
105 | |||
106 | As of OpenSSH 3.1, the remote $DISPLAY uses localhost by default to reduce | ||
107 | the security risks of X11 forwarding. Look up X11UseLocalhost in | ||
108 | sshd_config(8) if this is a problem. | ||
109 | |||
110 | Fallback to RSH | ||
111 | --------------- | ||
112 | |||
113 | The default for this setting has been changed from Yes to No, for | ||
114 | security reasons, and to stop the delay attempting to rsh to machines | ||
115 | that don't offer the service. Simply switch it back on in either | ||
116 | /etc/ssh/ssh_config or ~/.ssh/config for those machines that you need | ||
117 | it for. | ||
118 | |||
119 | Setgid ssh-agent and environment variables | ||
120 | ------------------------------------------ | ||
121 | |||
122 | As of version 1:3.5p1-1, ssh-agent is installed setgid to prevent ptrace() | ||
123 | attacks retrieving private key material. This has the side-effect of causing | ||
124 | glibc to remove certain environment variables which might have security | ||
125 | implications for set-id programs, including LD_PRELOAD, LD_LIBRARY_PATH, and | ||
126 | TMPDIR. | ||
127 | |||
128 | If you need to set any of these environment variables, you will need to do | ||
129 | so in the program exec()ed by ssh-agent. This may involve creating a small | ||
130 | wrapper script. | ||
131 | |||
132 | Symlink Hostname invocation | ||
133 | --------------------------- | ||
134 | |||
135 | This version of ssh no longer includes support for invoking ssh with the | ||
136 | hostname as the name of the file run. People wanting this support should | ||
137 | use the ssh-argv0 script. | ||
138 | |||
139 | =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | ||
140 | |||
141 | OTHER ISSUES | ||
142 | ============ | ||
143 | |||
144 | /usr/bin/ssh not SUID | ||
145 | --------------------- | ||
146 | |||
147 | Due to Debian bug #164325, RhostsRSAAuthentication can only be used if ssh | ||
148 | is SUID. Until this is fixed, if that is a problem, use: | ||
149 | |||
150 | dpkg-statoverride | ||
151 | |||
152 | or if that's also missing, use this: | ||
153 | |||
154 | chown root.root /usr/bin/ssh | ||
155 | chmod 04755 /usr/bin/ssh | ||
156 | |||
157 | Authorization Forwarding | ||
158 | ------------------------ | ||
159 | |||
160 | Similarly, root on a remote server could make use of your ssh-agent | ||
161 | (while you're logged into their machine) to obtain access to machines | ||
162 | which trust your keys. This feature is therefore disabled by default. | ||
163 | You should only re-enable it for those hosts (in your ~/.ssh/config or | ||
164 | /etc/ssh/ssh_config) where you are confident that the remote machine | ||
165 | is not a threat. | ||
166 | |||
167 | Problems logging in with RSA authentication | ||
168 | ------------------------------------------- | ||
169 | |||
170 | If you have trouble logging in with RSA authentication then the | ||
171 | problem is probably caused by the fact that you have your home | ||
172 | directory writable by group, as well as user (this is the default on | ||
173 | Debian systems). | ||
174 | |||
175 | Depending upon other settings on your system (i.e. other users being | ||
176 | in your group) this could open a security hole, so you will need to | ||
177 | make your home directory writable only by yourself. Run this command, | ||
178 | as yourself: | ||
179 | |||
180 | chmod g-w ~/ | ||
181 | |||
182 | to remove group write permissions. If you use ssh-copy-id to install your | ||
183 | keys, it does this for you. | ||
184 | |||
185 | -L option of ssh nonfree | ||
186 | ------------------------ | ||
187 | |||
188 | non-free ssh supported the usage of the option -L to use a non privileged | ||
189 | port for scp. This option will not be supported by scp from openssh. | ||
190 | |||
191 | Please use instead scp -o "UsePrivilegedPort=no" as documented in the | ||
192 | manpage to scp itself. | ||
193 | |||
194 | Problem logging in because of TCP-Wrappers | ||
195 | ------------------------------------------ | ||
196 | |||
197 | ssh is compiled with support for tcp-wrappers. So if you can no longer | ||
198 | log into your system, please check that /etc/hosts.allow and /etc/hosts.deny | ||
199 | are configured so that ssh is not blocked. | ||
200 | |||
201 | Kerberos Authentication | ||
202 | ----------------------- | ||
203 | |||
204 | ssh is compiled without support for kerberos authentication, and there are | ||
205 | no current plans to support this. Thus the KerberosAuthentication and | ||
206 | KerberosTgtPassing options will not be recognised. | ||
207 | |||
208 | Interoperability between scp and the ssh.com SSH server | ||
209 | ------------------------------------------------------- | ||
210 | |||
211 | In version 2 and greater of the commercial SSH server produced by SSH | ||
212 | Communications Security, scp was changed to use SFTP (SSH2's file transfer | ||
213 | protocol) instead of the traditional rcp-over-ssh, thereby breaking | ||
214 | compatibility. The OpenSSH developers regard this as a bug in the ssh.com | ||
215 | server, and do not currently intend to change OpenSSH's scp to match. | ||
216 | |||
217 | Workarounds for this problem are to install scp1 on the server (scp2 will | ||
218 | fall back to it), to use sftp, or to use some other transfer mechanism such | ||
219 | as rsync-over-ssh or tar-over-ssh. | ||
220 | |||
221 | -- | ||
222 | Matthew Vernon | ||
223 | <matthew@debian.org> | ||
224 | and | ||
225 | Colin Watson | ||
226 | <cjwatson@debian.org> | ||
diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 000000000..b5be7720c --- /dev/null +++ b/debian/changelog | |||
@@ -0,0 +1,1227 @@ | |||
1 | openssh (1:3.6.1p2-6.0) unstable; urgency=high | ||
2 | |||
3 | * SECURITY: fix for CAN-2003-0693, buffer allocation error | ||
4 | |||
5 | -- Michael Stone <mstone@debian.org> Tue, 16 Sep 2003 08:27:07 -0400 | ||
6 | |||
7 | openssh (1:3.6.1p2-6) unstable; urgency=medium | ||
8 | |||
9 | * Use a more CVS-friendly means of setting SSH_VERSION. | ||
10 | * Update Brazilian Portuguese debconf template translation (thanks, Andre | ||
11 | Luis Lopes; closes: #208036). | ||
12 | * Don't run 'sshd -t' in init script if the server isn't to be run | ||
13 | (closes: #197576). | ||
14 | * Fix login delay, spurious auth.log entry, and PermitRootLogin | ||
15 | information leakage due to PAM issues with upstream's recent security | ||
16 | update (thanks, Darren Tucker; closes: #99168, #192207, #193546). | ||
17 | * Policy version 3.6.1: recode this changelog to UTF-8. | ||
18 | |||
19 | -- Colin Watson <cjwatson@debian.org> Wed, 3 Sep 2003 19:14:02 +0100 | ||
20 | |||
21 | openssh (1:3.6.1p2-5) unstable; urgency=low | ||
22 | |||
23 | * Disable cmsg_type check for file descriptor passing when running on | ||
24 | Linux 2.0 (closes: #150976). Remove comments about non-functional | ||
25 | privilege separation on 2.0 from ssh/privsep_ask and ssh/privsep_tell | ||
26 | debconf questions and from README.Debian, since it should all now work. | ||
27 | * Fix "defails" typo in generated sshd_config (closes: #206484). | ||
28 | * Backport upstream patch to strip trailing whitespace (including | ||
29 | newlines) from configuration directives (closes: #192079). | ||
30 | |||
31 | -- Colin Watson <cjwatson@debian.org> Wed, 27 Aug 2003 02:19:57 +0100 | ||
32 | |||
33 | openssh (1:3.6.1p2-4) unstable; urgency=low | ||
34 | |||
35 | * getent can get just one key; no need to use grep (thanks, James Troup). | ||
36 | * Move /usr/local/bin to the front of the default path, following | ||
37 | /etc/login.defs (closes: #201150). | ||
38 | * Remove specifics of problematic countries from package description | ||
39 | (closes: #197040). | ||
40 | * Update Spanish debconf template translation (thanks, Carlos Valdivia | ||
41 | Yagüe; closes: #198456). | ||
42 | * Backport upstream patch to pass monitor signals through to child | ||
43 | (closes: #164797). | ||
44 | |||
45 | -- Colin Watson <cjwatson@debian.org> Sun, 27 Jul 2003 17:31:15 +0100 | ||
46 | |||
47 | openssh (1:3.6.1p2-3) unstable; urgency=low | ||
48 | |||
49 | * Update French debconf template translation (thanks, Christian Perrier; | ||
50 | closes: #194323). | ||
51 | * Version the adduser dependency for --no-create-home (closes: #195756). | ||
52 | * Add a version of moduli(5), namely revision 1.7 of | ||
53 | http://www.openbsd.org/cgi-bin/cvsweb/src/share/man/man5/moduli.5 with | ||
54 | '/etc/moduli' changed to '/etc/ssh/moduli' throughout (closes: #196061). | ||
55 | |||
56 | -- Colin Watson <cjwatson@debian.org> Mon, 9 Jun 2003 02:51:35 +0100 | ||
57 | |||
58 | openssh (1:3.6.1p2-2) unstable; urgency=low | ||
59 | |||
60 | * Force /etc/default/ssh to be non-executable, since dpkg apparently | ||
61 | doesn't deal with permissions changes on conffiles (closes: #192966). | ||
62 | * Use debconf 0.5's seen flag rather than the deprecated isdefault. | ||
63 | * Add GPL location to copyright file. | ||
64 | * Remove debian/postinst.old. | ||
65 | * Switch to po-debconf, with some careful manual use of po2debconf to | ||
66 | ensure that the source package continues to build smoothly on woody | ||
67 | (closes: #183986). | ||
68 | * Update debconf template translations: | ||
69 | - Brazilian Portugese (thanks, Andre Luis Lopes; see #183986). | ||
70 | - Japanese (thanks, Tomohiro KUBOTA; closes: #192429). | ||
71 | * Compile with -fno-builtin-log for now, otherwise gcc-3.3 complains | ||
72 | "log.h:59: warning: conflicting types for built-in function `log'". The | ||
73 | OpenSSH log() function has been renamed in upstream CVS. | ||
74 | |||
75 | -- Colin Watson <cjwatson@debian.org> Mon, 19 May 2003 01:52:38 +0100 | ||
76 | |||
77 | openssh (1:3.6.1p2-1) unstable; urgency=medium | ||
78 | |||
79 | * New upstream release, including fix for PAM user-discovery security hole | ||
80 | (closes: #191681). | ||
81 | * Fix ChallengeResponseAuthentication default in generated sshd_config | ||
82 | (closes: #106037). | ||
83 | * Put newlines after full stops in man page documentation for | ||
84 | ProtocolKeepAlives and SetupTimeOut. | ||
85 | * Policy version 3.5.9: support DEB_BUILD_OPTIONS=noopt, build | ||
86 | gnome-ssh-askpass with -g and -Wall flags. | ||
87 | * Really ask ssh/new_config debconf question before trying to fetch its | ||
88 | value (closes: #188721). | ||
89 | * On purge, remove only the files we know about in /etc/ssh rather than | ||
90 | the whole thing, and remove the directory if that leaves it empty | ||
91 | (closes: #176679). | ||
92 | * ssh has depended on debconf for some time now with no complaints, so: | ||
93 | - Simplify the postinst by relying on debconf being present. (The absent | ||
94 | case was buggy anyway.) | ||
95 | - Get rid of "if you have not installed debconf" text in README.Debian, | ||
96 | and generally update the "/usr/bin/ssh not SUID" entry. | ||
97 | * More README.Debian work: | ||
98 | - Reorganize into "UPGRADE ISSUES" and "OTHER ISSUES", in an effort to | ||
99 | make it easier for people to find the former. The upgrade issues | ||
100 | should probably be sorted by version somehow. | ||
101 | - Document X11UseLocalhost under "X11 Forwarding" (closes: #150913). | ||
102 | * Fix setting of IP flags for interactive sessions (upstream bug #541). | ||
103 | |||
104 | -- Colin Watson <cjwatson@debian.org> Mon, 5 May 2003 17:47:40 +0100 | ||
105 | |||
106 | openssh (1:3.6.1p1-1) unstable; urgency=low | ||
107 | |||
108 | * New upstream release (thanks, Laurence J. Lane). | ||
109 | * debian/control: ssh-askpass-gnome is now Section: gnome, following the | ||
110 | override file. | ||
111 | |||
112 | -- Colin Watson <cjwatson@debian.org> Wed, 2 Apr 2003 00:51:02 +0100 | ||
113 | |||
114 | openssh (1:3.6p1-1) unstable; urgency=low | ||
115 | |||
116 | * New upstream release. | ||
117 | - Workaround applied upstream for a bug in the interaction of glibc's | ||
118 | getaddrinfo() with the Linux 2.2 kernel (closes: #155814). | ||
119 | - As such, it should now be safe to remove --with-ipv4-default, so | ||
120 | starting sshd with -6 is no longer necessary (closes: #79861 and lots | ||
121 | of other merged bugs). | ||
122 | - ssh-copy-id prints usage when run without arguments (closes: #71376). | ||
123 | - scp exits 1 if ssh fails (closes: #138400). | ||
124 | - sshd writes to utmp's ut_addr_v6 field in IPv6 mode (closes: #167867). | ||
125 | - 'ssh-add -c' causes ssh-agent to ask the user each time a key is used | ||
126 | (closes: #109795). | ||
127 | * Install /etc/default/ssh non-executable (closes: #185537). | ||
128 | |||
129 | -- Colin Watson <cjwatson@debian.org> Mon, 31 Mar 2003 23:00:59 +0100 | ||
130 | |||
131 | openssh (1:3.5p1-5) unstable; urgency=low | ||
132 | |||
133 | * Add /etc/default/ssh (closes: #161049). | ||
134 | * Run the init script under 'set -e' (closes: #175010). | ||
135 | * Change the default superuser path to include /sbin, /usr/sbin, and | ||
136 | /usr/local/sbin (closes: #128235, #151267). Using login.defs would be | ||
137 | nice, but that belongs to another package. Without a defined API to | ||
138 | retrieve its settings, parsing it is off-limits. | ||
139 | * Build ssh-askpass-gnome with GNOME 2. The source package should still | ||
140 | support building on stable with GNOME 1, using the alternate | ||
141 | libgnome-dev build-dependency (thanks, Colin Walters; closes: #167582). | ||
142 | |||
143 | -- Colin Watson <cjwatson@debian.org> Sun, 9 Mar 2003 20:12:10 +0000 | ||
144 | |||
145 | openssh (1:3.5p1-4) unstable; urgency=low | ||
146 | |||
147 | * Point rlogin and rcp alternatives at slogin and scp respectively rather | ||
148 | than ssh (closes: #121103, #151666). Fix alternative removal to match; | ||
149 | previously it was completely wrong anyway. | ||
150 | * Find out whether /etc/ssh/sshd_not_to_be_run exists and set the debconf | ||
151 | question's default using that information, rather than using debconf as | ||
152 | a registry. Other solutions may be better in the long run, but this is | ||
153 | at least correct (thanks, Matthew Woodcraft; closes: #84725). | ||
154 | * Stop using pam_lastlog, as it doesn't currently work well as a session | ||
155 | module when privilege separation is enabled; it can usually read | ||
156 | /var/log/lastlog but can't write to it. Instead, just use sshd's | ||
157 | built-in support, already enabled by default (closes: #151297, #169938). | ||
158 | * Use 'ssh-keygen -q' rather than redirecting output to /dev/null. | ||
159 | * Add a "this may take some time" warning when creating host keys on | ||
160 | installation (part of #110094). | ||
161 | * When restarting via the init script, check for sshd_not_to_be_run after | ||
162 | stopping sshd (idea from Tomas Pospisek; closes: #149850). | ||
163 | * Append /usr/sbin:/sbin to the init script's $PATH, just in case of | ||
164 | strangeness (closes: #115138). | ||
165 | * Fix a dpkg-statoverride call to redirect stdout to /dev/null, not | ||
166 | stderr. | ||
167 | * Correct copyright file typo: "orignal" -> "original" (closes: #176490). | ||
168 | * Rebuild with libssl0.9.7 (closes: #176983). | ||
169 | * We're up to policy version 3.5.6. DEB_BUILD_OPTIONS stuff still needs to | ||
170 | be looked at. | ||
171 | |||
172 | -- Colin Watson <cjwatson@debian.org> Sat, 18 Jan 2003 01:37:23 +0000 | ||
173 | |||
174 | openssh (1:3.5p1-3) unstable; urgency=low | ||
175 | |||
176 | * Happy new year! | ||
177 | * Use getent rather than id to find out whether the sshd user exists | ||
178 | (closes: #150974). | ||
179 | * Remove some duplication from the postinst's ssh-keysign setuid code. | ||
180 | * Replace db_text with db_input throughout debian/config. (db_text has | ||
181 | been a compatibility wrapper since debconf 0.1.5.) | ||
182 | * Warn about PermitUserEnvironment on upgrade (closes: #167895). | ||
183 | * Use 'make install-nokeys', and disable unused debhelper commands, | ||
184 | thereby forward-porting the last pieces of Zack Weinberg's patch | ||
185 | (closes: #68341). | ||
186 | * Move the man page for gnome-ssh-askpass from the ssh package to | ||
187 | ssh-askpass-gnome (closes: #174449). | ||
188 | * Build with -DLOGIN_NO_ENDOPT, since Debian's /bin/login doesn't accept | ||
189 | '--' to terminate the list of options (closes: #171554). | ||
190 | * Add Jonathan Amery's ssh-argv0 script (closes: #111341). | ||
191 | * Update Danish debconf template (thanks, Morten Brix Pedersen; | ||
192 | closes: #174757). | ||
193 | * Document setgid ssh-agent's effect on certain environment variables in | ||
194 | README.Debian (closes: #167974). | ||
195 | * Document interoperability problems between scp and ssh.com's server in | ||
196 | README.Debian, and suggest some workarounds (closes: #174662). | ||
197 | |||
198 | -- Colin Watson <cjwatson@debian.org> Wed, 1 Jan 2003 14:18:30 +0000 | ||
199 | |||
200 | openssh (1:3.5p1-2) unstable; urgency=low | ||
201 | |||
202 | * Mention in the ssh package description that it provides both ssh and | ||
203 | sshd (closes: #99680). | ||
204 | * Create a system group for ssh-agent, not a user group (closes: #167669). | ||
205 | |||
206 | -- Colin Watson <cjwatson@debian.org> Mon, 4 Nov 2002 13:43:53 +0000 | ||
207 | |||
208 | openssh (1:3.5p1-1) unstable; urgency=low | ||
209 | |||
210 | * New upstream release. | ||
211 | - Fixes typo in ssh-add usage (closes: #152239). | ||
212 | - Fixes 'PermitRootLogin forced-commands-only' (closes: #166184). | ||
213 | - ~/.ssh/environment and environment= options in ~/.ssh/authorized_keys | ||
214 | are deprecated for security reasons and will eventually go away. For | ||
215 | now they can be re-enabled by setting 'PermitUserEnvironment yes' in | ||
216 | sshd_config. | ||
217 | - ssh-agent is installed setgid to prevent ptrace() attacks. The group | ||
218 | actually doesn't matter, as it drops privileges immediately, but to | ||
219 | avoid confusion the postinst creates a new 'ssh' group for it. | ||
220 | * Obsolete patches: | ||
221 | - Solar Designer's privsep+compression patch for Linux 2.2 (see | ||
222 | 1:3.3p1-0.0woody1). | ||
223 | - Hostbased auth ssh-keysign backport (see 1:3.4p1-4). | ||
224 | |||
225 | * Remove duplicated phrase in ssh_config(5) (closes: #152404). | ||
226 | * Source the debconf confmodule at the top of the postrm rather than at | ||
227 | the bottom, to avoid making future non-idempotency problems worse (see | ||
228 | #151035). | ||
229 | * Debconf templates: | ||
230 | - Add Polish (thanks, Grzegorz Kusnierz). | ||
231 | - Update French (thanks, Denis Barbier; closes: #132509). | ||
232 | - Update Spanish (thanks, Carlos Valdivia Yagüe; closes: #164716). | ||
233 | * Write a man page for gnome-ssh-askpass, and link it to ssh-askpass.1 if | ||
234 | this is the selected ssh-askpass alternative (closes: #67775). | ||
235 | |||
236 | -- Colin Watson <cjwatson@debian.org> Sat, 26 Oct 2002 19:41:51 +0100 | ||
237 | |||
238 | openssh (1:3.4p1-4) unstable; urgency=low | ||
239 | |||
240 | * Allow ssh-krb5 in ssh-askpass-gnome's dependencies (closes: #129532). | ||
241 | * Restore Russia to list of countries where encryption is problematic (see | ||
242 | #148951 and http://www.average.org/freecrypto/). | ||
243 | * Drop ssh-askpass-gnome's priority to optional, per the override file. | ||
244 | * Drop the PAM special case for hurd-i386 (closes: #99157). | ||
245 | * s/dile/idle/ in ssh_config(5) (closes: #118331). | ||
246 | * Note in README.Debian that you need xauth from xbase-clients on the | ||
247 | server for X11 forwarding (closes: #140269). | ||
248 | * Use correct path to upstream README in copyright file (closes: #146037). | ||
249 | * Document the units for ProtocolKeepAlives (closes: #159479). | ||
250 | * Backport upstream patch to fix hostbased auth (closes: #117114). | ||
251 | * Add -g to CFLAGS. | ||
252 | |||
253 | -- Colin Watson <cjwatson@debian.org> Sun, 13 Oct 2002 18:58:53 +0100 | ||
254 | |||
255 | openssh (1:3.4p1-3) unstable; urgency=low | ||
256 | |||
257 | * Add myself to Uploaders: and begin acting as temporary maintainer, at | ||
258 | Matthew's request. (Normal service will resume in some months' time.) | ||
259 | * Add sharutils to Build-Depends (closes: #138465). | ||
260 | * Stop creating the /usr/doc/ssh symlink. | ||
261 | |||
262 | * Fix some debconf template typos (closes: #160358). | ||
263 | * Split debconf templates into one file per language. | ||
264 | * Add debconf template translations: | ||
265 | - Brazilian Portuguese (thanks, Andre Luis Lopes; closes: #106173). | ||
266 | - Danish (thanks, Claus Hindsgaul; closes: #126607). | ||
267 | - Japanese (thanks, Tomohiro KUBOTA; closes: #137427). | ||
268 | - Russian (thanks, Ilgiz Kalmetev; closes: #136610). | ||
269 | - Spanish (thanks, Carlos Valdivia Yagüe; closes: #129041). | ||
270 | * Update debconf template translations: | ||
271 | - French (thanks, Igor Genibel; closes: #151361). | ||
272 | - German (thanks, Axel Noetzold; closes: #147069). | ||
273 | * Some of these translations are fuzzy. Please send updates. | ||
274 | |||
275 | -- Colin Watson <cjwatson@debian.org> Sun, 13 Oct 2002 14:09:57 +0100 | ||
276 | |||
277 | openssh (1:3.4p1-2) unstable; urgency=high | ||
278 | |||
279 | * Get a security-fixed version into unstable | ||
280 | * Also tidy README.Debian up a little | ||
281 | |||
282 | -- Matthew Vernon <matthew@debian.org> Fri, 28 Jun 2002 17:20:59 +0100 | ||
283 | |||
284 | openssh (1:3.4p1-1) testing; urgency=high | ||
285 | |||
286 | * Extend my tendrils back into this package (Closes: #150915, #151098) | ||
287 | * thanks to the security team for their work | ||
288 | * no thanks to ISS/Theo de Raadt for their handling of these bugs | ||
289 | * save old sshd_configs to sshd_config.dpkg-old when auto-generating a | ||
290 | new one | ||
291 | * tell/ask the user about PriviledgeSeparation | ||
292 | * /etc/init.d/ssh run will now create the chroot empty dir if necessary | ||
293 | * Remove our previous statoverride on /usr/bin/ssh (only for people | ||
294 | upgrading from a version where we'd put one in ourselves!) | ||
295 | * Stop slandering Russia, since someone asked so nicely (Closes: #148951) | ||
296 | * Reduce the sleep time in /etc/init.d/ssh during a restart | ||
297 | |||
298 | -- Matthew Vernon <matthew@debian.org> Fri, 28 Jun 2002 15:52:10 +0100 | ||
299 | |||
300 | openssh (1:3.4p1-0.0woody1) testing-security; urgency=high | ||
301 | |||
302 | * NMU by the security team. | ||
303 | * New upstream version | ||
304 | |||
305 | -- Michael Stone <mstone@debian.org> Wed, 26 Jun 2002 15:40:38 -0400 | ||
306 | |||
307 | openssh (1:3.3p1-0.0woody4) testing-security; urgency=high | ||
308 | |||
309 | * NMU by the security team. | ||
310 | * fix error when /etc/ssh/sshd_config exists on new install | ||
311 | * check that user doesn't exist before running adduser | ||
312 | * use openssl internal random unconditionally | ||
313 | |||
314 | -- Michael Stone <mstone@debian.org> Tue, 25 Jun 2002 19:44:39 -0400 | ||
315 | |||
316 | openssh (1:3.3p1-0.0woody3) testing-security; urgency=high | ||
317 | |||
318 | * NMU by the security team. | ||
319 | * use correct home directory when sshd user is created | ||
320 | |||
321 | -- Michael Stone <mstone@debian.org> Tue, 25 Jun 2002 08:59:50 -0400 | ||
322 | |||
323 | openssh (1:3.3p1-0.0woody2) testing-security; urgency=high | ||
324 | |||
325 | * NMU by the security team. | ||
326 | * Fix rsa1 key creation (Closes: #150949) | ||
327 | * don't fail if sshd user removal fails | ||
328 | * depends: on adduser (Closes: #150907) | ||
329 | |||
330 | -- Michael Stone <mstone@debian.org> Tue, 25 Jun 2002 08:59:50 -0400 | ||
331 | |||
332 | openssh (1:3.3p1-0.0woody1) testing-security; urgency=high | ||
333 | |||
334 | * NMU by the security team. | ||
335 | * New upstream version. | ||
336 | - Enable privilege separation by default. | ||
337 | * Include patch from Solar Designer for privilege separation and | ||
338 | compression on 2.2.x kernels. | ||
339 | * Remove --disable-suid-ssh from configure. | ||
340 | * Support setuid ssh-keysign binary instead of setuid ssh client. | ||
341 | * Check sshd configuration before restarting. | ||
342 | |||
343 | -- Daniel Jacobowitz <dan@debian.org> Mon, 24 Jun 2002 13:43:44 -0400 | ||
344 | |||
345 | openssh (1:3.0.2p1-9) unstable; urgency=high | ||
346 | |||
347 | * Thanks to those who NMUd | ||
348 | * The only change in this version is to debian/control - I've removed | ||
349 | the bit that says you can't export it from the US - it would look | ||
350 | pretty daft to say this about a package in main! Also, it's now OK | ||
351 | to use crypto in France, so I've edited that comment slightly | ||
352 | * Correct a path in README.Debian too (Closes: #138634) | ||
353 | |||
354 | -- Matthew Vernon <matthew@debian.org> Sun, 4 Apr 2002 09:52:59 +0100 | ||
355 | |||
356 | openssh (1:3.0.2p1-8.3) unstable; urgency=medium | ||
357 | |||
358 | * NMU | ||
359 | * Really set urgency to medium this time (oops) | ||
360 | * Fix priority to standard per override while I'm at it | ||
361 | |||
362 | -- Aaron M. Ucko <ucko@debian.org> Sun, 24 Mar 2002 09:00:08 -0500 | ||
363 | |||
364 | openssh (1:3.0.2p1-8.2) unstable; urgency=low | ||
365 | |||
366 | * NMU with maintainer's permission | ||
367 | * Prepare for upcoming ssh-nonfree transitional packages per | ||
368 | <http://lists.debian.org/debian-ssh/2002/debian-ssh-200203/msg00008.html> | ||
369 | * Urgency medium because it would really be good to get this into woody | ||
370 | before it releases | ||
371 | * Fix sections to match override file | ||
372 | * Reissued due to clash with non-US -> main move | ||
373 | |||
374 | -- Aaron M. Ucko <ucko@debian.org> Sat, 23 Mar 2002 21:21:52 -0500 | ||
375 | |||
376 | openssh (1:3.0.2p1-8.1) unstable; urgency=low | ||
377 | |||
378 | * NMU | ||
379 | * Move from non-US to mani | ||
380 | |||
381 | -- LaMont Jones <lamont@debian.org> Thu, 21 Mar 2002 09:33:50 -0700 | ||
382 | |||
383 | openssh (1:3.0.2p1-8) unstable; urgency=critical | ||
384 | |||
385 | * Security fix - patch from upstream (Closes: #137209, #137210) | ||
386 | * Undo the changes in the unreleased -7, since they appear to break | ||
387 | things here. Accordingly, the code change is minimal, and I'm | ||
388 | happy to get it into testing ASAP | ||
389 | |||
390 | -- Matthew Vernon <matthew@debian.org> Thu, 7 Mar 2002 14:25:23 +0000 | ||
391 | |||
392 | openssh (1:3.0.2p1-7) unstable; urgency=high | ||
393 | |||
394 | * Build to support IPv6 and IPv4 by default again | ||
395 | |||
396 | -- Matthew Vernon <matthew@debian.org> Sat, 2 Mar 2002 00:25:05 +0000 | ||
397 | |||
398 | openssh (1:3.0.2p1-6) unstable; urgency=high | ||
399 | |||
400 | * Correct error in the clean target (Closes: #130868) | ||
401 | |||
402 | -- Matthew Vernon <matthew@debian.org> Sat, 26 Jan 2002 00:32:00 +0000 | ||
403 | |||
404 | openssh (1:3.0.2p1-5) unstable; urgency=medium | ||
405 | |||
406 | * Include the Debian version in our identification, to make it easier to | ||
407 | audit networks for patched versions in future | ||
408 | |||
409 | -- Matthew Vernon <matthew@debian.org> Mon, 21 Jan 2002 17:16:10 +0000 | ||
410 | |||
411 | openssh (1:3.0.2p1-4) unstable; urgency=medium | ||
412 | |||
413 | * If we're asked to not run sshd, stop any running sshd's first | ||
414 | (Closes: #129327) | ||
415 | |||
416 | -- Matthew Vernon <matthew@debian.org> Wed, 16 Jan 2002 21:24:16 +0000 | ||
417 | |||
418 | openssh (1:3.0.2p1-3) unstable; urgency=high | ||
419 | |||
420 | * Fix /etc/pam.d/ssh to not set $MAIL (Closes: #128913) | ||
421 | * Remove extra debconf suggestion (Closes: #128094) | ||
422 | * Mmm. speedy bug-fixing :-) | ||
423 | |||
424 | -- Matthew Vernon <matthew@debian.org> Sat, 12 Jan 2002 17:23:58 +0000 | ||
425 | |||
426 | openssh (1:3.0.2p1-2) unstable; urgency=high | ||
427 | |||
428 | * Fix postinst to not automatically overwrite sshd_config (!) | ||
429 | (Closes: #127842, #127867) | ||
430 | * Add section in README.Debian about the PermitRootLogin setting | ||
431 | |||
432 | -- Matthew Vernon <matthew@debian.org> Sat, 5 Jan 2003 05:26:30 +0000 | ||
433 | |||
434 | openssh (1:3.0.2p1-1) unstable; urgency=high | ||
435 | |||
436 | * Incorporate fix from Colin's NMU | ||
437 | * New upstream version (fixes the bug Wichert fixed) (Closes: #124035) | ||
438 | * Capitalise IETF (Closes: #125379) | ||
439 | * Refer to the correct sftp-server location (Closes: #126854, #126224) | ||
440 | * Do what we're asked re SetUID ssh (Closes: #124065, #124154, #123247) | ||
441 | * Ask people upgrading from potato if they want a new conffile | ||
442 | (Closes: #125642) | ||
443 | * Fix a typo in postinst (Closes: #122192, #122410, #123440) | ||
444 | * Frob the default config a little (Closes: #122284, #125827, #125696, | ||
445 | #123854) | ||
446 | * Make /etc/init.d/ssh be more clear about ssh not running (Closes: | ||
447 | #123552) | ||
448 | * Fix typo in templates file (Closes: #123411) | ||
449 | |||
450 | -- Matthew Vernon <matthew@debian.org> Fri, 4 Jan 2002 16:01:52 +0000 | ||
451 | |||
452 | openssh (1:3.0.1p1-1.2) unstable; urgency=high | ||
453 | |||
454 | * Non-maintainer upload | ||
455 | * Prevent local users from passing environment variables to the login | ||
456 | process when UseLogin is enabled | ||
457 | |||
458 | -- Wichert Akkerman <wakkerma@debian.org> Mon, 3 Dec 2001 19:34:45 +0100 | ||
459 | |||
460 | openssh (1:3.0.1p1-1.1) unstable; urgency=low | ||
461 | |||
462 | * Non-maintainer upload, at Matthew's request. | ||
463 | * Remove sa_restorer assignment to fix compilation on alpha, hppa, and | ||
464 | ia64 (closes: #122086). | ||
465 | |||
466 | -- Colin Watson <cjwatson@debian.org> Sun, 2 Dec 2001 18:54:16 +0000 | ||
467 | |||
468 | openssh (1:3.0.1p1-1) unstable; urgency=high | ||
469 | |||
470 | * New upstream version (Closes: #113646, #113513, #114707, #118564) | ||
471 | * Building with a libc that works (!) (Closes: #115228) | ||
472 | * Patches forward-ported are -1/-2 options for scp, the improvement to | ||
473 | 'waiting for forwarded connections to terminate...' | ||
474 | * Fix /etc/init.d/ssh to stop sshd properly (Closes: #115228) | ||
475 | * /etc/ssh/sshd_config is no longer a conffile but generated in the postinst | ||
476 | * Remove suidregister leftover from postrm | ||
477 | * Mention key we are making in the postinst | ||
478 | * Default to not enable SSH protocol 1 support, since protocol 2 is | ||
479 | much safer anyway. | ||
480 | * New version of the vpn-fixes patch, from Ian Jackson | ||
481 | * New handling of -q, and added new -qq option; thanks to Jon Amery | ||
482 | * Experimental smartcard support not enabled, since I have no way of | ||
483 | testing it. | ||
484 | |||
485 | -- Matthew Vernon <matthew@debian.org> Thu, 28 Nov 2001 17:43:01 +0000 | ||
486 | |||
487 | openssh (1:2.9p2-6) unstable; urgency=low | ||
488 | |||
489 | * check for correct file in /etc/init.d/ssh (Closes: #110876) | ||
490 | * correct location of version 2 keys in ssh.1 (Closes: #110439) | ||
491 | * call update-alternatives --quiet (Closes: #103314) | ||
492 | * hack ssh-copy-id to chmod go-w (Closes: #95551) | ||
493 | * TEMPORARY fix to provide largefile support using a -D in the cflags | ||
494 | line. long-term, upstream will patch the autoconf stuff | ||
495 | (Closes: #106809, #111849) | ||
496 | * remove /etc/rc references in ssh-keygen.1 (Closes: #68350) | ||
497 | * scp.1 patch from Adam McKenna to document -r properly (Closes: #76054) | ||
498 | * Check for files containing a newline character (Closes: #111692) | ||
499 | |||
500 | -- Matthew Vernon <matthew@debian.org> Thu, 13 Sep 2001 16:47:36 +0100 | ||
501 | |||
502 | openssh (1:2.9p2-5) unstable; urgency=high | ||
503 | |||
504 | * Thanks to all the bug-fixers who helped! | ||
505 | * remove sa_restorer assignment (Closes: #102837) | ||
506 | * patch from Peter Benie to DTRT wrt X forwarding if the server refuses | ||
507 | us access (Closes: #48297) | ||
508 | * patch from upstream CVS to fix port forwarding (Closes: #107132) | ||
509 | * patch from Jonathan Amery to document ssh-keygen behaviour | ||
510 | (Closes:#106643, #107512) | ||
511 | * patch to postinst from Jonathan Amery (Closes: #106411) | ||
512 | * patch to manpage from Jonathan Amery (Closes: #107364) | ||
513 | * patch from Matthew Vernon to make -q emit fatal errors as that is the | ||
514 | documented behaviour (Closes: #64347) | ||
515 | * patch from Ian Jackson to cause us to destroy a file when we scp it | ||
516 | onto itself, rather than dumping bits of our memory into it, which was | ||
517 | a security hole (see #51955) | ||
518 | * patch from Jonathan Amery to document lack of Kerberos support | ||
519 | (Closes: #103726) | ||
520 | * patch from Matthew Vernon to make the 'waiting for connections to | ||
521 | terminate' message more helpful (Closes: #50308) | ||
522 | |||
523 | -- Matthew Vernon <matthew@debian.org> Thu, 23 Aug 2001 02:14:09 +0100 | ||
524 | |||
525 | openssh (1:2.9p2-4) unstable; urgency=high | ||
526 | |||
527 | * Today's build of ssh is strawberry flavoured | ||
528 | * Patch from mhp to reduce length of time sshd is stopped for (Closes: #106176) | ||
529 | * Tidy up debconf template (Closes: #106152) | ||
530 | * If called non-setuid, then setgid()'s failure should not be fatal (see | ||
531 | #105854) | ||
532 | |||
533 | -- Matthew Vernon <matthew@debian.org> Sun, 22 Jul 2001 14:19:43 +0100 | ||
534 | |||
535 | openssh (1:2.9p2-3) unstable; urgency=low | ||
536 | |||
537 | * Patch from yours truly to add -1 and -2 options to scp (Closes: #106061) | ||
538 | * Improve the IdentityFile section in the man page (Closes: #106038) | ||
539 | |||
540 | -- Matthew Vernon <matthew@debian.org> Sat, 21 Jul 2001 14:47:27 +0100 | ||
541 | |||
542 | openssh (1:2.9p2-2) unstable; urgency=low | ||
543 | |||
544 | * Document the protocol version 2 and IPV6 changes (Closes: #105845, #105868) | ||
545 | * Make PrintLastLog 'no' by default (Closes: #105893) | ||
546 | |||
547 | -- Matthew Vernon <matthew@debian.org> Thu, 19 Jul 2001 18:36:41 +0100 | ||
548 | |||
549 | openssh (1:2.9p2-1) unstable; urgency=low | ||
550 | |||
551 | * new (several..) upstream version (Closes: #96726, #81856, #96335) | ||
552 | * Hopefully, this will close some other bugs too | ||
553 | |||
554 | -- Matthew Vernon <matthew@debian.org> Tue, 17 Jul 2001 19:41:58 +0100 | ||
555 | |||
556 | openssh (1:2.5.2p2-3) unstable; urgency=low | ||
557 | |||
558 | * Taking Over this package | ||
559 | * Patches from Robert Bihlmeyer for the Hurd (Closes: #102991) | ||
560 | * Put PermitRootLogin back to yes (Closes: #67334, #67371, #78274) | ||
561 | * Don't fiddle with conf-files any more (Closes: #69501) | ||
562 | |||
563 | -- Matthew Vernon <matthew@debian.org> Tue, 03 Jul 2001 02:58:13 +0100 | ||
564 | |||
565 | openssh (1:2.5.2p2-2.2) unstable; urgency=low | ||
566 | |||
567 | * NMU | ||
568 | * Include Hurd compatibility patches from Robert Bihlmeyer (Closes: #76033) | ||
569 | * Patch from Richard Kettlewell for protocolkeepalives (Closes: #99273) | ||
570 | * Patch from Matthew Vernon for BannerTimeOut, batchmode, and | ||
571 | documentation for protocolkeepalives. Makes ssh more generally useful | ||
572 | for scripting uses (Closes: #82877, #99275) | ||
573 | * Set a umask, so ourpidfile isn't world-writable (closes: #100012, | ||
574 | #98286, #97391) | ||
575 | |||
576 | -- Matthew Vernon <matthew@debian.org> Thu, 28 Jun 2001 23:15:42 +0100 | ||
577 | |||
578 | openssh (1:2.5.2p2-2.1) unstable; urgency=low | ||
579 | |||
580 | * NMU | ||
581 | * Remove duplicate Build-Depends for libssl096-dev and change it to | ||
582 | depend on libssl-dev instaed. Also adding in virtual | real package | ||
583 | style build-deps. (Closes: #93793, #75228) | ||
584 | * Removing add-log entry (Closes: #79266) | ||
585 | * This was a pam bug from a while back (Closes: #86908, #88457, #86843) | ||
586 | * pam build-dep already exists (Closes: #93683) | ||
587 | * libgnome-dev build-dep already exists (Closes: #93694) | ||
588 | * No longer in non-free (Closes: #85401) | ||
589 | * Adding in fr debconf translations (Closes: #83783) | ||
590 | * Already suggests xbase-clients (Closes: #79741) | ||
591 | * No need to suggest libpam-pwdb anymore (Closes: #81658) | ||
592 | * Providing rsh-client (Closes: #79437) | ||
593 | * hurd patch was already applied (Closes: #76033) | ||
594 | * default set to no (Closes: #73682) | ||
595 | * Adding in a suggests for dnsutils (Closes: #93265) | ||
596 | * postinst bugs fixed (Closes: #88057, #88066, #88196, #88405, #88612) | ||
597 | (Closes: #88774, #88196, #89556, #90123, #90228, #90833, #87814, #85465) | ||
598 | * Adding in debconf dependency | ||
599 | |||
600 | -- Ivan E. Moore II <rkrusty@debian.org> Mon, 16 Apr 2001 14:11:04 +0100 | ||
601 | |||
602 | openssh (1:2.5.2p2-2) unstable; urgency=high | ||
603 | |||
604 | * disable the OpenSSL version check in entropy.c | ||
605 | (closes: #93581, #93588, #93590, #93614, #93619, #93635, #93648) | ||
606 | |||
607 | -- Philip Hands <phil@uk.alcove.com> Wed, 11 Apr 2001 20:30:04 +0100 | ||
608 | |||
609 | openssh (1:2.5.2p2-1) unstable; urgency=low | ||
610 | |||
611 | * New upstream release | ||
612 | * removed make-ssh-known-hosts, since ssh-keyscan does that job (closes: #86069, #87748) | ||
613 | * fix double space indent in german templates (closes: #89493) | ||
614 | * make postinst check for ssh_host_rsa_key | ||
615 | * get rid of the last of the misguided debian/rules NMU debris :-/ | ||
616 | |||
617 | -- Philip Hands <phil@hands.com> Sat, 24 Mar 2001 20:59:33 +0000 | ||
618 | |||
619 | openssh (1:2.5.1p2-2) unstable; urgency=low | ||
620 | |||
621 | * rebuild with new debhelper (closes: #89558, #89536, #90225) | ||
622 | * fix broken dpkg-statoverride test in postinst | ||
623 | (closes: #89612, #90474, #90460, #89605) | ||
624 | * NMU bug fixed but not closed in last upload (closes: #88206) | ||
625 | |||
626 | -- Philip Hands <phil@hands.com> Fri, 23 Mar 2001 16:11:33 +0000 | ||
627 | |||
628 | openssh (1:2.5.1p2-1) unstable; urgency=high | ||
629 | |||
630 | * New upstream release | ||
631 | * fix typo in postinst (closes: #88110) | ||
632 | * revert to setting PAM service name in debian/rules, backing out last | ||
633 | NMU, which also (closes: #88101) | ||
634 | * restore the pam lastlog/motd lines, lost during the NMUs, and sshd_config | ||
635 | * restore printlastlog option patch | ||
636 | * revert to using debhelper, which had been partially disabled in NMUs | ||
637 | |||
638 | -- Philip Hands <phil@hands.com> Tue, 13 Mar 2001 01:41:34 +0000 | ||
639 | |||
640 | openssh (1:2.5.1p1-1.8) unstable; urgency=high | ||
641 | |||
642 | * And now the old pam-bug s/sshd/ssh in ssh.c is also fixed | ||
643 | |||
644 | -- Christian Kurz <shorty@debian.org> Thu, 1 Mar 2001 19:48:01 +0100 | ||
645 | |||
646 | openssh (1:2.5.1p1-1.7) unstable; urgency=high | ||
647 | |||
648 | * And now we mark the correct binary as setuid, when a user requested | ||
649 | to install it setuid. | ||
650 | |||
651 | -- Christian Kurz <shorty@debian.org> Thu, 1 Mar 2001 07:19:56 +0100 | ||
652 | |||
653 | openssh (1:2.5.1p1-1.6) unstable; urgency=high | ||
654 | |||
655 | * Fixes postinst to handle overrides that are already there. Damn, I | ||
656 | should have noticed the bug earlier. | ||
657 | |||
658 | -- Christian Kurz <shorty@debian.org> Wed, 28 Feb 2001 22:35:00 +0100 | ||
659 | |||
660 | openssh (1:2.5.1p1-1.5) unstable; urgency=high | ||
661 | |||
662 | * Rebuild ssh with pam-support. | ||
663 | |||
664 | -- Christian Kurz <shorty@debian.org> Mon, 26 Feb 2001 21:55:51 +0100 | ||
665 | |||
666 | openssh (1:2.5.1p1-1.4) unstable; urgency=low | ||
667 | |||
668 | * Added Build-Depends on libssl096-dev. | ||
669 | * Fixed sshd_config file to disallow root logins again. | ||
670 | |||
671 | -- Christian Kurz <shorty@debian.org> Sun, 25 Feb 2001 20:03:55 +0100 | ||
672 | |||
673 | openssh (1:2.5.1p1-1.3) unstable; urgency=low | ||
674 | |||
675 | * Fixed missing manpages for sftp.1 and ssh-keyscan.1 | ||
676 | * Made package policy 3.5.2 compliant. | ||
677 | |||
678 | -- Christian Kurz <shorty@debian.org> Sun, 25 Feb 2001 15:46:26 +0100 | ||
679 | |||
680 | openssh (1:2.5.1p1-1.2) unstable; urgency=low | ||
681 | |||
682 | * Added Conflict with sftp, since we now provide our own sftp-client. | ||
683 | * Added a fix for our broken dpkg-statoverride call in the | ||
684 | 2.3.0p1-13. | ||
685 | * Fixed some config pathes in the comments of sshd_config. | ||
686 | * Removed ssh-key-exchange-vulnerability-patch since it's not needed | ||
687 | anymore because upstream included the fix. | ||
688 | |||
689 | -- Christian Kurz <shorty@debian.org> Sun, 25 Feb 2001 13:46:58 +0100 | ||
690 | |||
691 | openssh (1:2.5.1p1-1.1) unstable; urgency=high | ||
692 | |||
693 | * Another NMU to get the new upstream version 2.5.1p1 into | ||
694 | unstable. (Closes: #87123) | ||
695 | * Corrected postinst to mark ssh as setuid. (Closes: #86391, #85766) | ||
696 | * Key Exchange patch is already included by upstream. (Closes: #86015) | ||
697 | * Upgrading should be possible now. (Closes: #85525, #85523) | ||
698 | * Added --disable-suid-ssh as compile option, so ssh won't get installed | ||
699 | suid per default. | ||
700 | * Fixed postinst to run dpkg-statoverride only, when dpkg-statoverride | ||
701 | is available and the mode of the binary should be 4755. And also added | ||
702 | suggestion for a newer dpkg. | ||
703 | (Closes: #85734, #85741, #86876) | ||
704 | * sftp and ssh-keyscan will also be included from now on. (Closes: #79994) | ||
705 | * scp now understands spaces in filenames (Closes: #53783, #58958, | ||
706 | #66723) | ||
707 | * ssh-keygen now supports showing DSA fingerprints. (Closes: #68623) | ||
708 | * ssh doesn' t show motd anymore when switch -t is used. (Closes #69035) | ||
709 | * ssh supports the usage of other dsa keys via the ssh command line | ||
710 | options. (Closes: #81250) | ||
711 | * Documentation in sshd_config fixed. (Closes: #81088) | ||
712 | * primes file included by upstream and included now. (Closes: #82101) | ||
713 | * scp now allows dots in the username. (Closes: #82477) | ||
714 | * Spelling error in ssh-copy-id.1 corrected by upstream. (Closes: #78124) | ||
715 | |||
716 | -- Christian Kurz <shorty@debian.org> Sun, 25 Feb 2001 10:06:08 +0100 | ||
717 | |||
718 | openssh (1:2.3.0p1-1.13) unstable; urgency=low | ||
719 | |||
720 | * Config should now also be fixed with this hopefully last NMU. | ||
721 | |||
722 | -- Christian Kurz <shorty@debian.org> Sat, 10 Feb 2001 22:56:36 +0100 | ||
723 | |||
724 | openssh (1:2.3.0p1-1.12) unstable; urgency=high | ||
725 | |||
726 | * Added suggest for xbase-clients to control-file. (Closes #85227) | ||
727 | * Applied patch from Markus Friedl to fix a vulnerability in | ||
728 | the rsa keyexchange. | ||
729 | * Fixed position of horizontal line. (Closes: #83613) | ||
730 | * Fixed hopefully the grep problem in the config-file. (Closes: #78802) | ||
731 | * Converted package from suidregister to dpkg-statoverride. | ||
732 | |||
733 | -- Christian Kurz <shorty@debian.org> Fri, 9 Feb 2001 19:43:55 +0100 | ||
734 | |||
735 | openssh (1:2.3.0p1-1.11) unstable; urgency=medium | ||
736 | |||
737 | * Fixed some typos in the german translation of the debconf | ||
738 | template. | ||
739 | |||
740 | -- Christian Kurz <shorty@debian.org> Wed, 24 Jan 2001 18:22:38 +0100 | ||
741 | |||
742 | openssh (1:2.3.0p1-1.10) unstable; urgency=medium | ||
743 | |||
744 | * Fixed double printing of motd. (Closes: #82618) | ||
745 | |||
746 | -- Christian Kurz <shorty@debian.org> Tue, 23 Jan 2001 21:03:43 +0100 | ||
747 | |||
748 | openssh (1:2.3.0p1-1.9) unstable; urgency=high | ||
749 | |||
750 | * And the next NMU which includes the patch from Andrew Bartlett | ||
751 | and Markus Friedl to fix the root privileges handling of openssh. | ||
752 | (Closes: #82657) | ||
753 | |||
754 | -- Christian Kurz <shorty@debian.org> Wed, 17 Jan 2001 22:20:54 +0100 | ||
755 | |||
756 | openssh (1:2.3.0p1-1.8) unstable; urgency=high | ||
757 | |||
758 | * Applied fix from Ryan Murray to allow building on other architectures | ||
759 | since the hurd patch was wrong. (Closes: #82471) | ||
760 | |||
761 | -- Christian Kurz <shorty@debian.org> Tue, 16 Jan 2001 22:45:51 +0100 | ||
762 | |||
763 | openssh (1:2.3.0p1-1.7) unstable; urgency=medium | ||
764 | |||
765 | * Fixed another typo on sshd_config | ||
766 | |||
767 | -- Christian Kurz <shorty@debian.org> Sun, 14 Jan 2001 19:01:31 +0100 | ||
768 | |||
769 | openssh (1:2.3.0p1-1.6) unstable; urgency=high | ||
770 | |||
771 | * Added Build-Dependency on groff (Closes: #81886) | ||
772 | * Added Build-Depencency on debhelper (Closes: #82072) | ||
773 | * Fixed entry for known_hosts in sshd_config (Closes: #82096) | ||
774 | |||
775 | -- Christian Kurz <shorty@debian.org> Thu, 11 Jan 2001 23:08:16 +0100 | ||
776 | |||
777 | openssh (1:2.3.0p1-1.5) unstable; urgency=high | ||
778 | |||
779 | * Fixed now also the problem with sshd used as default ipv4 and | ||
780 | didn't use IPv6. This should be now fixed. | ||
781 | |||
782 | -- Christian Kurz <shorty@debian.org> Thu, 11 Jan 2001 21:25:55 +0100 | ||
783 | |||
784 | openssh (1:2.3.0p1-1.4) unstable; urgency=high | ||
785 | |||
786 | * Fixed buggy entry in postinst. | ||
787 | |||
788 | -- Christian Kurz <shorty@debian.org> Wed, 10 Jan 2001 23:12:16 +0100 | ||
789 | |||
790 | openssh (1:2.3.0p1-1.3) unstable; urgency=high | ||
791 | |||
792 | * After finishing the rewrite of the rules-file I had to notice that | ||
793 | the manpage installation was broken. This should now work again. | ||
794 | |||
795 | -- Christian Kurz <shorty@debian.org> Wed, 10 Jan 2001 22:11:59 +0100 | ||
796 | |||
797 | openssh (1:2.3.0p1-1.2) unstable; urgency=high | ||
798 | |||
799 | * Fixed the screwed up build-dependency. | ||
800 | * Removed --with-ipv4-default to support ipv6. | ||
801 | * Changed makefile to use /etc/pam.d/ssh instead of /etc/pam.d/sshd. | ||
802 | * Fixed location to sftp-server in config. | ||
803 | * Since debian still relies on /etc/pam.d/ssh instead of moving to | ||
804 | /etc/pam.d/sshd, I had to hack ssh.h to get ssh to use this name. | ||
805 | * Fixed path to host key in sshd_config. | ||
806 | |||
807 | -- Christian Kurz <shorty@debian.org> Wed, 10 Jan 2001 08:23:47 +0100 | ||
808 | |||
809 | openssh (1:2.3.0p1-1.1) unstable; urgency=medium | ||
810 | |||
811 | * NMU with permission of Phil Hands. | ||
812 | * New upstream release | ||
813 | * Update Build-Depends to point to new libssl096. | ||
814 | * This upstream release doesn't leak any information depending | ||
815 | on the setting of PermitRootLogin (Closes: #59933) | ||
816 | * New upstream release contains fix against forcing a client to | ||
817 | do X/agent forwarding (Closes: #76788) | ||
818 | * Changed template to contain correct path to the documentation | ||
819 | (Closes: #67245) | ||
820 | * Added --with-4in6 switch as compile option into debian/rules. | ||
821 | * Added --with-ipv4-default as compile option into debian/rules. | ||
822 | (Closes: #75037) | ||
823 | * Changed default path to also contain /usr/local/bin and | ||
824 | /usr/X11R6/bin (Closes: #62472,#54567,#62810) | ||
825 | * Changed path to sftp-server in sshd_config to match the | ||
826 | our package (Closes: #68347) | ||
827 | * Replaced OpenBSDh with OpenBSD in the init-script. | ||
828 | * Changed location to original source in copyright.head | ||
829 | * Changed behaviour of init-script when invoked with the option | ||
830 | restart (Closes: #68706,#72560) | ||
831 | * Added a note about -L option of scp to README.Debian | ||
832 | * ssh won't print now the motd if invoked with -t option | ||
833 | (Closes: #59933) | ||
834 | * RFC.nroff.gz get's now converted into RFC.gz. (Closes: #63867) | ||
835 | * Added a note about tcp-wrapper support to README.Debian | ||
836 | (Closes: #72807,#22190) | ||
837 | * Removed two unneeded options from building process. | ||
838 | * Added sshd.pam into debian dir and install it. | ||
839 | * Commented out unnecessary call to dh_installinfo. | ||
840 | * Added a line to sshd.pam so that limits will be paid attention | ||
841 | to (Closes: #66904) | ||
842 | * Restart Option has a Timeout of 10 seconds (Closes: 51264) | ||
843 | * scp won't override files anymore (Closes: 51955) | ||
844 | * Removed pam_lastlog module, so that the lastlog is now printed | ||
845 | only once (Closes: #71742, #68335, #69592, #71495, #77781) | ||
846 | * If password is expired, openssh now forces the user to change it. | ||
847 | (Closes: #51747) | ||
848 | * scp should now have no more problems with shell-init-files that | ||
849 | produces ouput (Closes: #56280,#59873) | ||
850 | * ssh now prints the motd correctly (Closes: #66926) | ||
851 | * ssh upgrade should disable ssh daemon only if users has choosen | ||
852 | to do so (Closes: #67478) | ||
853 | * ssh can now be installed suid (Closes: #70879) | ||
854 | * Modified debian/rules to support hurd. | ||
855 | |||
856 | -- Christian Kurz <shorty@debian.org> Wed, 27 Dec 2000 20:06:57 +0100 | ||
857 | |||
858 | openssh (1:2.2.0p1-1.1) unstable; urgency=medium | ||
859 | |||
860 | * Non-Maintainer Upload | ||
861 | * Check for new returns in the new libc | ||
862 | (closes: #72803, #74393, #72797, #71307, #71702) | ||
863 | * Link against libssl095a (closes: #66304) | ||
864 | * Correct check for PermitRootLogin (closes: #69448) | ||
865 | |||
866 | -- Ryan Murray <rmurray@debian.org> Wed, 18 Oct 2000 00:48:18 -0700 | ||
867 | |||
868 | openssh (1:2.2.0p1-1) unstable; urgency=low | ||
869 | |||
870 | * New upstream release | ||
871 | |||
872 | -- Philip Hands <phil@hands.com> Mon, 11 Sep 2000 14:49:43 +0100 | ||
873 | |||
874 | openssh (1:2.1.1p4-3) unstable; urgency=low | ||
875 | |||
876 | * add rsh alternatives | ||
877 | * add -S option to scp (using Tommi Virtanen's patch) (closes: #63097) | ||
878 | * do the IPV4_DEFAULT thing properly this time | ||
879 | |||
880 | -- Philip Hands <phil@hands.com> Fri, 11 Aug 2000 18:14:37 +0100 | ||
881 | |||
882 | openssh (1:2.1.1p4-2) unstable; urgency=low | ||
883 | |||
884 | * reinstate manpage .out patch from 1:1.2.3 | ||
885 | * fix typo in postinst | ||
886 | * only compile ssh with IPV4_DEFAULT | ||
887 | * apply James Troup's patch to add a -o option to scp and updated manpage | ||
888 | |||
889 | -- Philip Hands <phil@hands.com> Sun, 30 Jul 2000 00:12:49 +0100 | ||
890 | |||
891 | openssh (1:2.1.1p4-1) unstable; urgency=low | ||
892 | |||
893 | * New upstream release | ||
894 | |||
895 | -- Philip Hands <phil@hands.com> Sat, 29 Jul 2000 14:46:16 +0100 | ||
896 | |||
897 | openssh (1:1.2.3-10) unstable; urgency=low | ||
898 | |||
899 | * add version to libpam-modules dependency, because old versions of | ||
900 | pam_motd make it impossible to log in. | ||
901 | |||
902 | -- Philip Hands <phil@hands.com> Sat, 29 Jul 2000 13:28:22 +0100 | ||
903 | |||
904 | openssh (1:1.2.3-9) frozen unstable; urgency=low | ||
905 | |||
906 | * force location of /usr/bin/X11/xauth | ||
907 | (closes: #64424, #66437, #66859) *RC* | ||
908 | * typos in config (closes: #66779, #66780) | ||
909 | * sshd_not_to_be_run could be assumed to be true, in error, if the config | ||
910 | script died in an unusual way --- I've reversed this (closes: #66335) | ||
911 | * Apply Zack Weinberg <zack@wolery.cumb.org>'s patch to ssh-askpass-ptk | ||
912 | (closes: #65981) | ||
913 | * change default for PermitRootLogin to "no" (closes: #66406) | ||
914 | |||
915 | -- Philip Hands <phil@hands.com> Tue, 11 Jul 2000 20:51:18 +0100 | ||
916 | |||
917 | openssh (1:1.2.3-8) frozen unstable; urgency=low | ||
918 | |||
919 | * get rid of Provides: rsh-server (this will mean that rstartd | ||
920 | will need to change it's depends to deal with #63948, which I'm | ||
921 | reopening) (closes: #66257) | ||
922 | Given that this is also a trivial change, and is a reversal of a | ||
923 | change that was mistakenly made after the freeze, I think this should | ||
924 | also go into frozen. | ||
925 | |||
926 | -- Philip Hands <phil@hands.com> Wed, 28 Jun 2000 03:26:30 +0100 | ||
927 | |||
928 | openssh (1:1.2.3-7) frozen unstable; urgency=low | ||
929 | |||
930 | * check if debconf is installed before calling db_stop in postinst. | ||
931 | This is required to allow ssh to be installed when debconf is not | ||
932 | wanted, which probably makes it an RC upload (hopefully the last of | ||
933 | too many). | ||
934 | |||
935 | -- Philip Hands <phil@hands.com> Wed, 28 Jun 2000 03:19:47 +0100 | ||
936 | |||
937 | openssh (1:1.2.3-6) frozen unstable; urgency=low | ||
938 | |||
939 | * fixed depressing little bug involving a line wrap looking like | ||
940 | a blank line in the templates file *RC* | ||
941 | (closes: #66090, #66078, #66083, #66182) | ||
942 | |||
943 | -- Philip Hands <phil@hands.com> Mon, 26 Jun 2000 00:45:05 +0100 | ||
944 | |||
945 | openssh (1:1.2.3-5) frozen unstable; urgency=low | ||
946 | |||
947 | * add code to prevent UseLogin exploit, although I think our PAM | ||
948 | conditional code breaks UseLogin in a way that protects us from this | ||
949 | exploit anyway. ;-) (closes: #65495) *RC* | ||
950 | * Apply Zack Weinberg <zack@wolery.cumb.org>'s patch to fix keyboard | ||
951 | grab vulnerability in ssh-askpass-gnome (closes: #64795) *RC* | ||
952 | * stop redirection of sshd's file descriptors (introduced in 1:1.2.3-3) | ||
953 | and use db_stop in the postinst to solve that problem instead | ||
954 | (closes: #65104) | ||
955 | * add Provides: rsh-server to ssh (closes: #63948) | ||
956 | * provide config option not to run sshd | ||
957 | |||
958 | -- Philip Hands <phil@hands.com> Mon, 12 Jun 2000 23:05:11 +0100 | ||
959 | |||
960 | openssh (1:1.2.3-4) frozen unstable; urgency=low | ||
961 | |||
962 | * fixes #63436 which is *RC* | ||
963 | * add 10 second pause in init.d restart (closes: #63844) | ||
964 | * get rid of noenv in PAM mail line (closes: #63856) | ||
965 | * fix host key path in make-ssh-known-hosts (closes: #63713) | ||
966 | * change wording of SUID template (closes: #62788, #63436) | ||
967 | |||
968 | -- Philip Hands <phil@hands.com> Sat, 27 May 2000 11:18:06 +0100 | ||
969 | |||
970 | openssh (1:1.2.3-3) frozen unstable; urgency=low | ||
971 | |||
972 | * redirect sshd's file descriptors to /dev/null in init to | ||
973 | prevent debconf from locking up during installation | ||
974 | ** grave bug just submited by me ** | ||
975 | |||
976 | -- Philip Hands <phil@hands.com> Thu, 20 Apr 2000 17:10:59 +0100 | ||
977 | |||
978 | openssh (1:1.2.3-2) frozen unstable; urgency=low | ||
979 | |||
980 | * allow user to select SUID status of /usr/bin/ssh (closes: 62462) ** RC ** | ||
981 | * suggest debconf | ||
982 | * conflict with debconf{,-tiny} (<<0.2.17) so I can clean up the preinst | ||
983 | |||
984 | -- Philip Hands <phil@hands.com> Wed, 19 Apr 2000 17:49:15 +0100 | ||
985 | |||
986 | openssh (1:1.2.3-1) frozen unstable; urgency=low | ||
987 | |||
988 | * New upstream release | ||
989 | * patch sshd to create extra xauth key required for localhost | ||
990 | (closes: #49944) *** RC *** | ||
991 | * FallbacktoRsh now defaults to ``no'' to match impression | ||
992 | given in sshd_config | ||
993 | * stop setting suid bit on ssh (closes: #58711, #58558) | ||
994 | This breaks Rhosts authentication (which nobody uses) and allows | ||
995 | the LD_PRELOAD trick to get socks working, so seems like a net benefit. | ||
996 | |||
997 | -- Philip Hands <phil@hands.com> Thu, 13 Apr 2000 20:01:54 +0100 | ||
998 | |||
999 | openssh (1:1.2.2-1.4) frozen unstable; urgency=low | ||
1000 | |||
1001 | * Recompile for frozen, contains fix for RC bug. | ||
1002 | |||
1003 | -- Tommi Virtanen <tv@debian.org> Tue, 29 Feb 2000 22:14:58 +0200 | ||
1004 | |||
1005 | openssh (1:1.2.2-1.3) unstable; urgency=low | ||
1006 | |||
1007 | * Integrated man page addition for PrintLastLog. | ||
1008 | This bug was filed on "openssh", and I ended up | ||
1009 | creating my own patch for this (closes: #59054) | ||
1010 | * Improved error message when ssh_exchange_identification | ||
1011 | gets EOF (closes: #58904) | ||
1012 | * Fixed typo (your -> you're) in debian/preinst. | ||
1013 | * Added else-clauses to config to make this upgradepath possible: | ||
1014 | oldssh -> openssh preinst fails due to upgrade_to_openssh=false | ||
1015 | -> ssh-nonfree -> openssh. Without these, debconf remembered | ||
1016 | the old answer, config didn't force asking it, and preinst always | ||
1017 | aborted (closes: #56596, #57782) | ||
1018 | * Moved setting upgrade_to_openssh isdefault flag to the place | ||
1019 | where preinst would abort. This means no double question to most | ||
1020 | users, people who currently suffer from "can't upgrade" may need | ||
1021 | to run apt-get install ssh twice. Did not do the same for | ||
1022 | use_old_init_script, as the situation is a bit different, and | ||
1023 | less common (closes: #54010, #56224) | ||
1024 | * Check for existance of ssh-keygen before attempting to use it in | ||
1025 | preinst, added warning for non-existant ssh-keygen in config. This | ||
1026 | happens when the old ssh is removed (say, due to ssh-nonfree getting | ||
1027 | installed). | ||
1028 | |||
1029 | -- Tommi Virtanen <tv@debian.org> Sun, 27 Feb 2000 21:36:43 +0200 | ||
1030 | |||
1031 | openssh (1:1.2.2-1.2) frozen unstable; urgency=low | ||
1032 | |||
1033 | * Non-maintainer upload. | ||
1034 | * Added configuration option PrintLastLog, default off due to PAM | ||
1035 | (closes: #54007, #55042) | ||
1036 | * ssh-askpass-{gnome,ptk} now provide ssh-askpass, making ssh's | ||
1037 | Suggests: line more accurate. Also closing related bugs fixed | ||
1038 | earlier, when default ssh-askpass moved to /usr/bin. | ||
1039 | (closes: #52403, #54741, #50607, #52298, #50967, #51661) | ||
1040 | * Patched to call vhangup, with autoconf detection and all | ||
1041 | (closes: #55379) | ||
1042 | * Added --with-ipv4-default workaround to a glibc bug causing | ||
1043 | slow DNS lookups, as per UPGRADING. Use -6 to really use | ||
1044 | IPv6 addresses. (closes: #57891, #58744, #58713, #57970) | ||
1045 | * Added noenv to PAM pam_mail line. Thanks to Ben Collins. | ||
1046 | (closes: #58429) | ||
1047 | * Added the UPGRADING file to the package. | ||
1048 | * Added frozen to the changelog line and recompiled before | ||
1049 | package was installed into the archive. | ||
1050 | |||
1051 | -- Tommi Virtanen <tv@debian.org> Fri, 25 Feb 2000 22:08:57 +0200 | ||
1052 | |||
1053 | openssh (1:1.2.2-1.1) frozen unstable; urgency=low | ||
1054 | |||
1055 | * Non-maintainer upload. | ||
1056 | * Integrated scp pipe buffer patch from Ben Collins | ||
1057 | <benc@debian.org>, should now work even if reading | ||
1058 | a pipe gives less than fstat st_blksize bytes. | ||
1059 | Should now work on Alpha and Sparc Linux (closes: #53697, #52071) | ||
1060 | * Made ssh depend on libssl09 (>= 0.9.4-3) (closes: #51393) | ||
1061 | * Integrated patch from Ben Collins <benc@debian.org> | ||
1062 | to do full shadow account locking and expiration | ||
1063 | checking (closes: #58165, #51747) | ||
1064 | |||
1065 | -- Tommi Virtanen <tv@debian.org> Tue, 22 Feb 2000 20:46:12 +0200 | ||
1066 | |||
1067 | openssh (1:1.2.2-1) frozen unstable; urgency=medium | ||
1068 | |||
1069 | * New upstream release (closes: #56870, #56346) | ||
1070 | * built against new libesd (closes: #56805) | ||
1071 | * add Colin Watson <cjw44@cam.ac.uk> =NULL patch | ||
1072 | (closes: #49902, #54894) | ||
1073 | * use socketpairs as suggested by Andrew Tridgell to eliminate rsync | ||
1074 | (and other) lockups | ||
1075 | * patch SSHD_PAM_SERVICE back into auth-pam.c, again :-/ | ||
1076 | (closes: #49902, #55872, #56959) | ||
1077 | * uncoment the * line in ssh_config (closes: #56444) | ||
1078 | |||
1079 | * #54894 & #49902 are release critical, so this should go in frozen | ||
1080 | |||
1081 | -- Philip Hands <phil@hands.com> Wed, 9 Feb 2000 04:52:04 +0000 | ||
1082 | |||
1083 | openssh (1:1.2.1pre24-1) unstable; urgency=low | ||
1084 | |||
1085 | * New upstream release | ||
1086 | |||
1087 | -- Philip Hands <phil@hands.com> Fri, 31 Dec 1999 02:47:24 +0000 | ||
1088 | |||
1089 | openssh (1:1.2.1pre23-1) unstable; urgency=low | ||
1090 | |||
1091 | * New upstream release | ||
1092 | * excape ? in /etc/init.d/ssh (closes: #53269) | ||
1093 | |||
1094 | -- Philip Hands <phil@hands.com> Wed, 29 Dec 1999 16:50:46 +0000 | ||
1095 | |||
1096 | openssh (1:1.2pre17-1) unstable; urgency=low | ||
1097 | |||
1098 | * New upstream release | ||
1099 | |||
1100 | -- Philip Hands <phil@hands.com> Thu, 9 Dec 1999 16:50:40 +0000 | ||
1101 | |||
1102 | openssh (1:1.2pre16-1) unstable; urgency=low | ||
1103 | |||
1104 | * New upstream release | ||
1105 | * upstream release (1.2pre14) (closes: #50299) | ||
1106 | * make ssh depend on libwrap0 (>= 7.6-1.1) (closes: #50973, #50776) | ||
1107 | * dispose of grep -q broken pipe message in config script (closes: #50855) | ||
1108 | * add make-ssh-known-hosts (closes: #50660) | ||
1109 | * add -i option to ssh-copy-id (closes: #50657) | ||
1110 | * add check for *LK* in password, indicating a locked account | ||
1111 | |||
1112 | -- Philip Hands <phil@hands.com> Wed, 8 Dec 1999 22:59:38 +0000 | ||
1113 | |||
1114 | openssh (1:1.2pre13-1) unstable; urgency=low | ||
1115 | |||
1116 | * New upstream release | ||
1117 | * make sshd.c use SSHD_PAM_SERVICE and define it as "ssh" in debian/rules | ||
1118 | * remove duplicate line in /etc/pam.d/ssh (closes: #50310) | ||
1119 | * mention ssh -A option in ssh.1 & ssh_config | ||
1120 | * enable forwarding to localhost in default ssh_config (closes: #50373) | ||
1121 | * tweak preinst to deal with debconf being `unpacked' | ||
1122 | * use --with-tcp-wrappers (closes: #49545) | ||
1123 | |||
1124 | -- Philip Hands <phil@hands.com> Sat, 20 Nov 1999 14:20:04 +0000 | ||
1125 | |||
1126 | openssh (1:1.2pre11-2) unstable; urgency=low | ||
1127 | |||
1128 | * oops, just realised that I forgot to strip out the unpleasant | ||
1129 | fiddling mentioned below (which turned not to be a fix anyway) | ||
1130 | |||
1131 | -- Philip Hands <phil@hands.com> Mon, 15 Nov 1999 01:35:23 +0000 | ||
1132 | |||
1133 | openssh (1:1.2pre11-1) unstable; urgency=low | ||
1134 | |||
1135 | * New upstream release (closes: #49722) | ||
1136 | * add 2>/dev/null to dispose of spurious message casused by grep -q | ||
1137 | (closes: #49876, #49604) | ||
1138 | * fix typo in debian/control (closes: #49841) | ||
1139 | * Do some unpleasant fiddling with upgraded keys in the preinst, which | ||
1140 | should make the keylength problem go away. (closes: #49676) | ||
1141 | * make pam_start in sshd use ``ssh'' as the service name (closes: #49956) | ||
1142 | * If /etc/ssh/NOSERVER exist, stop sshd from starting (closes: #47107) | ||
1143 | * apply Ben Collins <bcollins@debian.org>'s shadow patch | ||
1144 | * disable lastlogin and motd printing if using pam (closes: #49957) | ||
1145 | * add ssh-copy-id script and manpage | ||
1146 | |||
1147 | -- Philip Hands <phil@hands.com> Fri, 12 Nov 1999 01:03:38 +0000 | ||
1148 | |||
1149 | openssh (1:1.2pre9-1) unstable; urgency=low | ||
1150 | |||
1151 | * New upstream release | ||
1152 | * apply Chip Salzenberg <chip@valinux.com>'s SO_REUSEADDR patch | ||
1153 | to channels.c, to make forwarded ports instantly reusable | ||
1154 | * replace Pre-Depend: debconf with some check code in preinst | ||
1155 | * make the ssh-add ssh-askpass failure message more helpful | ||
1156 | * fix the ssh-agent getopts bug (closes: #49426) | ||
1157 | * fixed typo on Suggests: line (closes: #49704, #49571) | ||
1158 | * tidy up ssh package description (closes: #49642) | ||
1159 | * make ssh suid (closes: #49635) | ||
1160 | * in preinst upgrade code, ensure ssh_host_keys is mode 600 (closes: #49606) | ||
1161 | * disable agent forwarding by default, for the similar reasons as | ||
1162 | X forwarding (closes: #49586) | ||
1163 | |||
1164 | -- Philip Hands <phil@hands.com> Tue, 9 Nov 1999 09:57:47 +0000 | ||
1165 | |||
1166 | openssh (1:1.2pre7-4) unstable; urgency=low | ||
1167 | |||
1168 | * predepend on debconf (>= 0.2.17) should now allow preinst questions | ||
1169 | |||
1170 | -- Philip Hands <phil@hands.com> Sat, 6 Nov 1999 10:31:06 +0000 | ||
1171 | |||
1172 | openssh (1:1.2pre7-3) unstable; urgency=low | ||
1173 | |||
1174 | * add ssh-askpass package using Tommi Virtanen's perl-tk script | ||
1175 | * add ssh-preconfig package cludge | ||
1176 | * add usage hints to ssh-agent.1 | ||
1177 | |||
1178 | -- Philip Hands <phil@hands.com> Fri, 5 Nov 1999 00:38:33 +0000 | ||
1179 | |||
1180 | openssh (1:1.2pre7-2) unstable; urgency=low | ||
1181 | |||
1182 | * use pam patch from Ben Collins <bcollins@debian.org> | ||
1183 | * add slogin symlink to Makefile.in | ||
1184 | * change /usr/bin/login to LOGIN_PROGRAM define of /bin/login | ||
1185 | * sort out debconf usage | ||
1186 | * patch from Tommi Virtanen <tv@debian.org>'s makes ssh-add use ssh-askpass | ||
1187 | |||
1188 | -- Philip Hands <phil@hands.com> Thu, 4 Nov 1999 11:08:54 +0000 | ||
1189 | |||
1190 | openssh (1:1.2pre7-1) unstable; urgency=low | ||
1191 | |||
1192 | * New upstream release | ||
1193 | |||
1194 | -- Philip Hands <phil@hands.com> Tue, 2 Nov 1999 21:02:37 +0000 | ||
1195 | |||
1196 | openssh (1:1.2.0.pre6db1-2) unstable; urgency=low | ||
1197 | |||
1198 | * change the binary package name to ssh (the non-free branch of ssh has | ||
1199 | been renamed to ssh-nonfree) | ||
1200 | * make pam file comply with Debian standards | ||
1201 | * use an epoch to make sure openssh supercedes ssh-nonfree | ||
1202 | |||
1203 | -- Philip Hands <phil@hands.com> Sat, 30 Oct 1999 16:26:05 +0100 | ||
1204 | |||
1205 | openssh (1.2pre6db1-1) unstable; urgency=low | ||
1206 | |||
1207 | * New upstream source | ||
1208 | * sshd accepts logins now! | ||
1209 | |||
1210 | -- Dan Brosemer <odin@linuxfreak.com> Fri, 29 Oct 1999 11:13:38 -0500 | ||
1211 | |||
1212 | openssh (1.2.0.19991028-1) unstable; urgency=low | ||
1213 | |||
1214 | * New upstream source | ||
1215 | * Added test for -lnsl to configure script | ||
1216 | |||
1217 | -- Dan Brosemer <odin@linuxfreak.com> Thu, 28 Oct 1999 18:52:09 -0500 | ||
1218 | |||
1219 | openssh (1.2.0.19991027-3) unstable; urgency=low | ||
1220 | |||
1221 | * Initial release | ||
1222 | |||
1223 | -- Dan Brosemer <odin@linuxfreak.com> Wed, 27 Oct 1999 19:39:46 -0500 | ||
1224 | |||
1225 | Local variables: | ||
1226 | mode: debian-changelog | ||
1227 | End: | ||
diff --git a/debian/conffiles b/debian/conffiles new file mode 100644 index 000000000..b5c7a47fc --- /dev/null +++ b/debian/conffiles | |||
@@ -0,0 +1,5 @@ | |||
1 | /etc/ssh/ssh_config | ||
2 | /etc/ssh/moduli | ||
3 | /etc/init.d/ssh | ||
4 | /etc/pam.d/ssh | ||
5 | /etc/default/ssh | ||
diff --git a/debian/config b/debian/config new file mode 100644 index 000000000..c25f2ae3f --- /dev/null +++ b/debian/config | |||
@@ -0,0 +1,100 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | action=$1 | ||
4 | version=$2 | ||
5 | |||
6 | if [ -d /etc/ssh-nonfree -a ! -d /etc/ssh ]; then | ||
7 | version=1.2.27 | ||
8 | cp -a /etc/ssh-nonfree /etc/ssh | ||
9 | fi | ||
10 | |||
11 | # Source debconf library. | ||
12 | . /usr/share/debconf/confmodule | ||
13 | db_version 2.0 | ||
14 | |||
15 | if [ -n "$version" ] && dpkg --compare-versions "$version" lt 1:3.0p1-1 | ||
16 | then | ||
17 | db_input medium ssh/ssh2_keys_merged | ||
18 | fi | ||
19 | |||
20 | if [ -e /etc/init.d/ssh ] && ! grep -q pidfile /etc/init.d/ssh | ||
21 | then | ||
22 | db_fset ssh/use_old_init_script seen false | ||
23 | db_input medium ssh/use_old_init_script || true | ||
24 | db_go | ||
25 | |||
26 | db_get ssh/use_old_init_script | ||
27 | [ "$RET" = "false" ] && exit 0 | ||
28 | else | ||
29 | db_set ssh/use_old_init_script true | ||
30 | db_fset ssh/use_old_init_script seen true | ||
31 | fi | ||
32 | |||
33 | if [ -z "$version" -a ! -e /etc/ssh/sshd_config ] | ||
34 | then | ||
35 | db_input medium ssh/protocol2_only || true | ||
36 | fi | ||
37 | |||
38 | if [ -e /etc/ssh/sshd_config ] | ||
39 | then | ||
40 | if dpkg --compare-versions "$version" lt-nl 1:1.3 ; | ||
41 | then db_input medium ssh/new_config || true | ||
42 | db_go | ||
43 | db_get ssh/new_config | ||
44 | if [ "$RET" = "true" ]; | ||
45 | then db_input medium ssh/protocol2_only ||true | ||
46 | db_input high ssh/privsep_ask ||true | ||
47 | else db_input high ssh/privsep_tell ||true | ||
48 | fi | ||
49 | else db_input high ssh/privsep_tell ||true | ||
50 | fi | ||
51 | else db_input high ssh/privsep_tell ||true | ||
52 | fi | ||
53 | |||
54 | db_input medium ssh/SUID_client || true | ||
55 | |||
56 | # To be correct during initial installation, this relies on the desired | ||
57 | # default for run_sshd being "true". | ||
58 | if [ -e /etc/ssh/sshd_not_to_be_run ] | ||
59 | then | ||
60 | db_set ssh/run_sshd false | ||
61 | else | ||
62 | db_set ssh/run_sshd true | ||
63 | fi | ||
64 | db_input medium ssh/run_sshd || true | ||
65 | |||
66 | if [ -x /usr/sbin/in.telnetd ] && grep -q "^telnet\b" /etc/inetd.conf | ||
67 | then | ||
68 | if ! /usr/sbin/in.telnetd -? 2>&1 | grep -q ssl 2>/dev/null | ||
69 | then | ||
70 | db_input low ssh/insecure_telnetd || true | ||
71 | fi | ||
72 | fi | ||
73 | |||
74 | key=/etc/ssh/ssh_host_key | ||
75 | export key | ||
76 | if [ -n "$version" ] && [ -f $key ] && [ ! -x /usr/bin/ssh-keygen ] && | ||
77 | dpkg --compare-versions "$version" lt 1.2.28 | ||
78 | then | ||
79 | # make sure that keys get updated to get rid of IDEA; preinst | ||
80 | # actually does the work, but if the old ssh-keygen is not found, | ||
81 | # it can't do that -- thus, we tell the user that he must create | ||
82 | # a new host key. | ||
83 | echo -en '\0\0' | 3<&0 sh -c \ | ||
84 | 'dd if=$key bs=1 skip=32 count=2 2>/dev/null | cmp -s - /dev/fd/3' || { | ||
85 | # this means that bytes 32&33 of the key were not both zero, in which | ||
86 | # case the key is encrypted, which we need to fix | ||
87 | db_input high ssh/encrypted_host_key_but_no_keygen || true | ||
88 | } | ||
89 | fi | ||
90 | |||
91 | |||
92 | db_input low ssh/forward_warning || true | ||
93 | |||
94 | if dpkg --compare-versions "$version" lt-nl 1:3.5p1-3; then | ||
95 | db_input high ssh/user_environment_tell || true | ||
96 | fi | ||
97 | |||
98 | db_go | ||
99 | |||
100 | exit 0 | ||
diff --git a/debian/control b/debian/control new file mode 100644 index 000000000..046f157e4 --- /dev/null +++ b/debian/control | |||
@@ -0,0 +1,48 @@ | |||
1 | Source: openssh | ||
2 | Section: net | ||
3 | Priority: standard | ||
4 | Maintainer: Matthew Vernon <matthew@debian.org> | ||
5 | Build-Depends: libwrap0-dev | libwrap-dev, zlib1g-dev | libz-dev, libssl-dev, libpam0g-dev | libpam-dev, libgnomeui-dev (>= 2.0.0) | libgnome-dev, groff, debhelper (>=1.1.17), sharutils | ||
6 | Standards-Version: 3.6.1 | ||
7 | Uploaders: Colin Watson <cjwatson@debian.org> | ||
8 | |||
9 | Package: ssh | ||
10 | Architecture: any | ||
11 | Depends: ${shlibs:Depends}, ${debconf-depends}, libpam-modules (>= 0.72-9), adduser (>= 3.9) | ||
12 | Conflicts: ssh-nonfree (<<2), ssh-socks, ssh2, sftp, rsh-client (<<0.16.1-1) | ||
13 | Suggests: ssh-askpass, xbase-clients, dpkg (>=1.8.3.1), dnsutils | ||
14 | Provides: rsh-client | ||
15 | Description: Secure rlogin/rsh/rcp replacement (OpenSSH) | ||
16 | This is the portable version of OpenSSH, a free implementation of | ||
17 | the Secure Shell protocol as specified by the IETF secsh working | ||
18 | group. | ||
19 | . | ||
20 | Ssh (Secure Shell) is a program for logging into a remote machine | ||
21 | and for executing commands on a remote machine. | ||
22 | It provides secure encrypted communications between two untrusted | ||
23 | hosts over an insecure network. X11 connections and arbitrary TCP/IP | ||
24 | ports can also be forwarded over the secure channel. | ||
25 | It is intended as a replacement for rlogin, rsh and rcp, and can be | ||
26 | used to provide applications with a secure communication channel. | ||
27 | . | ||
28 | This package provides both the ssh client and the sshd server. | ||
29 | . | ||
30 | -------------------------------------------------------------------- | ||
31 | . | ||
32 | In some countries it may be illegal to use any encryption at all | ||
33 | without a special permit. | ||
34 | |||
35 | Package: ssh-askpass-gnome | ||
36 | Section: gnome | ||
37 | Priority: optional | ||
38 | Architecture: any | ||
39 | Depends: ${shlibs:Depends}, ssh (>=1:1.2pre7-4) | ssh-krb5 | ||
40 | Replaces: ssh (<< 1:3.5p1-3) | ||
41 | Provides: ssh-askpass | ||
42 | Description: under X, asks user for a passphrase for ssh-add | ||
43 | This has been split out of the main ssh package, so that the ssh will | ||
44 | not need to depend upon the Gnome libraries. | ||
45 | . | ||
46 | You probably want the ssh-askpass package instead, but this is | ||
47 | provided to add to your choice and/or confusion. | ||
48 | |||
diff --git a/debian/copyright.head b/debian/copyright.head new file mode 100644 index 000000000..6d95c8ae2 --- /dev/null +++ b/debian/copyright.head | |||
@@ -0,0 +1,37 @@ | |||
1 | This package was debianized by Philip Hands <phil@hands.com> on 31 Oct 1999 | ||
2 | (with help from Dan Brosemer <odin@linuxfreak.com>) | ||
3 | |||
4 | It was downloaded from here: | ||
5 | ftp://ftp.fu-berlin.de/unix/security/openssh/openssh-2.3.0p1.tar.gz | ||
6 | |||
7 | worldwide mirrors are listed here: | ||
8 | http://www.openssh.com/ftp.html | ||
9 | |||
10 | The Debian specific parts of the package are mostly taken from the | ||
11 | original ssh package, which has since been renamed as ssh-nonfree. | ||
12 | |||
13 | The Debian patch is distributed under the terms of the GPL, which you | ||
14 | can find in /usr/share/common-licenses/GPL. | ||
15 | |||
16 | The upstream source for this package is a combination of the ssh | ||
17 | branch that is being maintained by the OpenBSD team (starting from | ||
18 | the last version of SSH that was distributed under a free license), | ||
19 | and porting work by Damien Miller <damien@ibs.com.au> to get it | ||
20 | working on Linux. Other people also contributed to this, and are | ||
21 | credited in /usr/share/doc/ssh/README. | ||
22 | |||
23 | Copyright: | ||
24 | |||
25 | Code in helper.[ch] is Copyright Internet Business Solutions and is | ||
26 | released under a X11-style license (see source file for details). | ||
27 | |||
28 | (A)RC4 code in rc4.[ch] is Copyright Damien Miller. It too is under a | ||
29 | X11-style license (see source file for details). | ||
30 | |||
31 | make-ssh-known-hosts is Copyright Tero Kivinen <Tero.Kivinen@hut.fi>, | ||
32 | and is distributed under the GPL (see source file for details). | ||
33 | |||
34 | The copyright for the original SSH version follows. It has been | ||
35 | modified with [comments] to reflect the changes that the OpenBSD folks | ||
36 | have made: | ||
37 | |||
diff --git a/debian/dirs b/debian/dirs new file mode 100644 index 000000000..1496845fc --- /dev/null +++ b/debian/dirs | |||
@@ -0,0 +1,8 @@ | |||
1 | usr/bin | ||
2 | usr/sbin | ||
3 | usr/lib | ||
4 | etc/ssh | ||
5 | etc/init.d | ||
6 | etc/default | ||
7 | usr/share/man/man1 | ||
8 | usr/share/man/man8 | ||
diff --git a/debian/gnome-ssh-askpass.1 b/debian/gnome-ssh-askpass.1 new file mode 100644 index 000000000..b74c410a8 --- /dev/null +++ b/debian/gnome-ssh-askpass.1 | |||
@@ -0,0 +1,51 @@ | |||
1 | .TH GNOME-SSH-ASKPASS 1 | ||
2 | .SH NAME | ||
3 | gnome\-ssh\-askpass \- prompts a user for a passphrase using GNOME | ||
4 | .SH SYNOPSIS | ||
5 | .B gnome\-ssh\-askpass | ||
6 | .SH DESCRIPTION | ||
7 | .B gnome\-ssh\-askpass | ||
8 | is a GNOME-based passphrase dialog for use with OpenSSH. | ||
9 | It is intended to be called by the | ||
10 | .BR ssh\-add (1) | ||
11 | program and not invoked directly. | ||
12 | It allows | ||
13 | .BR ssh\-add (1) | ||
14 | to obtain a passphrase from a user, even if not connected to a terminal | ||
15 | (assuming that an X display is available). | ||
16 | This happens automatically in the case where | ||
17 | .B ssh\-add | ||
18 | is invoked from one's | ||
19 | .B ~/.xsession | ||
20 | or as one of the GNOME startup programs, for example. | ||
21 | .PP | ||
22 | In order to be called automatically by | ||
23 | .BR ssh\-add , | ||
24 | .B gnome\-ssh\-askpass | ||
25 | should be installed as | ||
26 | .IR /usr/bin/ssh\-askpass . | ||
27 | .SH "ENVIRONMENT VARIABLES" | ||
28 | The following environment variables are recognized: | ||
29 | .TP | ||
30 | .I GNOME_SSH_ASKPASS_GRAB_SERVER | ||
31 | Causes | ||
32 | .B gnome\-ssh\-askpass | ||
33 | to grab the X server before asking for a passphrase. | ||
34 | .TP | ||
35 | .I GNOME_SSH_ASKPASS_GRAB_POINTER | ||
36 | Causes | ||
37 | .B gnome\-ssh\-askpass | ||
38 | to grab the mouse pointer using | ||
39 | .IR gdk_pointer_grab () | ||
40 | before asking for a passphrase. | ||
41 | .PP | ||
42 | Regardless of whether either of these environment variables is set, | ||
43 | .B gnome\-ssh\-askpass | ||
44 | will grab the keyboard using | ||
45 | .IR gdk_keyboard_grab (). | ||
46 | .SH AUTHOR | ||
47 | This manual page was written by Colin Watson <cjwatson@debian.org> | ||
48 | for the Debian system (but may be used by others). | ||
49 | It was based on that for | ||
50 | .B x11\-ssh\-askpass | ||
51 | by Philip Hands. | ||
diff --git a/debian/init b/debian/init new file mode 100644 index 000000000..641b9eff5 --- /dev/null +++ b/debian/init | |||
@@ -0,0 +1,75 @@ | |||
1 | #! /bin/sh | ||
2 | set -e | ||
3 | |||
4 | # /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)" daemon | ||
5 | |||
6 | test -x /usr/sbin/sshd || exit 0 | ||
7 | ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0 | ||
8 | |||
9 | if test -f /etc/default/ssh; then | ||
10 | . /etc/default/ssh | ||
11 | fi | ||
12 | |||
13 | check_for_no_start() { | ||
14 | # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists | ||
15 | if [ -e /etc/ssh/sshd_not_to_be_run ]; then | ||
16 | echo "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" | ||
17 | exit 0 | ||
18 | fi | ||
19 | } | ||
20 | |||
21 | check_privsep_dir() { | ||
22 | # Create the PrivSep empty dir if necessary | ||
23 | if [ ! -d /var/run/sshd ]; then | ||
24 | mkdir /var/run/sshd | ||
25 | chmod 0755 /var/run/sshd | ||
26 | fi | ||
27 | } | ||
28 | |||
29 | check_config() { | ||
30 | if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then | ||
31 | /usr/sbin/sshd -t || exit 1 | ||
32 | fi | ||
33 | } | ||
34 | |||
35 | export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" | ||
36 | |||
37 | case "$1" in | ||
38 | start) | ||
39 | check_for_no_start | ||
40 | check_privsep_dir | ||
41 | echo -n "Starting OpenBSD Secure Shell server: sshd" | ||
42 | start-stop-daemon --start --quiet --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS | ||
43 | echo "." | ||
44 | ;; | ||
45 | stop) | ||
46 | echo -n "Stopping OpenBSD Secure Shell server: sshd" | ||
47 | start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid | ||
48 | echo "." | ||
49 | ;; | ||
50 | |||
51 | reload|force-reload) | ||
52 | check_for_no_start | ||
53 | check_config | ||
54 | echo -n "Reloading OpenBSD Secure Shell server's configuration" | ||
55 | start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd | ||
56 | echo "." | ||
57 | ;; | ||
58 | |||
59 | restart) | ||
60 | check_config | ||
61 | echo -n "Restarting OpenBSD Secure Shell server: sshd" | ||
62 | start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid | ||
63 | check_for_no_start | ||
64 | check_privsep_dir | ||
65 | sleep 2 | ||
66 | start-stop-daemon --start --quiet --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS | ||
67 | echo "." | ||
68 | ;; | ||
69 | |||
70 | *) | ||
71 | echo "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart}" | ||
72 | exit 1 | ||
73 | esac | ||
74 | |||
75 | exit 0 | ||
diff --git a/debian/moduli.5 b/debian/moduli.5 new file mode 100644 index 000000000..b3997658b --- /dev/null +++ b/debian/moduli.5 | |||
@@ -0,0 +1,152 @@ | |||
1 | .\" $OpenBSD: moduli.5,v 1.7 2003/03/06 20:48:35 jmc Exp $ | ||
2 | .\" | ||
3 | .\" Copyright 1997, 2000 William Allen Simpson <wsimpson@greendragon.com> | ||
4 | .\" All rights reserved. | ||
5 | .\" | ||
6 | .\" Redistribution and use in source and binary forms, with or without | ||
7 | .\" modification, are permitted provided that the following conditions | ||
8 | .\" are met: | ||
9 | .\" 1. Redistributions of source code must retain the above copyright | ||
10 | .\" notice, this list of conditions and the following disclaimer. | ||
11 | .\" 2. Redistributions in binary form must reproduce the above copyright | ||
12 | .\" notice, this list of conditions and the following disclaimer in the | ||
13 | .\" documentation and/or other materials provided with the distribution. | ||
14 | .\" 3. All advertising materials mentioning features or use of this software | ||
15 | .\" must display the following acknowledgement: | ||
16 | .\" This product includes software designed by William Allen Simpson. | ||
17 | .\" 4. The name of the author may not be used to endorse or promote products | ||
18 | .\" derived from this software without specific prior written permission. | ||
19 | .\" | ||
20 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
21 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
22 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
23 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
24 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
25 | .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
26 | .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
27 | .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
28 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
29 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
30 | .\" | ||
31 | .\" Manual page, using -mandoc macros | ||
32 | .\" | ||
33 | .Dd July 28, 1997 | ||
34 | .Dt MODULI 5 | ||
35 | .Os | ||
36 | .Sh NAME | ||
37 | .Nm moduli | ||
38 | .Nd system moduli file | ||
39 | .Sh DESCRIPTION | ||
40 | The | ||
41 | .Pa /etc/ssh/moduli | ||
42 | file contains the system-wide Diffie-Hellman prime moduli for | ||
43 | .Xr sshd 8 . | ||
44 | .Pp | ||
45 | Each line in this file contains the following fields: | ||
46 | Time, Type, Tests, Tries, Size, Generator, Modulus. | ||
47 | The fields are separated by white space (tab or blank). | ||
48 | .Pp | ||
49 | .Fa Time : yyyymmddhhmmss . | ||
50 | Specifies the system time that the line was appended to the file. | ||
51 | The value 00000000000000 means unknown (historic). | ||
52 | .\"The file is sorted in ascending order. | ||
53 | .Pp | ||
54 | .Fa Type : decimal . | ||
55 | Specifies the internal structure of the prime modulus. | ||
56 | .Pp | ||
57 | .Bl -tag -width indent -offset indent -compact | ||
58 | .It 0 : | ||
59 | unknown; | ||
60 | often learned from peer during protocol operation, | ||
61 | and saved for later analysis. | ||
62 | .It 1 : | ||
63 | unstructured; | ||
64 | a common large number. | ||
65 | .It 2 : | ||
66 | safe (p = 2q + 1); | ||
67 | meets basic structural requirements. | ||
68 | .It 3 : | ||
69 | Schnorr. | ||
70 | .It 4 : | ||
71 | Sophie-Germaine (q = (p-1)/2); | ||
72 | usually generated in the process of testing safe or strong primes. | ||
73 | .It 5 : | ||
74 | strong; | ||
75 | useful for RSA public key generation. | ||
76 | .El | ||
77 | .Pp | ||
78 | .Fa Tests : decimal (bit field) . | ||
79 | Specifies the methods used in checking for primality. | ||
80 | Usually, more than one test is used. | ||
81 | .Pp | ||
82 | .Bl -tag -width indent -offset indent -compact | ||
83 | .It 0 : | ||
84 | not tested; | ||
85 | often learned from peer during protocol operation, | ||
86 | and saved for later analysis. | ||
87 | .It 1 : | ||
88 | composite; | ||
89 | failed one or more tests. | ||
90 | In this case, the highest bit specifies the test that failed. | ||
91 | .It 2 : | ||
92 | sieve; | ||
93 | checked for division by a range of smaller primes. | ||
94 | .It 4 : | ||
95 | Miller-Rabin. | ||
96 | .It 8 : | ||
97 | Jacobi. | ||
98 | .It 16 : | ||
99 | Elliptic Curve. | ||
100 | .El | ||
101 | .Pp | ||
102 | .Fa Tries : decimal . | ||
103 | Depends on the value of the highest valid Test bit, | ||
104 | where the method specified is: | ||
105 | .Pp | ||
106 | .Bl -tag -width indent -offset indent -compact | ||
107 | .It 0 : | ||
108 | not tested | ||
109 | (always zero). | ||
110 | .It 1 : | ||
111 | composite | ||
112 | (irrelevant). | ||
113 | .It 2 : | ||
114 | sieve; | ||
115 | number of primes sieved. | ||
116 | Commonly on the order of 32,000,000. | ||
117 | .It 4 : | ||
118 | Miller-Rabin; | ||
119 | number of M-R iterations. | ||
120 | Commonly on the order of 32 to 64. | ||
121 | .It 8 : | ||
122 | Jacobi; | ||
123 | unknown | ||
124 | (always zero). | ||
125 | .It 16 : | ||
126 | Elliptic Curve; | ||
127 | unused | ||
128 | (always zero). | ||
129 | .El | ||
130 | .Pp | ||
131 | .Fa Size : decimal . | ||
132 | Specifies the number of significant bits. | ||
133 | .Pp | ||
134 | .Fa Generator : hex string . | ||
135 | Specifies the best generator for a Diffie-Hellman exchange. | ||
136 | 0 = unknown or variable, | ||
137 | 2, 3, 5, etc. | ||
138 | .Pp | ||
139 | .Fa Modulus : hex string . | ||
140 | The prime modulus. | ||
141 | .Pp | ||
142 | The file is searched for moduli that meet the appropriate | ||
143 | Time, Size and Generator criteria. | ||
144 | When more than one meet the criteria, | ||
145 | the selection should be weighted toward newer moduli, | ||
146 | without completely disqualifying older moduli. | ||
147 | .Sh FILES | ||
148 | .Bl -tag -width /etc/ssh/moduli -compact | ||
149 | .It Pa /etc/ssh/moduli | ||
150 | .El | ||
151 | .Sh SEE ALSO | ||
152 | .Xr sshd 8 | ||
diff --git a/debian/po/POTFILES.in b/debian/po/POTFILES.in new file mode 100644 index 000000000..302e5538b --- /dev/null +++ b/debian/po/POTFILES.in | |||
@@ -0,0 +1 @@ | |||
[type: gettext/rfc822deb] templates.master | |||
diff --git a/debian/po/da.po b/debian/po/da.po new file mode 100644 index 000000000..56a83f826 --- /dev/null +++ b/debian/po/da.po | |||
@@ -0,0 +1,376 @@ | |||
1 | # | ||
2 | # Translators, if you are not familiar with the PO format, gettext | ||
3 | # documentation is worth reading, especially sections dedicated to | ||
4 | # this format, e.g. by running: | ||
5 | # info -n '(gettext)PO Files' | ||
6 | # info -n '(gettext)Header Entry' | ||
7 | # | ||
8 | # Some information specific to po-debconf are available at | ||
9 | # /usr/share/doc/po-debconf/README-trans | ||
10 | # or http://www.debian.org/intl/l10n/po-debconf/README-trans | ||
11 | # | ||
12 | # Developers do not need to manually edit POT or PO files. | ||
13 | # | ||
14 | #, fuzzy | ||
15 | msgid "" | ||
16 | msgstr "" | ||
17 | "Project-Id-Version: PACKAGE VERSION\n" | ||
18 | "Report-Msgid-Bugs-To: \n" | ||
19 | "POT-Creation-Date: 2003-08-27 02:20+0100\n" | ||
20 | "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" | ||
21 | "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" | ||
22 | "Language-Team: LANGUAGE <LL@li.org>\n" | ||
23 | "MIME-Version: 1.0\n" | ||
24 | "Content-Type: text/plain; charset=ISO-8859-1\n" | ||
25 | "Content-Transfer-Encoding: 8bit\n" | ||
26 | |||
27 | #. Description | ||
28 | #: ../templates.master:3 | ||
29 | msgid "Privilege separation" | ||
30 | msgstr "Privilegie adskillelse" | ||
31 | |||
32 | #. Description | ||
33 | #: ../templates.master:3 | ||
34 | #, fuzzy | ||
35 | msgid "" | ||
36 | "Privilege separation is turned on by default, so if you decide you want it " | ||
37 | "turned off, you need to add \"UsePrivilegeSeparation no\" to /etc/ssh/" | ||
38 | "sshd_config." | ||
39 | msgstr "" | ||
40 | "Privilegie adskillelse er slået til som standard, så hvis du beslutter at " | ||
41 | "slå det fra, skal du bruge \"UsePrivilegeSeparation no\" i /etc/ssh/" | ||
42 | "sshd_config." | ||
43 | |||
44 | #. Description | ||
45 | #: ../templates.master:19 | ||
46 | msgid "Enable Privilege separation" | ||
47 | msgstr "Aktiver Privilegie adskillelse" | ||
48 | |||
49 | #. Description | ||
50 | #: ../templates.master:19 | ||
51 | msgid "" | ||
52 | "This version of OpenSSH contains the new privilege separation option. This " | ||
53 | "significantly reduces the quantity of code that runs as root, and therefore " | ||
54 | "reduces the impact of security holes in sshd." | ||
55 | msgstr "" | ||
56 | "Denne version af OpenSSH indeholder den nye privilegie adskillelses " | ||
57 | "mulighed. Det reducerer markant mængden af kode der kører som root, og " | ||
58 | "derfor reducerer det impakten på sikkerheds huller i sshd." | ||
59 | |||
60 | #. Description | ||
61 | #: ../templates.master:19 | ||
62 | msgid "" | ||
63 | "Unfortunately, privilege separation interacts badly with PAM. Any PAM " | ||
64 | "session modules that need to run as root (pam_mkhomedir, for example) will " | ||
65 | "fail, and PAM keyboard-interactive authentication won't work." | ||
66 | msgstr "" | ||
67 | "Desværre, arbejder det ikke godt sammen med PAM. Ethvert PAM session modul " | ||
68 | "der skal køres som root (pam_mkhomedir, f.eks.) vil fejle, og PAM tastatur-" | ||
69 | "interaktive autentifikationer vil ikke virke." | ||
70 | |||
71 | #. Description | ||
72 | #: ../templates.master:19 | ||
73 | #, fuzzy | ||
74 | msgid "" | ||
75 | "Since you've opted to have me generate an sshd_config file for you, you can " | ||
76 | "choose whether or not to have Privilege Separation turned on or not. Unless " | ||
77 | "you know you need to use PAM features that won't work with this option, you " | ||
78 | "should say yes here." | ||
79 | msgstr "" | ||
80 | "Siden du har bedt mig om at lave en sshd_config fil til dig, kan du vælge om " | ||
81 | "du vil have privilegie adskillelse slået til eller ej. Medmindre du kører " | ||
82 | "2.0 (i hvilket tilfælde du *skal* sige nej her, ellers vil din sshd slet " | ||
83 | "ikke starte) eller ved at du skal bruge PAM funktioner som ikke vil virke " | ||
84 | "med dette tilvalg, skal du sige ja her." | ||
85 | |||
86 | #. Description | ||
87 | #: ../templates.master:36 | ||
88 | msgid "Generate new configuration file" | ||
89 | msgstr "Opret ny konfigurations fil" | ||
90 | |||
91 | #. Description | ||
92 | #: ../templates.master:36 | ||
93 | msgid "" | ||
94 | "This version of OpenSSH has a considerably changed configuration file from " | ||
95 | "the version shipped in Debian 'Potato', which you appear to be upgrading " | ||
96 | "from. I can now generate you a new configuration file (/etc/ssh/sshd." | ||
97 | "config), which will work with the new server version, but will not contain " | ||
98 | "any customisations you made with the old version." | ||
99 | msgstr "" | ||
100 | "Denne version af OpenSSH har en betydeligt ændret konfigurations fil fra den " | ||
101 | "version der kom med Debian 'Potato', som du ser ud til at opgradere fra. Jeg " | ||
102 | "kan nu oprette en ny konfigurations fil (//etc/ssh/sshd.config), som vil " | ||
103 | "virke med den nye server version, men det vil ikke beholde eventuelle " | ||
104 | "ændringer du lavede med den gamle version." | ||
105 | |||
106 | #. Description | ||
107 | #: ../templates.master:36 | ||
108 | msgid "" | ||
109 | "Please note that this new configuration file will set the value of " | ||
110 | "'PermitRootLogin' to yes (meaning that anyone knowing the root password can " | ||
111 | "ssh directly in as root). It is the opinion of the maintainer that this is " | ||
112 | "the correct default (see README.Debian for more details), but you can always " | ||
113 | "edit sshd_config and set it to no if you wish." | ||
114 | msgstr "" | ||
115 | "Venligst bemærk at den nye konfigurations fil vil sætte værdien af " | ||
116 | "'PermitRootLogin' til ja (som betyder at alle der kender roots password, kan " | ||
117 | "tilgå maskinen via ssh direkte). Det er vedligeholderens mening, at det er " | ||
118 | "den korrekte standard-værdi (se README.Debian for flere detaljer), men du " | ||
119 | "kan altid redigere sshd_config og slå det fra, hvis du ønsker." | ||
120 | |||
121 | #. Description | ||
122 | #: ../templates.master:36 | ||
123 | msgid "" | ||
124 | "It is strongly recommended that you let me generate a new configuration file " | ||
125 | "for you." | ||
126 | msgstr "" | ||
127 | "Du rådes stærkt til at lade mig genere en ny konfigurations fil for dig." | ||
128 | |||
129 | #. Description | ||
130 | #: ../templates.master:55 | ||
131 | msgid "Allow SSH protocol 2 only" | ||
132 | msgstr "Tillad kun SSH protokol 2" | ||
133 | |||
134 | #. Description | ||
135 | #: ../templates.master:55 | ||
136 | msgid "" | ||
137 | "This version of OpenSSH supports version 2 of the ssh protocol, which is " | ||
138 | "much more secure. Disabling ssh 1 is encouraged, however this will slow " | ||
139 | "things down on low end machines and might prevent older clients from " | ||
140 | "connecting (the ssh client shipped with \"potato\" is affected)." | ||
141 | msgstr "" | ||
142 | "Denne udgave af OpenSSH understøtter version 2 af ssh-protokollen, som er " | ||
143 | "betydeligt mere sikker. Det anbefales af deaktivere version 1. Dog kan det " | ||
144 | "sløve langsomme maskiner, og forhindre ældre klienter i at opnå forbindelse " | ||
145 | "(ssh klienten der kommer med \"potato\" er en af dem)." | ||
146 | |||
147 | #. Description | ||
148 | #: ../templates.master:55 | ||
149 | msgid "" | ||
150 | "Also please note that keys used for protocol 1 are different so you will not " | ||
151 | "be able to use them if you only allow protocol 2 connections." | ||
152 | msgstr "" | ||
153 | "Du skal også bemærke at de nøgler som bliver anvendt til protokol 1 er " | ||
154 | "forskellige, så du vil ikke ævre i stand til at bruge dem, hvis du kun " | ||
155 | "tillader protokol 2 forbindelser." | ||
156 | |||
157 | #. Description | ||
158 | #: ../templates.master:55 | ||
159 | msgid "" | ||
160 | "If you later change your mind about this setting, README.Debian has " | ||
161 | "instructions on what to do to your sshd_config file." | ||
162 | msgstr "" | ||
163 | "Hvis du senere ændrer din mening om denne indstilling, har README.Debian " | ||
164 | "instruktioner på hvad du skal gøre ved din sshd_config fil." | ||
165 | |||
166 | #. Description | ||
167 | #: ../templates.master:69 | ||
168 | msgid "ssh2 keys merged in configuration files" | ||
169 | msgstr "ssh2-nøgler flettet i opsætningsfilerne" | ||
170 | |||
171 | #. Description | ||
172 | #: ../templates.master:69 | ||
173 | msgid "" | ||
174 | "As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 " | ||
175 | "keys. This means the authorized_keys2 and known_hosts2 files are no longer " | ||
176 | "needed. They will still be read in order to maintain backwards compatibility" | ||
177 | msgstr "" | ||
178 | "Siden version 3 har OpenSSH ikke længere separate filer for ssh1- og ssh2-" | ||
179 | "nøgler. Det betyder, at filerne authorized_keys2 og known_hosts2 ikke " | ||
180 | "længere er nødvendige. De vil stadig dog stadig blive læst for " | ||
181 | "bagudkompatilitetens skyld." | ||
182 | |||
183 | #. Description | ||
184 | #: ../templates.master:78 | ||
185 | msgid "Do you want to continue (and risk killing active ssh sessions) ?" | ||
186 | msgstr "Vil du fortsætte (og risikere at afbryde aktive ssh-forbindelser)?" | ||
187 | |||
188 | #. Description | ||
189 | #: ../templates.master:78 | ||
190 | msgid "" | ||
191 | "The version of /etc/init.d/ssh that you have installed, is likely to kill " | ||
192 | "all running sshd instances. If you are doing this upgrade via an ssh " | ||
193 | "session, that would be a Bad Thing(tm)." | ||
194 | msgstr "" | ||
195 | "Den udgave af /etc/init.d/ssh, du har installeret, vil sandsynligvis afbryde " | ||
196 | "alle sshd-dæmoner. Det vil være en rigtigt dårlig idé, hvis du er ved at " | ||
197 | "opgradering via en ssh-forbindelse." | ||
198 | |||
199 | #. Description | ||
200 | #: ../templates.master:78 | ||
201 | msgid "" | ||
202 | "You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-" | ||
203 | "daemon line in the stop section of the file." | ||
204 | msgstr "" | ||
205 | "Du kan afhjælpe dette ved at tilføje \"--pidfile /var/run/sshd.pid\" til " | ||
206 | "'start-stop-daemon'-linjen i stop-afsnittet af filen." | ||
207 | |||
208 | #. Description | ||
209 | #: ../templates.master:88 | ||
210 | msgid "NOTE: Forwarding of X11 and Authorization disabled by default." | ||
211 | msgstr "" | ||
212 | "BEMÆRK: Videregivelse af X11 og adgangkontrol er som standard deaktiveret." | ||
213 | |||
214 | #. Description | ||
215 | #: ../templates.master:88 | ||
216 | #, fuzzy | ||
217 | msgid "" | ||
218 | "For security reasons, the Debian version of ssh has ForwardX11 and " | ||
219 | "ForwardAgent set to ``off'' by default." | ||
220 | msgstr "" | ||
221 | "Af sikkerhedsgrunde har Debianudgaven af ssh sat ForwardX11 og ForwardAgent " | ||
222 | "til 'off' som standard." | ||
223 | |||
224 | #. Description | ||
225 | #: ../templates.master:88 | ||
226 | #, fuzzy | ||
227 | msgid "" | ||
228 | "You can enable it for servers you trust, either in one of the configuration " | ||
229 | "files, or with the -X command line option." | ||
230 | msgstr "" | ||
231 | "Du kan aktivere dem for servere, du stoler på i en af opsætningsfilerne " | ||
232 | "eller med kommandolinjetilvalget '-X'." | ||
233 | |||
234 | #. Description | ||
235 | #: ../templates.master:88 | ||
236 | msgid "More details can be found in /usr/share/doc/ssh/README.Debian" | ||
237 | msgstr "" | ||
238 | |||
239 | #. Description | ||
240 | #: ../templates.master:99 | ||
241 | msgid "Warning: rsh-server is installed --- probably not a good idea" | ||
242 | msgstr "Advarsel: rsh-serveren er installeret --- sikkert ikke en god idé" | ||
243 | |||
244 | #. Description | ||
245 | #: ../templates.master:99 | ||
246 | msgid "" | ||
247 | "having rsh-server installed undermines the security that you were probably " | ||
248 | "wanting to obtain by installing ssh. I'd advise you to remove that package." | ||
249 | msgstr "" | ||
250 | "Den sikkerhed, du nok ønskede at opnå ved at installere ssh undermineres " | ||
251 | "ved, at du har rsh-server installeret. Jeg vil råde dig til at fjerne pakken " | ||
252 | "rsh-server." | ||
253 | |||
254 | #. Description | ||
255 | #: ../templates.master:106 | ||
256 | msgid "Warning: telnetd is installed --- probably not a good idea" | ||
257 | msgstr "Advarsel: telnetd er installeret --- sikkert ikke en god idé" | ||
258 | |||
259 | #. Description | ||
260 | #: ../templates.master:106 | ||
261 | msgid "" | ||
262 | "I'd advise you to either remove the telnetd package (if you don't actually " | ||
263 | "need to offer telnet access) or install telnetd-ssl so that there is at " | ||
264 | "least some chance that telnet sessions will not be sending unencrypted login/" | ||
265 | "password and session information over the network." | ||
266 | msgstr "" | ||
267 | "Jeg vil råde dig til enten at fjerne pakken telnetd (hvis du i virkeligheden " | ||
268 | "ikke har brug for at tilbyde telnet-adgang) eller installere telnetd-ssl, så " | ||
269 | "der i det mindste er en mulighed for, at telnet-sessioner ikke sender " | ||
270 | "adgangskoder og sessions-oplysninger ukrypteret over netværket." | ||
271 | |||
272 | #. Description | ||
273 | #: ../templates.master:114 | ||
274 | msgid "Warning: you must create a new host key" | ||
275 | msgstr "Advarsel: du skal oprette en ny værtsnøgle" | ||
276 | |||
277 | #. Description | ||
278 | #: ../templates.master:114 | ||
279 | #, fuzzy | ||
280 | msgid "" | ||
281 | "There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can " | ||
282 | "not handle this host key file, and I can't find the ssh-keygen utility from " | ||
283 | "the old (non-free) SSH installation." | ||
284 | msgstr "" | ||
285 | "Der ligger en gammel, IDEA-krypteret /etc/ssh/ssh_host_key. OpenSSH kan ikke " | ||
286 | "håndtere sådan en værtsnøglefil, og jeg kan ikke finde værktøjet ssh-keygen " | ||
287 | "fra den gamle (ikke-frie, 'non-free') SSH-installation." | ||
288 | |||
289 | #. Description | ||
290 | #: ../templates.master:114 | ||
291 | msgid "You will need to generate a new host key." | ||
292 | msgstr "" | ||
293 | |||
294 | #. Description | ||
295 | #: ../templates.master:124 | ||
296 | msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?" | ||
297 | msgstr "Vil du have, at /usr/bin/ssh-keysign bliver installeret 'SUID root'?" | ||
298 | |||
299 | #. Description | ||
300 | #: ../templates.master:124 | ||
301 | msgid "" | ||
302 | "You have the option of installing the ssh-keysign helper with the SUID bit " | ||
303 | "set." | ||
304 | msgstr "" | ||
305 | "Du har mulighed for at installere ssh-keysign hjælperen med SUID-flaget sat." | ||
306 | |||
307 | #. Description | ||
308 | #: ../templates.master:124 | ||
309 | msgid "" | ||
310 | "If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-" | ||
311 | "based authentication." | ||
312 | msgstr "" | ||
313 | "Hvis du gør ssh-keysign SUID, vil du blive i stand til at benytte SSH " | ||
314 | "protokol 2's værtsnavn-baserede autentifikation." | ||
315 | |||
316 | #. Description | ||
317 | #: ../templates.master:124 | ||
318 | msgid "" | ||
319 | "If in doubt, I suggest you install it with SUID. If it causes problems you " | ||
320 | "can change your mind later by running: dpkg-reconfigure ssh" | ||
321 | msgstr "" | ||
322 | "Hvis du er i tvivl, vil jeg råde dig til at installere den med SUID. Hvis " | ||
323 | "det skaber problemer, kan du ændre det tilbage igen ved at køre: dpkg-" | ||
324 | "reconfigure ssh" | ||
325 | |||
326 | #. Description | ||
327 | #: ../templates.master:137 | ||
328 | msgid "Do you want to run the sshd server ?" | ||
329 | msgstr "Vil du køre sshd-serveren?" | ||
330 | |||
331 | #. Description | ||
332 | #: ../templates.master:137 | ||
333 | msgid "This package contains both the ssh client, and the sshd server." | ||
334 | msgstr "Denne pakke indeholder både ssh-klienten og sshd-serveren." | ||
335 | |||
336 | #. Description | ||
337 | #: ../templates.master:137 | ||
338 | msgid "" | ||
339 | "Normally the sshd Secure Shell Server will be run to allow remote logins via " | ||
340 | "ssh." | ||
341 | msgstr "" | ||
342 | "Normalt vil sshd sikker skalserver ('Secure Shell Server') blive aktiveret " | ||
343 | "og tillade fjerne brugere i at logge på via ssh." | ||
344 | |||
345 | #. Description | ||
346 | #: ../templates.master:137 | ||
347 | msgid "" | ||
348 | "If you are only interested in using the ssh client for outbound connections " | ||
349 | "on this machine, and don't want to log into it at all using ssh, then you " | ||
350 | "can disable sshd here." | ||
351 | msgstr "" | ||
352 | "Hvis du udelukkende er interesseret i at bruge ssh-klienten til udgående " | ||
353 | "forbindelser fra denne maskine, og ikke ønsker at tilgå denne maskine udefra " | ||
354 | "via ssh, kan du nu deaktivere sshd." | ||
355 | |||
356 | #. Description | ||
357 | #: ../templates.master:149 | ||
358 | msgid "Environment options on keys have been deprecated" | ||
359 | msgstr "" | ||
360 | |||
361 | #. Description | ||
362 | #: ../templates.master:149 | ||
363 | msgid "" | ||
364 | "This version of OpenSSH disables the environment option for public keys by " | ||
365 | "default, in order to avoid certain attacks (for example, LD_PRELOAD). If you " | ||
366 | "are using this option in an authorized_keys file, beware that the keys in " | ||
367 | "question will no longer work until the option is removed." | ||
368 | msgstr "" | ||
369 | |||
370 | #. Description | ||
371 | #: ../templates.master:149 | ||
372 | msgid "" | ||
373 | "To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/" | ||
374 | "sshd_config after the upgrade is complete, taking note of the warning in the " | ||
375 | "sshd_config(5) manual page." | ||
376 | msgstr "" | ||
diff --git a/debian/po/de.po b/debian/po/de.po new file mode 100644 index 000000000..1e363835d --- /dev/null +++ b/debian/po/de.po | |||
@@ -0,0 +1,327 @@ | |||
1 | # | ||
2 | # Translators, if you are not familiar with the PO format, gettext | ||
3 | # documentation is worth reading, especially sections dedicated to | ||
4 | # this format, e.g. by running: | ||
5 | # info -n '(gettext)PO Files' | ||
6 | # info -n '(gettext)Header Entry' | ||
7 | # | ||
8 | # Some information specific to po-debconf are available at | ||
9 | # /usr/share/doc/po-debconf/README-trans | ||
10 | # or http://www.debian.org/intl/l10n/po-debconf/README-trans | ||
11 | # | ||
12 | # Developers do not need to manually edit POT or PO files. | ||
13 | # | ||
14 | #, fuzzy | ||
15 | msgid "" | ||
16 | msgstr "" | ||
17 | "Project-Id-Version: PACKAGE VERSION\n" | ||
18 | "Report-Msgid-Bugs-To: \n" | ||
19 | "POT-Creation-Date: 2003-08-27 02:20+0100\n" | ||
20 | "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" | ||
21 | "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" | ||
22 | "Language-Team: LANGUAGE <LL@li.org>\n" | ||
23 | "MIME-Version: 1.0\n" | ||
24 | "Content-Type: text/plain; charset=ISO-8859-15\n" | ||
25 | "Content-Transfer-Encoding: 8bit\n" | ||
26 | |||
27 | #. Description | ||
28 | #: ../templates.master:3 | ||
29 | msgid "Privilege separation" | ||
30 | msgstr "" | ||
31 | |||
32 | #. Description | ||
33 | #: ../templates.master:3 | ||
34 | msgid "" | ||
35 | "Privilege separation is turned on by default, so if you decide you want it " | ||
36 | "turned off, you need to add \"UsePrivilegeSeparation no\" to /etc/ssh/" | ||
37 | "sshd_config." | ||
38 | msgstr "" | ||
39 | |||
40 | #. Description | ||
41 | #: ../templates.master:19 | ||
42 | msgid "Enable Privilege separation" | ||
43 | msgstr "" | ||
44 | |||
45 | #. Description | ||
46 | #: ../templates.master:19 | ||
47 | msgid "" | ||
48 | "This version of OpenSSH contains the new privilege separation option. This " | ||
49 | "significantly reduces the quantity of code that runs as root, and therefore " | ||
50 | "reduces the impact of security holes in sshd." | ||
51 | msgstr "" | ||
52 | |||
53 | #. Description | ||
54 | #: ../templates.master:19 | ||
55 | msgid "" | ||
56 | "Unfortunately, privilege separation interacts badly with PAM. Any PAM " | ||
57 | "session modules that need to run as root (pam_mkhomedir, for example) will " | ||
58 | "fail, and PAM keyboard-interactive authentication won't work." | ||
59 | msgstr "" | ||
60 | |||
61 | #. Description | ||
62 | #: ../templates.master:19 | ||
63 | msgid "" | ||
64 | "Since you've opted to have me generate an sshd_config file for you, you can " | ||
65 | "choose whether or not to have Privilege Separation turned on or not. Unless " | ||
66 | "you know you need to use PAM features that won't work with this option, you " | ||
67 | "should say yes here." | ||
68 | msgstr "" | ||
69 | |||
70 | #. Description | ||
71 | #: ../templates.master:36 | ||
72 | msgid "Generate new configuration file" | ||
73 | msgstr "" | ||
74 | |||
75 | #. Description | ||
76 | #: ../templates.master:36 | ||
77 | msgid "" | ||
78 | "This version of OpenSSH has a considerably changed configuration file from " | ||
79 | "the version shipped in Debian 'Potato', which you appear to be upgrading " | ||
80 | "from. I can now generate you a new configuration file (/etc/ssh/sshd." | ||
81 | "config), which will work with the new server version, but will not contain " | ||
82 | "any customisations you made with the old version." | ||
83 | msgstr "" | ||
84 | |||
85 | #. Description | ||
86 | #: ../templates.master:36 | ||
87 | msgid "" | ||
88 | "Please note that this new configuration file will set the value of " | ||
89 | "'PermitRootLogin' to yes (meaning that anyone knowing the root password can " | ||
90 | "ssh directly in as root). It is the opinion of the maintainer that this is " | ||
91 | "the correct default (see README.Debian for more details), but you can always " | ||
92 | "edit sshd_config and set it to no if you wish." | ||
93 | msgstr "" | ||
94 | |||
95 | #. Description | ||
96 | #: ../templates.master:36 | ||
97 | msgid "" | ||
98 | "It is strongly recommended that you let me generate a new configuration file " | ||
99 | "for you." | ||
100 | msgstr "" | ||
101 | |||
102 | #. Description | ||
103 | #: ../templates.master:55 | ||
104 | msgid "Allow SSH protocol 2 only" | ||
105 | msgstr "" | ||
106 | |||
107 | #. Description | ||
108 | #: ../templates.master:55 | ||
109 | msgid "" | ||
110 | "This version of OpenSSH supports version 2 of the ssh protocol, which is " | ||
111 | "much more secure. Disabling ssh 1 is encouraged, however this will slow " | ||
112 | "things down on low end machines and might prevent older clients from " | ||
113 | "connecting (the ssh client shipped with \"potato\" is affected)." | ||
114 | msgstr "" | ||
115 | |||
116 | #. Description | ||
117 | #: ../templates.master:55 | ||
118 | msgid "" | ||
119 | "Also please note that keys used for protocol 1 are different so you will not " | ||
120 | "be able to use them if you only allow protocol 2 connections." | ||
121 | msgstr "" | ||
122 | |||
123 | #. Description | ||
124 | #: ../templates.master:55 | ||
125 | msgid "" | ||
126 | "If you later change your mind about this setting, README.Debian has " | ||
127 | "instructions on what to do to your sshd_config file." | ||
128 | msgstr "" | ||
129 | |||
130 | #. Description | ||
131 | #: ../templates.master:69 | ||
132 | msgid "ssh2 keys merged in configuration files" | ||
133 | msgstr "" | ||
134 | |||
135 | #. Description | ||
136 | #: ../templates.master:69 | ||
137 | msgid "" | ||
138 | "As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 " | ||
139 | "keys. This means the authorized_keys2 and known_hosts2 files are no longer " | ||
140 | "needed. They will still be read in order to maintain backwards compatibility" | ||
141 | msgstr "" | ||
142 | |||
143 | #. Description | ||
144 | #: ../templates.master:78 | ||
145 | msgid "Do you want to continue (and risk killing active ssh sessions) ?" | ||
146 | msgstr "Wollen Sie weitermachen (und das Killen der Session riskieren)?" | ||
147 | |||
148 | #. Description | ||
149 | #: ../templates.master:78 | ||
150 | msgid "" | ||
151 | "The version of /etc/init.d/ssh that you have installed, is likely to kill " | ||
152 | "all running sshd instances. If you are doing this upgrade via an ssh " | ||
153 | "session, that would be a Bad Thing(tm)." | ||
154 | msgstr "" | ||
155 | "Die Version von /etc/init.d/ssh, die Sie installiert haben, wird vermutlich " | ||
156 | "Ihre aktiven ssh-Instanzen killen. Wenn Sie das Upgrade via ssh erledigen, " | ||
157 | "dann ist das ein Problem." | ||
158 | |||
159 | #. Description | ||
160 | #: ../templates.master:78 | ||
161 | msgid "" | ||
162 | "You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-" | ||
163 | "daemon line in the stop section of the file." | ||
164 | msgstr "" | ||
165 | "Sie können das Problem beheben, indem sie \"--pidfile /var/run/sshd.pid\" an " | ||
166 | "die start-stop-daemon Zeile in dem Bereich stop der Datei /etc/init.d/ssh " | ||
167 | "ergänzen." | ||
168 | |||
169 | #. Description | ||
170 | #: ../templates.master:88 | ||
171 | msgid "NOTE: Forwarding of X11 and Authorization disabled by default." | ||
172 | msgstr "HINWEIS: Forwarden von X11 und Authorisierung ist abgeschaltet." | ||
173 | |||
174 | #. Description | ||
175 | #: ../templates.master:88 | ||
176 | msgid "" | ||
177 | "For security reasons, the Debian version of ssh has ForwardX11 and " | ||
178 | "ForwardAgent set to ``off'' by default." | ||
179 | msgstr "" | ||
180 | "Aus Sicherheitsgründen sind die Debian Pakete von ssh ForwardX11 und " | ||
181 | "ForwardAgent auf \"off\" gesetzt." | ||
182 | |||
183 | #. Description | ||
184 | #: ../templates.master:88 | ||
185 | msgid "" | ||
186 | "You can enable it for servers you trust, either in one of the configuration " | ||
187 | "files, or with the -X command line option." | ||
188 | msgstr "" | ||
189 | "Sie können dies für Server, denen Sie trauen, entweder per Eintrag in die " | ||
190 | "Konfigurations Dateien oder per Kommando-Zeilen Option -X ändern." | ||
191 | |||
192 | #. Description | ||
193 | #: ../templates.master:88 | ||
194 | msgid "More details can be found in /usr/share/doc/ssh/README.Debian" | ||
195 | msgstr "" | ||
196 | "Weitere Details koennen Sie in /usr/share/doc/ssh/README.Debian finden." | ||
197 | |||
198 | #. Description | ||
199 | #: ../templates.master:99 | ||
200 | msgid "Warning: rsh-server is installed --- probably not a good idea" | ||
201 | msgstr "Warnung: rsh-server ist installiert --- möglicherweise" | ||
202 | |||
203 | #. Description | ||
204 | #: ../templates.master:99 | ||
205 | msgid "" | ||
206 | "having rsh-server installed undermines the security that you were probably " | ||
207 | "wanting to obtain by installing ssh. I'd advise you to remove that package." | ||
208 | msgstr "" | ||
209 | "ist es eine schlechte Idee, den rsh-server installiert zu haben, da er die " | ||
210 | "Sicherheit untergräbt. Wir empfehlen, das Paket zu entfernen." | ||
211 | |||
212 | #. Description | ||
213 | #: ../templates.master:106 | ||
214 | msgid "Warning: telnetd is installed --- probably not a good idea" | ||
215 | msgstr "Warnung: telnetd ist installiert --- schlechte Idee" | ||
216 | |||
217 | #. Description | ||
218 | #: ../templates.master:106 | ||
219 | msgid "" | ||
220 | "I'd advise you to either remove the telnetd package (if you don't actually " | ||
221 | "need to offer telnet access) or install telnetd-ssl so that there is at " | ||
222 | "least some chance that telnet sessions will not be sending unencrypted login/" | ||
223 | "password and session information over the network." | ||
224 | msgstr "" | ||
225 | "Wir empfehlen das telnetd Paket zu entfernen (falls Sie keinen telnet Zugang " | ||
226 | "anbieten) oder telnetd-ssl zu installieren, so daß Sie verhindern können, " | ||
227 | "daß Login und Password unverschlüsselt durch das Netz gesendet werden." | ||
228 | |||
229 | #. Description | ||
230 | #: ../templates.master:114 | ||
231 | msgid "Warning: you must create a new host key" | ||
232 | msgstr "Warnung: Sie müssen einen neuen Host Key erzeugen" | ||
233 | |||
234 | #. Description | ||
235 | #: ../templates.master:114 | ||
236 | #, fuzzy | ||
237 | msgid "" | ||
238 | "There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can " | ||
239 | "not handle this host key file, and I can't find the ssh-keygen utility from " | ||
240 | "the old (non-free) SSH installation." | ||
241 | msgstr "" | ||
242 | "Es existiert eine alte Variante von /etc/ssh/ssh_host_key welche per IDEA " | ||
243 | "verschlüsselt ist. OpenSSH kann eine solche Host Key Datei nicht lesen und " | ||
244 | "ssh-keygen von der alten (nicht-freien) ssh Installation kann nicht gefunden " | ||
245 | "werden." | ||
246 | |||
247 | #. Description | ||
248 | #: ../templates.master:114 | ||
249 | msgid "You will need to generate a new host key." | ||
250 | msgstr "" | ||
251 | |||
252 | #. Description | ||
253 | #: ../templates.master:124 | ||
254 | msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?" | ||
255 | msgstr "" | ||
256 | |||
257 | #. Description | ||
258 | #: ../templates.master:124 | ||
259 | msgid "" | ||
260 | "You have the option of installing the ssh-keysign helper with the SUID bit " | ||
261 | "set." | ||
262 | msgstr "" | ||
263 | |||
264 | #. Description | ||
265 | #: ../templates.master:124 | ||
266 | msgid "" | ||
267 | "If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-" | ||
268 | "based authentication." | ||
269 | msgstr "" | ||
270 | |||
271 | #. Description | ||
272 | #: ../templates.master:124 | ||
273 | msgid "" | ||
274 | "If in doubt, I suggest you install it with SUID. If it causes problems you " | ||
275 | "can change your mind later by running: dpkg-reconfigure ssh" | ||
276 | msgstr "" | ||
277 | |||
278 | #. Description | ||
279 | #: ../templates.master:137 | ||
280 | msgid "Do you want to run the sshd server ?" | ||
281 | msgstr "Möchten Sie den sshd Server starten?" | ||
282 | |||
283 | #. Description | ||
284 | #: ../templates.master:137 | ||
285 | msgid "This package contains both the ssh client, and the sshd server." | ||
286 | msgstr "Das Paket enthält sowohl den Client als auch den sshd Server." | ||
287 | |||
288 | #. Description | ||
289 | #: ../templates.master:137 | ||
290 | msgid "" | ||
291 | "Normally the sshd Secure Shell Server will be run to allow remote logins via " | ||
292 | "ssh." | ||
293 | msgstr "" | ||
294 | "Normal wird der sshd Secure Shell Server für Remote Logins per ssh gestartet." | ||
295 | |||
296 | #. Description | ||
297 | #: ../templates.master:137 | ||
298 | msgid "" | ||
299 | "If you are only interested in using the ssh client for outbound connections " | ||
300 | "on this machine, and don't want to log into it at all using ssh, then you " | ||
301 | "can disable sshd here." | ||
302 | msgstr "" | ||
303 | "Wenn Sie nur den ssh client nutzen wollen, um sich mit anderen Rechnern zu " | ||
304 | "verbinden und sich nicht per ssh in diesen Computer einloggen wollen, dann " | ||
305 | "können Sie hier den sshd abschalten." | ||
306 | |||
307 | #. Description | ||
308 | #: ../templates.master:149 | ||
309 | msgid "Environment options on keys have been deprecated" | ||
310 | msgstr "" | ||
311 | |||
312 | #. Description | ||
313 | #: ../templates.master:149 | ||
314 | msgid "" | ||
315 | "This version of OpenSSH disables the environment option for public keys by " | ||
316 | "default, in order to avoid certain attacks (for example, LD_PRELOAD). If you " | ||
317 | "are using this option in an authorized_keys file, beware that the keys in " | ||
318 | "question will no longer work until the option is removed." | ||
319 | msgstr "" | ||
320 | |||
321 | #. Description | ||
322 | #: ../templates.master:149 | ||
323 | msgid "" | ||
324 | "To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/" | ||
325 | "sshd_config after the upgrade is complete, taking note of the warning in the " | ||
326 | "sshd_config(5) manual page." | ||
327 | msgstr "" | ||
diff --git a/debian/po/es.po b/debian/po/es.po new file mode 100644 index 000000000..92cfbe2bd --- /dev/null +++ b/debian/po/es.po | |||
@@ -0,0 +1,392 @@ | |||
1 | # | ||
2 | # Translators, if you are not familiar with the PO format, gettext | ||
3 | # documentation is worth reading, especially sections dedicated to | ||
4 | # this format, e.g. by running: | ||
5 | # info -n '(gettext)PO Files' | ||
6 | # info -n '(gettext)Header Entry' | ||
7 | # | ||
8 | # Some information specific to po-debconf are available at | ||
9 | # /usr/share/doc/po-debconf/README-trans | ||
10 | # or http://www.debian.org/intl/l10n/po-debconf/README-trans | ||
11 | # | ||
12 | # Developers do not need to manually edit POT or PO files. | ||
13 | # | ||
14 | # Carlos Valdivia Yagüe <valyag@dat,etsit.upm.es>, 2003 | ||
15 | # | ||
16 | msgid "" | ||
17 | msgstr "" | ||
18 | "Project-Id-Version: openssh 3.6.1p2-3\n" | ||
19 | "Report-Msgid-Bugs-To: \n" | ||
20 | "POT-Creation-Date: 2003-08-27 02:20+0100\n" | ||
21 | "PO-Revision-Date: 2003-06-21 15:30+0200\n" | ||
22 | "Last-Translator: Carlos Valdivia Yagüe <valyag@dat.etsit.upm.es>\n" | ||
23 | "Language-Team: Debian L10n Spanish <debian-l10n-spanish@lists.debian.org>\n" | ||
24 | "MIME-Version: 1.0\n" | ||
25 | "Content-Type: text/plain; charset=ISO-8859-15\n" | ||
26 | "Content-Transfer-Encoding: 8bit\n" | ||
27 | |||
28 | #. Description | ||
29 | #: ../templates.master:3 | ||
30 | msgid "Privilege separation" | ||
31 | msgstr "Separación de privilegios" | ||
32 | |||
33 | #. Description | ||
34 | #: ../templates.master:3 | ||
35 | msgid "" | ||
36 | "Privilege separation is turned on by default, so if you decide you want it " | ||
37 | "turned off, you need to add \"UsePrivilegeSeparation no\" to /etc/ssh/" | ||
38 | "sshd_config." | ||
39 | msgstr "" | ||
40 | "La separación de privilegios está activa por defecto, por lo que si decide " | ||
41 | "desactivarla, tiene que añadir \"UsePrivilegeSeparation no\" al fichero /etc/" | ||
42 | "ssh/sshd_config." | ||
43 | |||
44 | #. Description | ||
45 | #: ../templates.master:19 | ||
46 | msgid "Enable Privilege separation" | ||
47 | msgstr "Activar separación de privilegios" | ||
48 | |||
49 | #. Description | ||
50 | #: ../templates.master:19 | ||
51 | msgid "" | ||
52 | "This version of OpenSSH contains the new privilege separation option. This " | ||
53 | "significantly reduces the quantity of code that runs as root, and therefore " | ||
54 | "reduces the impact of security holes in sshd." | ||
55 | msgstr "" | ||
56 | "Esta versión de OpenSSH incluye una nueva opción de separación de " | ||
57 | "privilegios que reduce significativamente la cantidad de código que se " | ||
58 | "ejecuta como root, por lo que reduce el impacto de posibles agujeros de " | ||
59 | "seguridad en sshd." | ||
60 | |||
61 | #. Description | ||
62 | #: ../templates.master:19 | ||
63 | msgid "" | ||
64 | "Unfortunately, privilege separation interacts badly with PAM. Any PAM " | ||
65 | "session modules that need to run as root (pam_mkhomedir, for example) will " | ||
66 | "fail, and PAM keyboard-interactive authentication won't work." | ||
67 | msgstr "" | ||
68 | "Desafortunadamente, la separación de privilegios no funciona correctamente " | ||
69 | "con PAM. Cualquier módulo PAM que necesite ejecutarse como root (como, por " | ||
70 | "ejemplo, pam_mkhomedir) y la autentificación interactiva PAM con teclado no " | ||
71 | "funcionarán." | ||
72 | |||
73 | #. Description | ||
74 | #: ../templates.master:19 | ||
75 | #, fuzzy | ||
76 | msgid "" | ||
77 | "Since you've opted to have me generate an sshd_config file for you, you can " | ||
78 | "choose whether or not to have Privilege Separation turned on or not. Unless " | ||
79 | "you know you need to use PAM features that won't work with this option, you " | ||
80 | "should say yes here." | ||
81 | msgstr "" | ||
82 | "Puesto que ha elegido crear automáticamente el fichero sshd_config, puede " | ||
83 | "decidir ahora si quiere activar la opción de separación de privilegios. A " | ||
84 | "menos que utilice la versión 2.0 (en cuyo caso debe responer no aquí o sshd " | ||
85 | "no arrancará) o sepa que necesita usar ciertas características de PAM que " | ||
86 | "funcionan con esta opción, debería responder sí a esta pregunta." | ||
87 | |||
88 | #. Description | ||
89 | #: ../templates.master:36 | ||
90 | msgid "Generate new configuration file" | ||
91 | msgstr "Generar un nuevo fichero de configuración" | ||
92 | |||
93 | #. Description | ||
94 | #: ../templates.master:36 | ||
95 | msgid "" | ||
96 | "This version of OpenSSH has a considerably changed configuration file from " | ||
97 | "the version shipped in Debian 'Potato', which you appear to be upgrading " | ||
98 | "from. I can now generate you a new configuration file (/etc/ssh/sshd." | ||
99 | "config), which will work with the new server version, but will not contain " | ||
100 | "any customisations you made with the old version." | ||
101 | msgstr "" | ||
102 | "Esta versión de OpenSSH tiene un fichero de configuración considerablemente " | ||
103 | "diferente del incluido en Debian Potato, que es la versión desde la que " | ||
104 | "parece estar actualizando. Puede crear automáticamente un nuevo fichero de " | ||
105 | "configuración (/etc/ssh/sshd_config), que funcionará con la nueva versión " | ||
106 | "del servidor, pero no incuirá las modificaciones que hiciera en la versión " | ||
107 | "antigua." | ||
108 | |||
109 | #. Description | ||
110 | #: ../templates.master:36 | ||
111 | msgid "" | ||
112 | "Please note that this new configuration file will set the value of " | ||
113 | "'PermitRootLogin' to yes (meaning that anyone knowing the root password can " | ||
114 | "ssh directly in as root). It is the opinion of the maintainer that this is " | ||
115 | "the correct default (see README.Debian for more details), but you can always " | ||
116 | "edit sshd_config and set it to no if you wish." | ||
117 | msgstr "" | ||
118 | "Además, recuerde que este nuevo fichero de configuración dirá sí en la " | ||
119 | "opción 'PermitRootLogin', por lo que cualquiera que conozca la contraseña de " | ||
120 | "root podrá entrar mediante ssh directamente como root. En opinión del " | ||
121 | "mantenedor ésta es la opción predeterminada más adecuada (puede leer README." | ||
122 | "Debian si quiere conocer más detalles), pero siempre puede editar " | ||
123 | "sshd_config y poner no si lo desea." | ||
124 | |||
125 | #. Description | ||
126 | #: ../templates.master:36 | ||
127 | msgid "" | ||
128 | "It is strongly recommended that you let me generate a new configuration file " | ||
129 | "for you." | ||
130 | msgstr "" | ||
131 | "Es muy recomendable que permita que se genere un nuevo fichero de " | ||
132 | "configuración ahora." | ||
133 | |||
134 | #. Description | ||
135 | #: ../templates.master:55 | ||
136 | msgid "Allow SSH protocol 2 only" | ||
137 | msgstr "Permitir sólo la versión 2 del protocolo SSH" | ||
138 | |||
139 | #. Description | ||
140 | #: ../templates.master:55 | ||
141 | msgid "" | ||
142 | "This version of OpenSSH supports version 2 of the ssh protocol, which is " | ||
143 | "much more secure. Disabling ssh 1 is encouraged, however this will slow " | ||
144 | "things down on low end machines and might prevent older clients from " | ||
145 | "connecting (the ssh client shipped with \"potato\" is affected)." | ||
146 | msgstr "" | ||
147 | "Esta versión de OpenSSH soporta la versión 2 del protocolo ssh, que es mucho " | ||
148 | "más segura que la anterior. Se recomienda desactivar la versión 1, aunque " | ||
149 | "funcionará más lento en máquinas modestas y puede impedir que se conecten " | ||
150 | "clientes antiguos, como, por ejemplo, el incluido en \"potato\"." | ||
151 | |||
152 | #. Description | ||
153 | #: ../templates.master:55 | ||
154 | msgid "" | ||
155 | "Also please note that keys used for protocol 1 are different so you will not " | ||
156 | "be able to use them if you only allow protocol 2 connections." | ||
157 | msgstr "" | ||
158 | "También tenga en cuenta que las claves utilizadas para el protocolo 1 son " | ||
159 | "diferentes, por lo que no podrá usarlas si únicamente permite conexiones " | ||
160 | "mediante la versión 2 del protocolo." | ||
161 | |||
162 | #. Description | ||
163 | #: ../templates.master:55 | ||
164 | msgid "" | ||
165 | "If you later change your mind about this setting, README.Debian has " | ||
166 | "instructions on what to do to your sshd_config file." | ||
167 | msgstr "" | ||
168 | "Si más tarde cambia de opinión, el fichero README.Debian contiene " | ||
169 | "instrucciones sobre cómo modificar en el fichero sshd_config." | ||
170 | |||
171 | #. Description | ||
172 | #: ../templates.master:69 | ||
173 | msgid "ssh2 keys merged in configuration files" | ||
174 | msgstr "Las claves ssh2 ya se incluyen en los ficheros de configuración" | ||
175 | |||
176 | #. Description | ||
177 | #: ../templates.master:69 | ||
178 | msgid "" | ||
179 | "As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 " | ||
180 | "keys. This means the authorized_keys2 and known_hosts2 files are no longer " | ||
181 | "needed. They will still be read in order to maintain backwards compatibility" | ||
182 | msgstr "" | ||
183 | "A partir de la versión 3, OpenSSH ya no utiliza ficheros diferentes para las " | ||
184 | "claves ssh1 y ssh2. Esto quiere decir que ya no son necesarios los ficheros " | ||
185 | "authorized_keys2 y known_hosts2, aunque aún se seguirán leyendo para " | ||
186 | "mantener compatibilidad hacia atrás." | ||
187 | |||
188 | #. Description | ||
189 | #: ../templates.master:78 | ||
190 | msgid "Do you want to continue (and risk killing active ssh sessions) ?" | ||
191 | msgstr "¿Desea continuar, aún a riesgo de matar las sesiones ssh activas?" | ||
192 | |||
193 | #. Description | ||
194 | #: ../templates.master:78 | ||
195 | msgid "" | ||
196 | "The version of /etc/init.d/ssh that you have installed, is likely to kill " | ||
197 | "all running sshd instances. If you are doing this upgrade via an ssh " | ||
198 | "session, that would be a Bad Thing(tm)." | ||
199 | msgstr "" | ||
200 | "La versión de /etc/init.d/ssh que tiene instalada es muy probable que mate " | ||
201 | "el demonio ssh. Si está actualizando a través de una sesión ssh, puede que " | ||
202 | "no sea muy buena idea." | ||
203 | |||
204 | #. Description | ||
205 | #: ../templates.master:78 | ||
206 | msgid "" | ||
207 | "You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-" | ||
208 | "daemon line in the stop section of the file." | ||
209 | msgstr "" | ||
210 | "Puede arreglarlo añadiendo \"--pidfile /var/run/sshd.pid\" a la línea 'start-" | ||
211 | "stop-daemon', en la sección 'stop' del fichero." | ||
212 | |||
213 | #. Description | ||
214 | #: ../templates.master:88 | ||
215 | msgid "NOTE: Forwarding of X11 and Authorization disabled by default." | ||
216 | msgstr "NOTA: Reenvío de X11 y Autorización desactivadas por defecto." | ||
217 | |||
218 | #. Description | ||
219 | #: ../templates.master:88 | ||
220 | msgid "" | ||
221 | "For security reasons, the Debian version of ssh has ForwardX11 and " | ||
222 | "ForwardAgent set to ``off'' by default." | ||
223 | msgstr "" | ||
224 | "Por razones de seguridad, la versión de ssh de Debian tiene por defecto " | ||
225 | "ForwardX11 y ForwardAgent desactivadas." | ||
226 | |||
227 | #. Description | ||
228 | #: ../templates.master:88 | ||
229 | msgid "" | ||
230 | "You can enable it for servers you trust, either in one of the configuration " | ||
231 | "files, or with the -X command line option." | ||
232 | msgstr "" | ||
233 | "Puede activar estas opciones para los servidores en los que confíe, en los " | ||
234 | "ficheros de configuración o con la opción -X en línea de comandos." | ||
235 | |||
236 | #. Description | ||
237 | #: ../templates.master:88 | ||
238 | msgid "More details can be found in /usr/share/doc/ssh/README.Debian" | ||
239 | msgstr "Puede encontrar más detalles en /usr/share/doc/ssh/README.Debian." | ||
240 | |||
241 | #. Description | ||
242 | #: ../templates.master:99 | ||
243 | msgid "Warning: rsh-server is installed --- probably not a good idea" | ||
244 | msgstr "Aviso: tiene rsh-server instalado" | ||
245 | |||
246 | #. Description | ||
247 | #: ../templates.master:99 | ||
248 | msgid "" | ||
249 | "having rsh-server installed undermines the security that you were probably " | ||
250 | "wanting to obtain by installing ssh. I'd advise you to remove that package." | ||
251 | msgstr "" | ||
252 | "Tener rsh-server instalado representa un menoscabo de la seguridad que " | ||
253 | "probablemente desea obtener instalando ssh. Es muy aconsejable que borre ese " | ||
254 | "paquete." | ||
255 | |||
256 | #. Description | ||
257 | #: ../templates.master:106 | ||
258 | msgid "Warning: telnetd is installed --- probably not a good idea" | ||
259 | msgstr "Aviso: tiene telnetd instalado" | ||
260 | |||
261 | #. Description | ||
262 | #: ../templates.master:106 | ||
263 | msgid "" | ||
264 | "I'd advise you to either remove the telnetd package (if you don't actually " | ||
265 | "need to offer telnet access) or install telnetd-ssl so that there is at " | ||
266 | "least some chance that telnet sessions will not be sending unencrypted login/" | ||
267 | "password and session information over the network." | ||
268 | msgstr "" | ||
269 | "Es muy aconsejable que borre el paquete telnetd si no necesita realmente " | ||
270 | "ofrecer acceso mediante telnet o instalar telnetd-ssl para que las " | ||
271 | "contraseñas, nombres de usuario y demás información de las sesiones telnet " | ||
272 | "no viajen sin cifrar por la red." | ||
273 | |||
274 | #. Description | ||
275 | #: ../templates.master:114 | ||
276 | msgid "Warning: you must create a new host key" | ||
277 | msgstr "Aviso: debe crear una nueva clave para su servidor" | ||
278 | |||
279 | #. Description | ||
280 | #: ../templates.master:114 | ||
281 | msgid "" | ||
282 | "There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can " | ||
283 | "not handle this host key file, and I can't find the ssh-keygen utility from " | ||
284 | "the old (non-free) SSH installation." | ||
285 | msgstr "" | ||
286 | "Su sistema tiene un /etc/ssh/ssh_host_key antiguo, que usa cifrado IDEA. " | ||
287 | "OpenSSH no puede manejar este fichero de claves y tampoco se encuentra la " | ||
288 | "utilidad ssh-keygen incluida en el paquete ssh no libre." | ||
289 | |||
290 | #. Description | ||
291 | #: ../templates.master:114 | ||
292 | msgid "You will need to generate a new host key." | ||
293 | msgstr "Necesitará generar una nueva clave para su servidor." | ||
294 | |||
295 | #. Description | ||
296 | #: ../templates.master:124 | ||
297 | msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?" | ||
298 | msgstr "¿Quiere instalar /usr/lib/ssh-keysign SUID root?" | ||
299 | |||
300 | #. Description | ||
301 | #: ../templates.master:124 | ||
302 | msgid "" | ||
303 | "You have the option of installing the ssh-keysign helper with the SUID bit " | ||
304 | "set." | ||
305 | msgstr "" | ||
306 | "Puede instalar ssh-keysign con el bit SUID (se ejecutará con privilegios de " | ||
307 | "root)." | ||
308 | |||
309 | #. Description | ||
310 | #: ../templates.master:124 | ||
311 | msgid "" | ||
312 | "If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-" | ||
313 | "based authentication." | ||
314 | msgstr "" | ||
315 | "Si hace ssh-keysign SUID, podrá usar la autentificiación basada en servidor " | ||
316 | "de la versión 2 del protocolo SSH." | ||
317 | |||
318 | #. Description | ||
319 | #: ../templates.master:124 | ||
320 | msgid "" | ||
321 | "If in doubt, I suggest you install it with SUID. If it causes problems you " | ||
322 | "can change your mind later by running: dpkg-reconfigure ssh" | ||
323 | msgstr "" | ||
324 | "Si duda, se recomienda que lo instale SUID. Si le causa problemas puede " | ||
325 | "cambiar de opinión posteriormente ejecutando «dpkg-reconfigure ssh»." | ||
326 | |||
327 | #. Description | ||
328 | #: ../templates.master:137 | ||
329 | msgid "Do you want to run the sshd server ?" | ||
330 | msgstr "¿Quiere ejecutar el servidor sshd?" | ||
331 | |||
332 | #. Description | ||
333 | #: ../templates.master:137 | ||
334 | msgid "This package contains both the ssh client, and the sshd server." | ||
335 | msgstr "Este paquete contiene el cliente ssh y el servidor sshd." | ||
336 | |||
337 | #. Description | ||
338 | #: ../templates.master:137 | ||
339 | msgid "" | ||
340 | "Normally the sshd Secure Shell Server will be run to allow remote logins via " | ||
341 | "ssh." | ||
342 | msgstr "" | ||
343 | "Generalmente, el servidor de ssh (Secure Shell Server) se ejecuta para " | ||
344 | "permitir el acceso remoto mediante ssh." | ||
345 | |||
346 | #. Description | ||
347 | #: ../templates.master:137 | ||
348 | msgid "" | ||
349 | "If you are only interested in using the ssh client for outbound connections " | ||
350 | "on this machine, and don't want to log into it at all using ssh, then you " | ||
351 | "can disable sshd here." | ||
352 | msgstr "" | ||
353 | "Si sólo está interesado en usar el cliente ssh en conexiones salientes del " | ||
354 | "sistema y no quiere acceder a él mediante ssh, entonces puede desactivar " | ||
355 | "sshd." | ||
356 | |||
357 | #. Description | ||
358 | #: ../templates.master:149 | ||
359 | msgid "Environment options on keys have been deprecated" | ||
360 | msgstr "Las opciones de entorno para las claves, en desuso" | ||
361 | |||
362 | #. Description | ||
363 | #: ../templates.master:149 | ||
364 | msgid "" | ||
365 | "This version of OpenSSH disables the environment option for public keys by " | ||
366 | "default, in order to avoid certain attacks (for example, LD_PRELOAD). If you " | ||
367 | "are using this option in an authorized_keys file, beware that the keys in " | ||
368 | "question will no longer work until the option is removed." | ||
369 | msgstr "" | ||
370 | "Esta versión de OpenSSH tiene desactivada por defecto la opción de entorno " | ||
371 | "para las claves públicas, para evitar ciertos ataques (por ejemplo, basados " | ||
372 | "en LD_PRELOAD). Si utiliza esta opción en un fichero authorized_keys, las " | ||
373 | "claves implicadas no funcionarán hasta que borre la opción." | ||
374 | |||
375 | #. Description | ||
376 | #: ../templates.master:149 | ||
377 | msgid "" | ||
378 | "To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/" | ||
379 | "sshd_config after the upgrade is complete, taking note of the warning in the " | ||
380 | "sshd_config(5) manual page." | ||
381 | msgstr "" | ||
382 | "Para volver a activar esta opción, escriba \"PermitUserEnvironment yes\" en /" | ||
383 | "etc/ssh/sshd_config al terminar la actualización, teniendo en cuenta el " | ||
384 | "aviso de la página de manual de sshd_config(5)." | ||
385 | |||
386 | #~ msgid "" | ||
387 | #~ "NB! If you are running a 2.0 series Linux kernel, then privilege " | ||
388 | #~ "separation will not work at all, and your sshd will fail to start unless " | ||
389 | #~ "you explicitly turn privilege separation off." | ||
390 | #~ msgstr "" | ||
391 | #~ "Nota: Si utiliza un núcleo Linux 2.0, la separación de privilegios " | ||
392 | #~ "fallará estrepitosamente y sshd no funcionará a no ser que la desactive." | ||
diff --git a/debian/po/fr.po b/debian/po/fr.po new file mode 100644 index 000000000..d72a5d5d7 --- /dev/null +++ b/debian/po/fr.po | |||
@@ -0,0 +1,407 @@ | |||
1 | # | ||
2 | # Translators, if you are not familiar with the PO format, gettext | ||
3 | # documentation is worth reading, especially sections dedicated to | ||
4 | # this format, e.g. by running: | ||
5 | # info -n '(gettext)PO Files' | ||
6 | # info -n '(gettext)Header Entry' | ||
7 | # | ||
8 | # Some information specific to po-debconf are available at | ||
9 | # /usr/share/doc/po-debconf/README-trans | ||
10 | # or http://www.debian.org/intl/l10n/po-debconf/README-trans | ||
11 | # | ||
12 | # Developers do not need to manually edit POT or PO files. | ||
13 | # | ||
14 | msgid "" | ||
15 | msgstr "" | ||
16 | "Project-Id-Version: openssh 3.6.1p2-2\n" | ||
17 | "Report-Msgid-Bugs-To: \n" | ||
18 | "POT-Creation-Date: 2003-08-27 02:20+0100\n" | ||
19 | "PO-Revision-Date: 2003-05-22 10:34+0200\n" | ||
20 | "Last-Translator: Denis Barbier <barbier@debian.org>\n" | ||
21 | "Language-Team: French <Debian-l10n-french@lists.debian.org>\n" | ||
22 | "MIME-Version: 1.0\n" | ||
23 | "Content-Type: text/plain; charset=ISO-8859-15\n" | ||
24 | "Content-Transfer-Encoding: 8bit\n" | ||
25 | |||
26 | #. Description | ||
27 | #: ../templates.master:3 | ||
28 | msgid "Privilege separation" | ||
29 | msgstr "Séparation des privilèges" | ||
30 | |||
31 | #. Description | ||
32 | #: ../templates.master:3 | ||
33 | msgid "" | ||
34 | "Privilege separation is turned on by default, so if you decide you want it " | ||
35 | "turned off, you need to add \"UsePrivilegeSeparation no\" to /etc/ssh/" | ||
36 | "sshd_config." | ||
37 | msgstr "" | ||
38 | "La séparation des privilèges est activée par défaut ; si vous souhaitez la " | ||
39 | "désactiver, vous devez ajouter « UsePrivilegeSeparation no » dans /etc/ssh/" | ||
40 | "sshd_config." | ||
41 | |||
42 | #. Description | ||
43 | #: ../templates.master:19 | ||
44 | msgid "Enable Privilege separation" | ||
45 | msgstr "Activer la séparation des privilèges" | ||
46 | |||
47 | #. Description | ||
48 | #: ../templates.master:19 | ||
49 | msgid "" | ||
50 | "This version of OpenSSH contains the new privilege separation option. This " | ||
51 | "significantly reduces the quantity of code that runs as root, and therefore " | ||
52 | "reduces the impact of security holes in sshd." | ||
53 | msgstr "" | ||
54 | "Cette version d'OpenSSH est livrée avec la nouvelle option de séparation des " | ||
55 | "privilèges. Cela réduit de manière significative la quantité de code " | ||
56 | "s'exécutant en tant que super-utilisateur, et donc réduit l'impact des trous " | ||
57 | "de sécurité dans sshd." | ||
58 | |||
59 | #. Description | ||
60 | #: ../templates.master:19 | ||
61 | msgid "" | ||
62 | "Unfortunately, privilege separation interacts badly with PAM. Any PAM " | ||
63 | "session modules that need to run as root (pam_mkhomedir, for example) will " | ||
64 | "fail, and PAM keyboard-interactive authentication won't work." | ||
65 | msgstr "" | ||
66 | "Malheureusement, la séparation des privilèges interagit mal avec PAM. Tous " | ||
67 | "les modules de session PAM qui doivent être exécutés en tant que super-" | ||
68 | "utilisateur (pam_mkhomedir, par exemple) ne s'exécuteront pas, et " | ||
69 | "l'authentification interactive au clavier ne fonctionnera pas." | ||
70 | |||
71 | #. Description | ||
72 | #: ../templates.master:19 | ||
73 | #, fuzzy | ||
74 | msgid "" | ||
75 | "Since you've opted to have me generate an sshd_config file for you, you can " | ||
76 | "choose whether or not to have Privilege Separation turned on or not. Unless " | ||
77 | "you know you need to use PAM features that won't work with this option, you " | ||
78 | "should say yes here." | ||
79 | msgstr "" | ||
80 | "Comme vous souhaitez que je génère le fichier de configuration sshd_config à " | ||
81 | "votre place, vous pouvez choisir d'activer ou non l'option de séparation des " | ||
82 | "privilèges. Si vous utilisez un noyau 2.0 (dans ce cas vous *devez* " | ||
83 | "désactiver cette option ou alors sshd ne se lancera pas) ou bien si vous " | ||
84 | "avez besoin de fonctionnalités PAM, cela ne fonctionnera pas si cette option " | ||
85 | "est activée, dans le cas contraire vous devriez l'activer." | ||
86 | |||
87 | #. Description | ||
88 | #: ../templates.master:36 | ||
89 | msgid "Generate new configuration file" | ||
90 | msgstr "Créer un nouveau fichier de configuration" | ||
91 | |||
92 | #. Description | ||
93 | #: ../templates.master:36 | ||
94 | msgid "" | ||
95 | "This version of OpenSSH has a considerably changed configuration file from " | ||
96 | "the version shipped in Debian 'Potato', which you appear to be upgrading " | ||
97 | "from. I can now generate you a new configuration file (/etc/ssh/sshd." | ||
98 | "config), which will work with the new server version, but will not contain " | ||
99 | "any customisations you made with the old version." | ||
100 | msgstr "" | ||
101 | "Cette version d'OpenSSH utilise un fichier de configuration qui a énormément " | ||
102 | "changé depuis la version contenue dans la distribution Debian « Potato », " | ||
103 | "depuis laquelle vous semblez faire une mise à jour. Je peux générer " | ||
104 | "maintenant pour vous un nouveau fichier de configuration (/etc/ssh/sshd." | ||
105 | "config) qui marchera avec la nouvelle version du serveur, mais ne contiendra " | ||
106 | "aucun des réglages que vous avez faits sur l'ancienne version." | ||
107 | |||
108 | #. Description | ||
109 | #: ../templates.master:36 | ||
110 | msgid "" | ||
111 | "Please note that this new configuration file will set the value of " | ||
112 | "'PermitRootLogin' to yes (meaning that anyone knowing the root password can " | ||
113 | "ssh directly in as root). It is the opinion of the maintainer that this is " | ||
114 | "the correct default (see README.Debian for more details), but you can always " | ||
115 | "edit sshd_config and set it to no if you wish." | ||
116 | msgstr "" | ||
117 | "Veuillez noter que ce nouveau fichier de configuration positionnera la " | ||
118 | "valeur de « PermitRootLogin » à « yes » (ce qui signifie que quiconque " | ||
119 | "connaissant le mot de passe du super-utilisateur peut se connecter en tant " | ||
120 | "que tel sur la machine). Le responsable du paquet pense que c'est là un " | ||
121 | "comportement par défaut normal (lisez README.Debian pour plus " | ||
122 | "d'informations), mais vous pouvez toujours éditer le fichier sshd_config et " | ||
123 | "changer cela." | ||
124 | |||
125 | #. Description | ||
126 | #: ../templates.master:36 | ||
127 | msgid "" | ||
128 | "It is strongly recommended that you let me generate a new configuration file " | ||
129 | "for you." | ||
130 | msgstr "" | ||
131 | "Il est fortement recommandé que vous me laissiez générer le nouveau fichier " | ||
132 | "de configuration." | ||
133 | |||
134 | #. Description | ||
135 | #: ../templates.master:55 | ||
136 | msgid "Allow SSH protocol 2 only" | ||
137 | msgstr "Autoriser la version 2 du protocole SSH uniquement" | ||
138 | |||
139 | #. Description | ||
140 | #: ../templates.master:55 | ||
141 | msgid "" | ||
142 | "This version of OpenSSH supports version 2 of the ssh protocol, which is " | ||
143 | "much more secure. Disabling ssh 1 is encouraged, however this will slow " | ||
144 | "things down on low end machines and might prevent older clients from " | ||
145 | "connecting (the ssh client shipped with \"potato\" is affected)." | ||
146 | msgstr "" | ||
147 | "Cette version d'OpenSSH connaît la version 2 du protocole ssh, qui est bien " | ||
148 | "plus sûre. Désactiver ssh 1 est une bonne chose, cependant cela peut " | ||
149 | "ralentir les machines peu puissantes et pourrait empêcher ceux qui utilisent " | ||
150 | "de vieilles versions de la partie cliente de se connecter (le client ssh de " | ||
151 | "la distribution Debian « Potato » en fait partie)." | ||
152 | |||
153 | #. Description | ||
154 | #: ../templates.master:55 | ||
155 | msgid "" | ||
156 | "Also please note that keys used for protocol 1 are different so you will not " | ||
157 | "be able to use them if you only allow protocol 2 connections." | ||
158 | msgstr "" | ||
159 | "De plus, les clés utilisées par la version 1 du protocole sont différentes " | ||
160 | "et vous ne pourrez pas les utiliser si vous n'autorisez que les connexions " | ||
161 | "utilisant la version 2 du protocole." | ||
162 | |||
163 | #. Description | ||
164 | #: ../templates.master:55 | ||
165 | msgid "" | ||
166 | "If you later change your mind about this setting, README.Debian has " | ||
167 | "instructions on what to do to your sshd_config file." | ||
168 | msgstr "" | ||
169 | "Si vous changez d'avis ultérieurement et décidez de modifier ce réglage, les " | ||
170 | "instructions fournies dans le fichier README.Debian vous indiquent comment " | ||
171 | "modifier le fichier sshd_config." | ||
172 | |||
173 | #. Description | ||
174 | #: ../templates.master:69 | ||
175 | msgid "ssh2 keys merged in configuration files" | ||
176 | msgstr "Clés pour ssh2 fusionnées dans les fichiers de configuration" | ||
177 | |||
178 | #. Description | ||
179 | #: ../templates.master:69 | ||
180 | msgid "" | ||
181 | "As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 " | ||
182 | "keys. This means the authorized_keys2 and known_hosts2 files are no longer " | ||
183 | "needed. They will still be read in order to maintain backwards compatibility" | ||
184 | msgstr "" | ||
185 | "OpenSSH, depuis sa version 3, n'utilise plus de fichiers distincts pour les " | ||
186 | "clés ssh1 et ssh2. Cela signifie que les fichiers authorized_keys2 et " | ||
187 | "known_hosts2 ne sont plus utiles. Ils seront néanmoins lus afin de préserver " | ||
188 | "la compatibilité descendante." | ||
189 | |||
190 | #. Description | ||
191 | #: ../templates.master:78 | ||
192 | msgid "Do you want to continue (and risk killing active ssh sessions) ?" | ||
193 | msgstr "" | ||
194 | "Voulez-vous continuer (et risquer de rompre les sessions ssh actives) ?" | ||
195 | |||
196 | #. Description | ||
197 | #: ../templates.master:78 | ||
198 | msgid "" | ||
199 | "The version of /etc/init.d/ssh that you have installed, is likely to kill " | ||
200 | "all running sshd instances. If you are doing this upgrade via an ssh " | ||
201 | "session, that would be a Bad Thing(tm)." | ||
202 | msgstr "" | ||
203 | "La version de /etc/init.d/ssh que vous venez d'installer va " | ||
204 | "vraisemblablement tuer toutes les instances de sshd en cours. Si vous étiez " | ||
205 | "en train de faire cette mise à niveau à l'aide de ssh, ce serait regrettable." | ||
206 | |||
207 | #. Description | ||
208 | #: ../templates.master:78 | ||
209 | msgid "" | ||
210 | "You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-" | ||
211 | "daemon line in the stop section of the file." | ||
212 | msgstr "" | ||
213 | "Vous pouvez corriger cela en ajoutant dans /etc/init.d/ssh « --pidfile /var/" | ||
214 | "run/sshd.pid » à la ligne « start-stop-daemon » dans la section « stop » du " | ||
215 | "fichier." | ||
216 | |||
217 | #. Description | ||
218 | #: ../templates.master:88 | ||
219 | msgid "NOTE: Forwarding of X11 and Authorization disabled by default." | ||
220 | msgstr "" | ||
221 | "NOTE : suivi de session X11 et d'agent d'autorisation désactivés par défaut." | ||
222 | |||
223 | #. Description | ||
224 | #: ../templates.master:88 | ||
225 | msgid "" | ||
226 | "For security reasons, the Debian version of ssh has ForwardX11 and " | ||
227 | "ForwardAgent set to ``off'' by default." | ||
228 | msgstr "" | ||
229 | "Pour des raisons de sécurité, la version Debian de ssh positionne les " | ||
230 | "options ForwardX11 et ForwardAgent à « Off » par défaut." | ||
231 | |||
232 | #. Description | ||
233 | #: ../templates.master:88 | ||
234 | msgid "" | ||
235 | "You can enable it for servers you trust, either in one of the configuration " | ||
236 | "files, or with the -X command line option." | ||
237 | msgstr "" | ||
238 | "Vous pouvez activer ces options pour les serveurs en qui vous avez " | ||
239 | "confiance, soit dans un des fichiers de configuration, soit avec l'option -X " | ||
240 | "de la ligne de commande." | ||
241 | |||
242 | #. Description | ||
243 | #: ../templates.master:88 | ||
244 | msgid "More details can be found in /usr/share/doc/ssh/README.Debian" | ||
245 | msgstr "" | ||
246 | "Vous trouverez plus d'informations dans /usr/share/doc/ssh/README.Debian." | ||
247 | |||
248 | #. Description | ||
249 | #: ../templates.master:99 | ||
250 | msgid "Warning: rsh-server is installed --- probably not a good idea" | ||
251 | msgstr "" | ||
252 | "Attention : rsh-server est installé -- ce n'est probablement pas une bonne " | ||
253 | "idée" | ||
254 | |||
255 | #. Description | ||
256 | #: ../templates.master:99 | ||
257 | msgid "" | ||
258 | "having rsh-server installed undermines the security that you were probably " | ||
259 | "wanting to obtain by installing ssh. I'd advise you to remove that package." | ||
260 | msgstr "" | ||
261 | "Avoir un serveur rsh installé affaiblit la sécurité que vous vouliez " | ||
262 | "probablement obtenir en installant ssh. Je vous conseille de supprimer ce " | ||
263 | "paquet." | ||
264 | |||
265 | #. Description | ||
266 | #: ../templates.master:106 | ||
267 | msgid "Warning: telnetd is installed --- probably not a good idea" | ||
268 | msgstr "" | ||
269 | "Attention : telnetd est installé -- ce n'est probablement pas une bonne idée" | ||
270 | |||
271 | #. Description | ||
272 | #: ../templates.master:106 | ||
273 | msgid "" | ||
274 | "I'd advise you to either remove the telnetd package (if you don't actually " | ||
275 | "need to offer telnet access) or install telnetd-ssl so that there is at " | ||
276 | "least some chance that telnet sessions will not be sending unencrypted login/" | ||
277 | "password and session information over the network." | ||
278 | msgstr "" | ||
279 | "Je vous conseille soit d'enlever le paquet telnetd (si ce service n'est pas " | ||
280 | "nécessaire), soit de le remplacer par le paquet telnetd-ssl pour qu'il y ait " | ||
281 | "au moins une chance que les sessions telnet soient chiffrées et que les mots " | ||
282 | "de passe et noms d'utilisateurs ne passent pas en clair sur le réseau." | ||
283 | |||
284 | #. Description | ||
285 | #: ../templates.master:114 | ||
286 | msgid "Warning: you must create a new host key" | ||
287 | msgstr "Attention : vous devez créer une nouvelle clé d'hôte" | ||
288 | |||
289 | #. Description | ||
290 | #: ../templates.master:114 | ||
291 | msgid "" | ||
292 | "There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can " | ||
293 | "not handle this host key file, and I can't find the ssh-keygen utility from " | ||
294 | "the old (non-free) SSH installation." | ||
295 | msgstr "" | ||
296 | "Il existe un vieux /etc/ssh/ssh_host_key qui est chiffré avec IDEA. OpenSSH " | ||
297 | "ne peut utiliser ce fichier de clé, et je ne peux trouver l'utilitaire ssh-" | ||
298 | "keygen de l'installation précédente (non libre) de SSH." | ||
299 | |||
300 | #. Description | ||
301 | #: ../templates.master:114 | ||
302 | msgid "You will need to generate a new host key." | ||
303 | msgstr "Vous aurez besoin de générer une nouvelle clé d'hôte." | ||
304 | |||
305 | #. Description | ||
306 | #: ../templates.master:124 | ||
307 | msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?" | ||
308 | msgstr "" | ||
309 | "Voulez-vous que /usr/lib/ssh-keysign soit installé avec le bit SETUID " | ||
310 | "activé ?" | ||
311 | |||
312 | #. Description | ||
313 | #: ../templates.master:124 | ||
314 | msgid "" | ||
315 | "You have the option of installing the ssh-keysign helper with the SUID bit " | ||
316 | "set." | ||
317 | msgstr "" | ||
318 | "Vous avez la possibilité d'installer ssh-keysign avec le bit SETUID activé." | ||
319 | |||
320 | #. Description | ||
321 | #: ../templates.master:124 | ||
322 | msgid "" | ||
323 | "If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-" | ||
324 | "based authentication." | ||
325 | msgstr "" | ||
326 | "Si vous mettez ssh-keysign avec le bit SETUID, vous permettrez " | ||
327 | "l'authentification basée sur les hôtes, disponible dans la version 2 du " | ||
328 | "protocole SSH." | ||
329 | |||
330 | #. Description | ||
331 | #: ../templates.master:124 | ||
332 | msgid "" | ||
333 | "If in doubt, I suggest you install it with SUID. If it causes problems you " | ||
334 | "can change your mind later by running: dpkg-reconfigure ssh" | ||
335 | msgstr "" | ||
336 | "Dans le doute, je vous suggère de l'installer avec le bit SETUID activé. Si " | ||
337 | "cela vous pose des problèmes, vous pourrez revenir sur votre décision avec " | ||
338 | "« dpkg-reconfigure ssh »." | ||
339 | |||
340 | #. Description | ||
341 | #: ../templates.master:137 | ||
342 | msgid "Do you want to run the sshd server ?" | ||
343 | msgstr "Voulez-vous utiliser le serveur sshd ?" | ||
344 | |||
345 | #. Description | ||
346 | #: ../templates.master:137 | ||
347 | msgid "This package contains both the ssh client, and the sshd server." | ||
348 | msgstr "Ce paquet contient à la fois le client ssh et le serveur sshd." | ||
349 | |||
350 | #. Description | ||
351 | #: ../templates.master:137 | ||
352 | msgid "" | ||
353 | "Normally the sshd Secure Shell Server will be run to allow remote logins via " | ||
354 | "ssh." | ||
355 | msgstr "" | ||
356 | "Normalement le serveur sshd est lancé pour permettre les connexions " | ||
357 | "distantes via ssh." | ||
358 | |||
359 | #. Description | ||
360 | #: ../templates.master:137 | ||
361 | msgid "" | ||
362 | "If you are only interested in using the ssh client for outbound connections " | ||
363 | "on this machine, and don't want to log into it at all using ssh, then you " | ||
364 | "can disable sshd here." | ||
365 | msgstr "" | ||
366 | "Si vous désirez seulement utiliser le client ssh pour des connexions vers " | ||
367 | "l'extérieur, ou si vous ne voulez pas vous connecter sur cette machine via " | ||
368 | "ssh, vous pouvez désactiver sshd maintenant." | ||
369 | |||
370 | #. Description | ||
371 | #: ../templates.master:149 | ||
372 | msgid "Environment options on keys have been deprecated" | ||
373 | msgstr "Les options d'environnement sur les clés sont déconseillées" | ||
374 | |||
375 | #. Description | ||
376 | #: ../templates.master:149 | ||
377 | msgid "" | ||
378 | "This version of OpenSSH disables the environment option for public keys by " | ||
379 | "default, in order to avoid certain attacks (for example, LD_PRELOAD). If you " | ||
380 | "are using this option in an authorized_keys file, beware that the keys in " | ||
381 | "question will no longer work until the option is removed." | ||
382 | msgstr "" | ||
383 | "Dans cette version d'OpenSSH, l'option d'environnement est, par défaut, " | ||
384 | "désactivée pour les clés publiques. Cela est destiné à la prévention de " | ||
385 | "certaines attaques (par exemple, LD_PRELOAD). Si vous utilisez cette option " | ||
386 | "dans un fichier « authorized_keys », sachez que les clés concernées ne " | ||
387 | "fonctionneront plus tant que l'option ne sera pas retirée." | ||
388 | |||
389 | #. Description | ||
390 | #: ../templates.master:149 | ||
391 | msgid "" | ||
392 | "To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/" | ||
393 | "sshd_config after the upgrade is complete, taking note of the warning in the " | ||
394 | "sshd_config(5) manual page." | ||
395 | msgstr "" | ||
396 | "Pour la réactiver, veuillez indiquer «PermitUserEnvironment yes » dans /etc/" | ||
397 | "ssh/sshd_config lorsque la mise à niveau est terminée. Veuillez tenir compte " | ||
398 | "de l'avertissement donné dans la page de manuel sshd_config(5)." | ||
399 | |||
400 | #~ msgid "" | ||
401 | #~ "NB! If you are running a 2.0 series Linux kernel, then privilege " | ||
402 | #~ "separation will not work at all, and your sshd will fail to start unless " | ||
403 | #~ "you explicitly turn privilege separation off." | ||
404 | #~ msgstr "" | ||
405 | #~ "N. B. ! Si vous avez un noyau Linux de la série des 2.0, la séparation " | ||
406 | #~ "des privilèges ne fonctionne pas, et votre démon sshd ne se lancera que " | ||
407 | #~ "si vous avez explicitement désactivé la séparation des privilèges." | ||
diff --git a/debian/po/ja.po b/debian/po/ja.po new file mode 100644 index 000000000..dcead1cdb --- /dev/null +++ b/debian/po/ja.po | |||
@@ -0,0 +1,383 @@ | |||
1 | # | ||
2 | # Translators, if you are not familiar with the PO format, gettext | ||
3 | # documentation is worth reading, especially sections dedicated to | ||
4 | # this format, e.g. by running: | ||
5 | # info -n '(gettext)PO Files' | ||
6 | # info -n '(gettext)Header Entry' | ||
7 | # | ||
8 | # Some information specific to po-debconf are available at | ||
9 | # /usr/share/doc/po-debconf/README-trans | ||
10 | # or http://www.debian.org/intl/l10n/po-debconf/README-trans | ||
11 | # | ||
12 | # Developers do not need to manually edit POT or PO files. | ||
13 | # | ||
14 | #, fuzzy | ||
15 | msgid "" | ||
16 | msgstr "" | ||
17 | "Project-Id-Version: PACKAGE VERSION\n" | ||
18 | "Report-Msgid-Bugs-To: \n" | ||
19 | "POT-Creation-Date: 2003-08-27 02:20+0100\n" | ||
20 | "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" | ||
21 | "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" | ||
22 | "Language-Team: LANGUAGE <LL@li.org>\n" | ||
23 | "MIME-Version: 1.0\n" | ||
24 | "Content-Type: text/plain; charset=EUC-JP\n" | ||
25 | "Content-Transfer-Encoding: 8bit\n" | ||
26 | |||
27 | #. Description | ||
28 | #: ../templates.master:3 | ||
29 | msgid "Privilege separation" | ||
30 | msgstr "Æø¢¤ÎʬΥ" | ||
31 | |||
32 | #. Description | ||
33 | #: ../templates.master:3 | ||
34 | msgid "" | ||
35 | "Privilege separation is turned on by default, so if you decide you want it " | ||
36 | "turned off, you need to add \"UsePrivilegeSeparation no\" to /etc/ssh/" | ||
37 | "sshd_config." | ||
38 | msgstr "" | ||
39 | "Æø¢Ê¬Î¥¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç͸ú¤Ë¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£Ìµ¸ú¤Ë¤·¤¿¤¤¾ì¹ç¤Ï¡¢ /etc/ssh/" | ||
40 | "sshd_conf ¤Ë¡ÖUsePrivilegeSeparation no¡×¤È¤¤¤¦¹Ô¤òÄɲà ¤·¤Æ¤¯¤À¤µ¤¤¡£" | ||
41 | |||
42 | #. Description | ||
43 | #: ../templates.master:19 | ||
44 | msgid "Enable Privilege separation" | ||
45 | msgstr "Æø¢Ê¬Î¥¤ò͸ú¤Ë¤¹¤ë" | ||
46 | |||
47 | #. Description | ||
48 | #: ../templates.master:19 | ||
49 | msgid "" | ||
50 | "This version of OpenSSH contains the new privilege separation option. This " | ||
51 | "significantly reduces the quantity of code that runs as root, and therefore " | ||
52 | "reduces the impact of security holes in sshd." | ||
53 | msgstr "" | ||
54 | "ËܥС¼¥¸¥ç¥ó¤Î OpenSSH ¤Ï¡¢¿·¤·¤¤Æø¢Ê¬Î¥¥ª¥×¥·¥ç¥ó¤ò»ý¤Ã¤Æ¤¤¤Þ¤¹¡£ ¤³¤ì¤Ë" | ||
55 | "¤è¤Ã¤Æ¡¢root ¸¢¸Â¤Ç¼Â¹Ô¤µ¤ì¤ë¥³¡¼¥É¤ÎÎ̤òÂçÉý¤Ë¸º¤é¤¹¤³¤È¤¬ ¤Ç¤¡¢sshd ¤Î¥»" | ||
56 | "¥¥å¥ê¥Æ¥£¥Û¡¼¥ë¤Î±Æ¶Á¤ò¸º¤é¤¹¤³¤È¤¬¤Ç¤¤Þ¤¹¡£" | ||
57 | |||
58 | #. Description | ||
59 | #: ../templates.master:19 | ||
60 | msgid "" | ||
61 | "Unfortunately, privilege separation interacts badly with PAM. Any PAM " | ||
62 | "session modules that need to run as root (pam_mkhomedir, for example) will " | ||
63 | "fail, and PAM keyboard-interactive authentication won't work." | ||
64 | msgstr "" | ||
65 | "»ÄÇ°¤Ê¤³¤È¤Ë¡¢Æø¢Ê¬Î¥¤Ï PAM ¤Ë°±Æ¶Á¤òÍ¿¤¨¤Þ¤¹¡£root ¤Ç¼Â¹Ô¤µ¤ì¤ë Á´¤Æ¤Î " | ||
66 | "PAM ¥»¥Ã¥·¥ç¥ó¥â¥¸¥å¡¼¥ë (Î㤨¤Ð pam_mkhomedir) ¤ÏÆ°¤«¤Ê¤¯ ¤Ê¤ê¤Þ¤¹¡£¤Þ¤¿¡¢" | ||
67 | "PAM ¥¡¼¥Ü¡¼¥ÉÂÐÏÃŪǧ¾Ú¤âÆ°ºî¤·¤Ê¤¯¤Ê¤ê¤Þ¤¹¡£" | ||
68 | |||
69 | #. Description | ||
70 | #: ../templates.master:19 | ||
71 | #, fuzzy | ||
72 | msgid "" | ||
73 | "Since you've opted to have me generate an sshd_config file for you, you can " | ||
74 | "choose whether or not to have Privilege Separation turned on or not. Unless " | ||
75 | "you know you need to use PAM features that won't work with this option, you " | ||
76 | "should say yes here." | ||
77 | msgstr "" | ||
78 | "¤¢¤Ê¤¿¤Ï sshd_config ¥Õ¥¡¥¤¥ë¤ò¼«Æ°À¸À®¤¹¤ë¤³¤È¤òÁªÂò¤·¤Þ¤·¤¿¤Î¤Ç¡¢ ¤³¤³¤ÇÆÃ" | ||
79 | "¸¢Ê¬Î¥¤ò͸ú¤Ë¤¹¤ë¤«¤·¤Ê¤¤¤«¤òÁªÂò¤Ç¤¤Þ¤¹¡£2.0 ·ÏÎó¤Î ¥«¡¼¥Í¥ë¤ò»È¤Ã¤Æ¤¤¤ë" | ||
80 | "¤« (¤³¤Î¾ì¹ç¤Ë¤Ï¡Ö¤¤¤¤¤¨¡×¤òÁª¤Ð¤Ê¤¤¤È sshd ¤Ïµ¯Æ°¤¹¤é¤·¤Þ¤»¤ó)¡¢PAM ¤Îµ¡Ç½¤Î" | ||
81 | "¤¦¤ÁÆø¢Ê¬Î¥¤È¶¦Â¸¤Ç¤¤Ê¤¤µ¡Ç½¤ò »È¤¤¤¿¤¤¾ì¹ç°Ê³°¤Ï¡¢¡Ö¤Ï¤¤¡×¤òÁª¤Ö¤Ù¤¤Ç¤¹¡£" | ||
82 | |||
83 | #. Description | ||
84 | #: ../templates.master:36 | ||
85 | msgid "Generate new configuration file" | ||
86 | msgstr "¿·¤·¤¤ÀßÄê¥Õ¥¡¥¤¥ë¤òºî¤ê¤Þ¤¹" | ||
87 | |||
88 | #. Description | ||
89 | #: ../templates.master:36 | ||
90 | msgid "" | ||
91 | "This version of OpenSSH has a considerably changed configuration file from " | ||
92 | "the version shipped in Debian 'Potato', which you appear to be upgrading " | ||
93 | "from. I can now generate you a new configuration file (/etc/ssh/sshd." | ||
94 | "config), which will work with the new server version, but will not contain " | ||
95 | "any customisations you made with the old version." | ||
96 | msgstr "" | ||
97 | "OpenSSH ¤Î¤³¤Î¥Ð¡¼¥¸¥ç¥ó¤Ï¡¢Debian 'Potato' ¤Ë´Þ¤Þ¤ì¤Æ¤¤¤ë¥Ð¡¼¥¸¥ç¥ó (¤¤¤Þ¡¢" | ||
98 | "¤½¤Î¥Ð¡¼¥¸¥ç¥ó¤«¤é¤Î¥Ð¡¼¥¸¥ç¥ó¥¢¥Ã¥×¤ò»î¤ß¤Æ¤¤¤ë¤È¤³¤í) ¤«¤é¡¢ ÀßÄê¥Õ¥¡¥¤¥ë¤¬" | ||
99 | "ÂçÉý¤ËÊѲ½¤·¤Æ¤¤¤Þ¤¹¡£¤¤¤Þ¡¢¿·¤·¤¤¥Ð¡¼¥¸¥ç¥ó¤Î¥µ¡¼¥Ð¤Ç »È¤¦¤³¤È¤¬¤Ç¤¤ë¿·¤·¤¤" | ||
100 | "ÀßÄê¥Õ¥¡¥¤¥ë (/etc/ssh/sshd/config) ¤ò¼«Æ°À¸À® ¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¤¬¡¢¤½¤Î¥Õ¥¡" | ||
101 | "¥¤¥ë¤Ï¡¢¸Å¤¤¥Ð¡¼¥¸¥ç¥ó¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ë ´Þ¤Þ¤ì¤ë¤¢¤Ê¤¿¤ÎÀßÄ꤬Á´¤¯´Þ¤Þ¤ì¤Þ¤»" | ||
102 | "¤ó¡£" | ||
103 | |||
104 | #. Description | ||
105 | #: ../templates.master:36 | ||
106 | msgid "" | ||
107 | "Please note that this new configuration file will set the value of " | ||
108 | "'PermitRootLogin' to yes (meaning that anyone knowing the root password can " | ||
109 | "ssh directly in as root). It is the opinion of the maintainer that this is " | ||
110 | "the correct default (see README.Debian for more details), but you can always " | ||
111 | "edit sshd_config and set it to no if you wish." | ||
112 | msgstr "" | ||
113 | "¤³¤Î¿·¤·¤¤ÀßÄê¥Õ¥¡¥¤¥ë¤Ï¡¢¡ÖPermitRootLogin¡×¤ò¡Öyes¡×¤ËÀßÄꤷ¤Þ¤¹¡£ (¤Ä¤Þ" | ||
114 | "¤ê¡¢root ¤Î¥Ñ¥¹¥ï¡¼¥É¤òÃΤäƤ¤¤ë¿Í¤Ê¤éï¤Ç¤âľÀÜ¥í¥°¥¤¥ó¤Ç¤¤Þ ¤¹)¡£¤³¤ì¤Ç¤è" | ||
115 | "¤¤¡¢¤È¤¤¤¦¤Î¤¬¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤Î¥á¥ó¥Æ¥Ê¤Î°Õ¸«¤Ç¤¹¤¬ (¾Ü¤· ¤¯¤Ï README.Debian " | ||
116 | "¤òÆɤó¤Ç²¼¤µ¤¤)¡¢sshd_config ¤òÊÔ½¸¤·¤Æ¡Öno¡×¤ËÀß Äꤹ¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£" | ||
117 | |||
118 | #. Description | ||
119 | #: ../templates.master:36 | ||
120 | msgid "" | ||
121 | "It is strongly recommended that you let me generate a new configuration file " | ||
122 | "for you." | ||
123 | msgstr "¿·¤·¤¤ÀßÄê¥Õ¥¡¥¤¥ë¤ò¼«Æ°À¸À®¤¹¤ë¤³¤È¤ò¶¯¤¯¤ª´«¤á¤·¤Þ¤¹¡£" | ||
124 | |||
125 | #. Description | ||
126 | #: ../templates.master:55 | ||
127 | msgid "Allow SSH protocol 2 only" | ||
128 | msgstr "SSH ¥×¥í¥È¥³¥ë 2 ¤Î¤ß¤òµö²Ä¤·¤Þ¤¹" | ||
129 | |||
130 | #. Description | ||
131 | #: ../templates.master:55 | ||
132 | msgid "" | ||
133 | "This version of OpenSSH supports version 2 of the ssh protocol, which is " | ||
134 | "much more secure. Disabling ssh 1 is encouraged, however this will slow " | ||
135 | "things down on low end machines and might prevent older clients from " | ||
136 | "connecting (the ssh client shipped with \"potato\" is affected)." | ||
137 | msgstr "" | ||
138 | "OpenSSH ¤Î¤³¤Î¥Ð¡¼¥¸¥ç¥ó¤Ï¡¢¤º¤Ã¤È°ÂÁ´¤Ê¡¢ssh ¥×¥í¥È¥³¥ë¤Î¥Ð¡¼¥¸¥ç¥ó 2 ¤ò¥µ" | ||
139 | "¥Ý¡¼¥È¤·¤Æ¤¤¤Þ¤¹¡£ssh 1 ¤ò¶Ø»ß¤¹¤ë¤³¤È¤ò¤ª´«¤á¤·¤Þ¤¹¤¬¡¢ÃÙ¤¤¥Þ ¥·¥ó¤Ç¤ÏÆ°ºî¤¬" | ||
140 | "ÃÙ¤¯¤Ê¤Ã¤¿¤ê¡¢¸Å¤¤¥¯¥é¥¤¥¢¥ó¥È¤«¤éÀܳ¤Ç¤¤Ê¤¯¤Ê¤Ã¤¿¤ê ¤·¤Þ¤¹ (\"potato\" ¤Î " | ||
141 | "ssh ¥¯¥é¥¤¥¢¥ó¥È¤âÀܳ¤Ç¤¤Ê¤¯¤Ê¤ê¤Þ¤¹)¡£" | ||
142 | |||
143 | #. Description | ||
144 | #: ../templates.master:55 | ||
145 | msgid "" | ||
146 | "Also please note that keys used for protocol 1 are different so you will not " | ||
147 | "be able to use them if you only allow protocol 2 connections." | ||
148 | msgstr "" | ||
149 | "¤Þ¤¿¡¢¥×¥í¥È¥³¥ë 1 ¤Ç»È¤¦¥¡¼¤Ï°Û¤Ê¤ë¤¿¤á¡¢¥×¥í¥È¥³¥ë 2 ¤ò͸ú¤Ë¤·¤¿ ¤À¤±¤Ç¤Ï" | ||
150 | "¤½¤Î¥¡¼¤ò»È¤¦¤³¤È¤¬¤Ç¤¤Þ¤»¤ó¡£" | ||
151 | |||
152 | #. Description | ||
153 | #: ../templates.master:55 | ||
154 | msgid "" | ||
155 | "If you later change your mind about this setting, README.Debian has " | ||
156 | "instructions on what to do to your sshd_config file." | ||
157 | msgstr "" | ||
158 | "¤â¤·º£¸å¤¢¤Ê¤¿¤¬¹Í¤¨¤òÊѤ¨¤¿¤é¡¢README.Debian ¤òÆɤà¤È sshd_config ¤ò ¤É¤Î¤è" | ||
159 | "¤¦¤ËÊѹ¹¤·¤¿¤é¤è¤¤¤«¤¬Ê¬¤«¤ê¤Þ¤¹¡£" | ||
160 | |||
161 | #. Description | ||
162 | #: ../templates.master:69 | ||
163 | msgid "ssh2 keys merged in configuration files" | ||
164 | msgstr "ssh2 ¥¡¼¤ÏÀßÄê¥Õ¥¡¥¤¥ë¤ËÅý¹ç¤µ¤ì¤Þ¤¹" | ||
165 | |||
166 | #. Description | ||
167 | #: ../templates.master:69 | ||
168 | msgid "" | ||
169 | "As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 " | ||
170 | "keys. This means the authorized_keys2 and known_hosts2 files are no longer " | ||
171 | "needed. They will still be read in order to maintain backwards compatibility" | ||
172 | msgstr "" | ||
173 | "OpenSSH ¤Î¥Ð¡¼¥¸¥ç¥ó 3 ¤Ï¡¢ssh1 ¤È ssh2 ¤Î¥¡¼¤Ë¸ÄÊ̤Υե¡¥¤¥ë¤ò»È¤¤ ¤Þ¤»¤ó¡£" | ||
174 | "¤Ä¤Þ¤ê¡¢authorized_keys2 ¥Õ¥¡¥¤¥ë¤È known_hosts2 ¥Õ¥¡¥¤¥ë¤Ï¤â ¤Ï¤äÉÔÍפȤʤê" | ||
175 | "¤Þ¤·¤¿¡£¸åÊý¸ß´¹À¤òÊݤĤ¿¤á¤Ë¤Ï¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë¤¬É¬Í× ¤Ç¤¹¡£" | ||
176 | |||
177 | #. Description | ||
178 | #: ../templates.master:78 | ||
179 | msgid "Do you want to continue (and risk killing active ssh sessions) ?" | ||
180 | msgstr "³¤±¤Æ¤¤¤¤¤Ç¤¹¤« (ÀܳÃæ¤Î ssh ¥»¥Ã¥·¥ç¥ó¤¬ÀÚ¤ì¤ë¤«¤â¤·¤ì¤Þ¤»¤ó)" | ||
181 | |||
182 | #. Description | ||
183 | #: ../templates.master:78 | ||
184 | msgid "" | ||
185 | "The version of /etc/init.d/ssh that you have installed, is likely to kill " | ||
186 | "all running sshd instances. If you are doing this upgrade via an ssh " | ||
187 | "session, that would be a Bad Thing(tm)." | ||
188 | msgstr "" | ||
189 | "¤¤¤Þ¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿ /etc/init.d/ssh ¤Ï¡¢¤ª¤½¤é¤¯¼Â¹ÔÃæ¤Î sshd ¤òÁ´¤Æ Ää»ß¤µ" | ||
190 | "¤»¤Þ¤¹¡£¤³¤Î¥Ð¡¼¥¸¥ç¥ó¥¢¥Ã¥×¤ò ssh ¥»¥Ã¥·¥ç¥ó¤òÍѤ¤¤Æ¹Ô¤¦¤Î¤Ï´Ö °ã¤Ã¤¿¤ä¤ê¤«" | ||
191 | "¤¿¤Ç¤¹¡£" | ||
192 | |||
193 | #. Description | ||
194 | #: ../templates.master:78 | ||
195 | msgid "" | ||
196 | "You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-" | ||
197 | "daemon line in the stop section of the file." | ||
198 | msgstr "" | ||
199 | "¤³¤Î¾õ¶·¤ò½¤Àµ¤¹¤ë¤Ë¤Ï¡¢/etc/init.d/ssh ¤Î stop ¥»¥¯¥·¥ç¥ó¤Î start-stop-" | ||
200 | "daemon ¤Î¹Ô¤Ë¡Ö--pidfile /var/run/sshd.pid¡×¤ÈÄɲä·¤Þ¤¹¡£" | ||
201 | |||
202 | #. Description | ||
203 | #: ../templates.master:88 | ||
204 | msgid "NOTE: Forwarding of X11 and Authorization disabled by default." | ||
205 | msgstr "Ãí°Õ: X11 ¤Èǧ¾Ú¤Î¥Õ¥©¥ï¡¼¥Ç¥£¥ó¥°¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¶Ø»ß¤µ¤ì¤Þ¤¹" | ||
206 | |||
207 | #. Description | ||
208 | #: ../templates.master:88 | ||
209 | msgid "" | ||
210 | "For security reasons, the Debian version of ssh has ForwardX11 and " | ||
211 | "ForwardAgent set to ``off'' by default." | ||
212 | msgstr "" | ||
213 | "¥»¥¥å¥ê¥Æ¥£¾å¤ÎÍýͳ¤«¤é¡¢Debian ¤Î ssh ¤Ç¤Ï ForwardX11 ¤È ForwardAgent ¤Ï¥Ç" | ||
214 | "¥Õ¥©¥ë¥È¤Ç¤Ï¡Öoff¡×¤ËÀßÄꤵ¤ì¤Þ¤¹¡£" | ||
215 | |||
216 | #. Description | ||
217 | #: ../templates.master:88 | ||
218 | msgid "" | ||
219 | "You can enable it for servers you trust, either in one of the configuration " | ||
220 | "files, or with the -X command line option." | ||
221 | msgstr "" | ||
222 | "ÀßÄê¥Õ¥¡¥¤¥ë¤ò»È¤Ã¤¿¤ê¡¢-X ¥³¥Þ¥ó¥É¥é¥¤¥ó¥ª¥×¥·¥ç¥ó¤ò»È¤Ã¤¿¤ê¤¹¤ë ¤³¤È¤Ç¡¢¿®" | ||
223 | "ÍѤǤ¤ë¥µ¡¼¥Ð¤ËÂФ·¤Æµö²Ä¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£" | ||
224 | |||
225 | #. Description | ||
226 | #: ../templates.master:88 | ||
227 | msgid "More details can be found in /usr/share/doc/ssh/README.Debian" | ||
228 | msgstr "¾ÜºÙ¤Ï /usr/share/doc/ssh/README.Debian ¤òÆɤó¤Ç²¼¤µ¤¤¡£" | ||
229 | |||
230 | #. Description | ||
231 | #: ../templates.master:99 | ||
232 | msgid "Warning: rsh-server is installed --- probably not a good idea" | ||
233 | msgstr "" | ||
234 | "·Ù¹ð: rsh-server ¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¤¿¤Ö¤óÎɤ¤¹Í¤¨¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó" | ||
235 | |||
236 | #. Description | ||
237 | #: ../templates.master:99 | ||
238 | msgid "" | ||
239 | "having rsh-server installed undermines the security that you were probably " | ||
240 | "wanting to obtain by installing ssh. I'd advise you to remove that package." | ||
241 | msgstr "" | ||
242 | "rsh-server ¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë¤È¡¢¤¢¤Ê¤¿¤¬ ssh ¤Ë¤è¤Ã¤ÆÆÀ¤¿¤¤¤È »×¤Ã¤Æ¤¤" | ||
243 | "¤ë¤Ç¤¢¤í¤¦¥»¥¥å¥ê¥Æ¥£¤¬Â»¤Ê¤ï¤ì¤Þ¤¹¡£¤½¤Î¥Ñ¥Ã¥±¡¼¥¸¤ò¥¢¥ó¥¤ ¥ó¥¹¥È¡¼¥ë¤¹¤ë¤³" | ||
244 | "¤È¤ò¤ª´«¤á¤·¤Þ¤¹¡£" | ||
245 | |||
246 | #. Description | ||
247 | #: ../templates.master:106 | ||
248 | msgid "Warning: telnetd is installed --- probably not a good idea" | ||
249 | msgstr "·Ù¹ð: telnetd ¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¤¿¤Ö¤óÎɤ¤¹Í¤¨¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó" | ||
250 | |||
251 | #. Description | ||
252 | #: ../templates.master:106 | ||
253 | msgid "" | ||
254 | "I'd advise you to either remove the telnetd package (if you don't actually " | ||
255 | "need to offer telnet access) or install telnetd-ssl so that there is at " | ||
256 | "least some chance that telnet sessions will not be sending unencrypted login/" | ||
257 | "password and session information over the network." | ||
258 | msgstr "" | ||
259 | "(¤â¤· telnet ¥¢¥¯¥»¥¹¤òÄ󶡤·¤¿¤¤¤È»×¤Ã¤Æ¤¤¤Ê¤¤¤Î¤Ç¤·¤¿¤é) telnetd ¥Ñ¥Ã¥±¡¼¥¸" | ||
260 | "¤ò¥¢¥ó¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤«¡¢¤Þ¤¿¤Ï¡¢telnetd-ssh ¥Ñ¥Ã¥±¡¼¥¸¤ò ¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¾¯" | ||
261 | "¤Ê¤¯¤È¤â¥Í¥Ã¥È¥ï¡¼¥¯¾å¤ò°Å¹æ²½¤µ¤ì¤Æ¤¤¤Ê¤¤¥æ¡¼¥¶Ì¾ ¤ä¥Ñ¥¹¥ï¡¼¥É¤ä¥»¥Ã¥·¥ç¥ó¾ð" | ||
262 | "Êó¤¬Î®¤ì¤Ê¤¤¤è¤¦¤Ë¤¹¤ë¤³¤È¤ò¤ª´«¤á¤·¤Þ¤¹¡£" | ||
263 | |||
264 | #. Description | ||
265 | #: ../templates.master:114 | ||
266 | msgid "Warning: you must create a new host key" | ||
267 | msgstr "·Ù¹ð: ¿·¤·¤¤¥Û¥¹¥È¥¡¼¤òºî¤é¤Ê¤¤¤È¤¤¤±¤Þ¤»¤ó" | ||
268 | |||
269 | #. Description | ||
270 | #: ../templates.master:114 | ||
271 | msgid "" | ||
272 | "There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can " | ||
273 | "not handle this host key file, and I can't find the ssh-keygen utility from " | ||
274 | "the old (non-free) SSH installation." | ||
275 | msgstr "" | ||
276 | "IDEA ¤Ç°Å¹æ²½¤µ¤ì¤¿¸Å¤¤¥¡¼¤¬ /etc/ssh/ssh_host_key ¤Ë¤¢¤ê¤Þ¤¹¡£ OpenSSH ¤Ï¤³" | ||
277 | "¤Î¥Û¥¹¥È¥¡¼¥Õ¥¡¥¤¥ë¤ò°·¤¨¤Þ¤»¤ó¡£¤Þ¤¿¡¢º£¥¤¥ó¥¹¥È¡¼¥ë ¤µ¤ì¤Æ¤¤¤ë¸Å¤¤ (¥Õ¥ê¡¼" | ||
278 | "¤Ç¤Ï¤Ê¤¤) SSH ¤Ë¤Ï ssh-keygen ¥æ¡¼¥Æ¥£¥ê¥Æ¥£ ¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤»¤ó¡£" | ||
279 | |||
280 | #. Description | ||
281 | #: ../templates.master:114 | ||
282 | msgid "You will need to generate a new host key." | ||
283 | msgstr "¿·¤·¤¤¥Û¥¹¥È¥¡¼¤òºî¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£" | ||
284 | |||
285 | #. Description | ||
286 | #: ../templates.master:124 | ||
287 | msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?" | ||
288 | msgstr "/usr/bin/ssh-keysign ¤ò SUID root ¤Ç¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¤«?" | ||
289 | |||
290 | #. Description | ||
291 | #: ../templates.master:124 | ||
292 | msgid "" | ||
293 | "You have the option of installing the ssh-keysign helper with the SUID bit " | ||
294 | "set." | ||
295 | msgstr "" | ||
296 | "ssh-keysign ¥Ø¥ë¥Ñ¡¼¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ëºÝ¡¢SUID ¥Ó¥Ã¥È¤òÀßÄꤹ¤ë¤« ¤·¤Ê¤¤¤«¤ò" | ||
297 | "Áª¤Ö¤³¤È¤¬¤Ç¤¤Þ¤¹¡£" | ||
298 | |||
299 | #. Description | ||
300 | #: ../templates.master:124 | ||
301 | msgid "" | ||
302 | "If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-" | ||
303 | "based authentication." | ||
304 | msgstr "" | ||
305 | "ssh-keysign ¤ò SUID ¤ËÀßÄꤷ¤¿¾ì¹ç¡¢SSH ¥×¥í¥È¥³¥ë 2 ¤Î¥Û¥¹¥È¤Ë ´ð¤Å¤¯Ç§¾Ú¤ò" | ||
306 | "»È¤¦¤³¤È¤¬¤Ç¤¤Þ¤¹¡£" | ||
307 | |||
308 | #. Description | ||
309 | #: ../templates.master:124 | ||
310 | msgid "" | ||
311 | "If in doubt, I suggest you install it with SUID. If it causes problems you " | ||
312 | "can change your mind later by running: dpkg-reconfigure ssh" | ||
313 | msgstr "" | ||
314 | "¤è¤¯Ê¬¤«¤é¤Ê¤¤¾ì¹ç¤Ï¡¢SUID ¤ò͸ú¤Ë¤¹¤ë¤³¤È¤ò¤ª´«¤á¤·¤Þ¤¹¡£¤â¤· ÌäÂ꤬µ¯¤³¤ì" | ||
315 | "¤Ð¡¢dpkg-reconfigure ssh ¤ò¼Â¹Ô¤¹¤ë¤³¤È¤ÇÀßÄê¤òÊѹ¹ ¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£" | ||
316 | |||
317 | #. Description | ||
318 | #: ../templates.master:137 | ||
319 | msgid "Do you want to run the sshd server ?" | ||
320 | msgstr "sshd ¥µ¡¼¥Ð¤ò¼Â¹Ô¤·¤Þ¤¹¤«?" | ||
321 | |||
322 | #. Description | ||
323 | #: ../templates.master:137 | ||
324 | msgid "This package contains both the ssh client, and the sshd server." | ||
325 | msgstr "¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤Ï¡¢ssh ¥¯¥é¥¤¥¢¥ó¥È¤È sshd ¥µ¡¼¥Ð¤ÎξÊý¤ò´Þ¤ó¤Ç¤¤¤Þ¤¹¡£" | ||
326 | |||
327 | #. Description | ||
328 | #: ../templates.master:137 | ||
329 | msgid "" | ||
330 | "Normally the sshd Secure Shell Server will be run to allow remote logins via " | ||
331 | "ssh." | ||
332 | msgstr "" | ||
333 | "Ä̾sshd ¥»¥¥å¥¢¥·¥§¥ë¥µ¡¼¥Ð¤Ï¡¢ssh ¤òÍѤ¤¤¿¥ê¥â¡¼¥È¤«¤é¤Î¥í¥°¥¤¥ó ¤ò²Äǽ" | ||
334 | "¤Ë¤¹¤ë¤¿¤á¤Ë¼Â¹Ô¤·¤Þ¤¹¡£" | ||
335 | |||
336 | #. Description | ||
337 | #: ../templates.master:137 | ||
338 | msgid "" | ||
339 | "If you are only interested in using the ssh client for outbound connections " | ||
340 | "on this machine, and don't want to log into it at all using ssh, then you " | ||
341 | "can disable sshd here." | ||
342 | msgstr "" | ||
343 | "¤â¤· ssh ¥¯¥é¥¤¥¢¥ó¥È¤ò»È¤Ã¤Æ¤³¤Î¥Þ¥·¥ó¤«¤é¾¥Þ¥·¥ó¤Ø¤ÈÀܳ¤¹¤ë¤À¤±¤Ç ¤Ç¡¢¤³" | ||
344 | "¤Î¥Þ¥·¥ó¤Ø¤È ssh ¤ò»È¤Ã¤Æ¥í¥°¥¤¥ó¤·¤Ê¤¤¤Î¤Ç¤·¤¿¤é¡¢¤³¤³¤Ç sshd ¤ò¼Â¹Ô¤·¤Ê¤¤¤Ç" | ||
345 | "¤ª¤¤Þ¤¹¡£" | ||
346 | |||
347 | #. Description | ||
348 | #: ../templates.master:149 | ||
349 | msgid "Environment options on keys have been deprecated" | ||
350 | msgstr "¸°¤Î´Ä¶¥ª¥×¥·¥ç¥ó¤Ï̵¸ú¤ËÀßÄꤵ¤ì¤Þ¤·¤¿" | ||
351 | |||
352 | #. Description | ||
353 | #: ../templates.master:149 | ||
354 | msgid "" | ||
355 | "This version of OpenSSH disables the environment option for public keys by " | ||
356 | "default, in order to avoid certain attacks (for example, LD_PRELOAD). If you " | ||
357 | "are using this option in an authorized_keys file, beware that the keys in " | ||
358 | "question will no longer work until the option is removed." | ||
359 | msgstr "" | ||
360 | "ËܥС¼¥¸¥ç¥ó¤Î OpenSSH ¤Ï¡¢¸ø³«¸°¤Î´Ä¶¥ª¥×¥·¥ç¥ó¤ò¥Ç¥Õ¥©¥ë¥È¤Ç ̵¸ú¤ËÀßÄꤷ" | ||
361 | "¤Æ¤¤¤Þ¤¹¡£LD_PRELOAD ¤Ê¤É¤Î¹¶·â¤òÈò¤±¤ë¤¿¤á¤Ç¤¹¡£ ¤â¤· authorized_keys ¥Õ¥¡¥¤" | ||
362 | "¥ë¤Ç¤³¤Î¥ª¥×¥·¥ç¥ó¤ò»ÈÍѤ·¤Æ¤¤¤ë¾ì¹ç¡¢ ¤³¤Î¥ª¥×¥·¥ç¥ó¤ò½üµî¤·¤Ê¤¤¸Â¤ê¤Ï¤½¤Î¸°" | ||
363 | "¤ÏÍøÍѤǤ¤Ê¤¤¤³¤È¤ËÃí°Õ ¤·¤Æ¤¯¤À¤µ¤¤¡£" | ||
364 | |||
365 | #. Description | ||
366 | #: ../templates.master:149 | ||
367 | msgid "" | ||
368 | "To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/" | ||
369 | "sshd_config after the upgrade is complete, taking note of the warning in the " | ||
370 | "sshd_config(5) manual page." | ||
371 | msgstr "" | ||
372 | "¤³¤Î¥ª¥×¥·¥ç¥ó¤òºÆ¤Ó͸ú¤Ë¤¹¤ë¤Ë¤Ï¡¢¥¢¥Ã¥×¥°¥ì¡¼¥É½ªÎ»¸å¤Ë¡¢ sshd_config(5) " | ||
373 | "¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤Î·Ù¹ð»ö¹à¤òÆɤó¤Ç¡¢ /etc/ssh/sshd_config ¥Õ¥¡¥¤¥ë¤Ë" | ||
374 | "¡ÖPermitUserEnvironment yes¡×¤È ÀßÄꤷ¤Æ¤¯¤À¤µ¤¤¡£" | ||
375 | |||
376 | #~ msgid "" | ||
377 | #~ "NB! If you are running a 2.0 series Linux kernel, then privilege " | ||
378 | #~ "separation will not work at all, and your sshd will fail to start unless " | ||
379 | #~ "you explicitly turn privilege separation off." | ||
380 | #~ msgstr "" | ||
381 | #~ "Ãí°Õ! Linux ¥«¡¼¥Í¥ë¤Î¥Ð¡¼¥¸¥ç¥ó 2.0 ·ÏÎó¤ò»È¤Ã¤Æ¤¤¤ë¾ì¹ç¡¢Æø¢ ʬΥ¤ÏÁ´¤¯" | ||
382 | #~ "Æ°ºî¤·¤Þ¤»¤ó¡£ÌÀ¼¨Åª¤ËÆø¢Ê¬Î¥¤ò̵¸ú¤Ë¤·¤Ê¤¤¸Â¤ê¡¢sshd ¤Ïµ¯Æ°¤Ë¼ºÇÔ¤·¤Þ" | ||
383 | #~ "¤¹¡£" | ||
diff --git a/debian/po/pl.po b/debian/po/pl.po new file mode 100644 index 000000000..6910ceaf7 --- /dev/null +++ b/debian/po/pl.po | |||
@@ -0,0 +1,386 @@ | |||
1 | # | ||
2 | # Translators, if you are not familiar with the PO format, gettext | ||
3 | # documentation is worth reading, especially sections dedicated to | ||
4 | # this format, e.g. by running: | ||
5 | # info -n '(gettext)PO Files' | ||
6 | # info -n '(gettext)Header Entry' | ||
7 | # | ||
8 | # Some information specific to po-debconf are available at | ||
9 | # /usr/share/doc/po-debconf/README-trans | ||
10 | # or http://www.debian.org/intl/l10n/po-debconf/README-trans | ||
11 | # | ||
12 | # Developers do not need to manually edit POT or PO files. | ||
13 | # | ||
14 | #, fuzzy | ||
15 | msgid "" | ||
16 | msgstr "" | ||
17 | "Project-Id-Version: PACKAGE VERSION\n" | ||
18 | "Report-Msgid-Bugs-To: \n" | ||
19 | "POT-Creation-Date: 2003-08-27 02:20+0100\n" | ||
20 | "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" | ||
21 | "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" | ||
22 | "Language-Team: LANGUAGE <LL@li.org>\n" | ||
23 | "MIME-Version: 1.0\n" | ||
24 | "Content-Type: text/plain; charset=ISO-8859-2\n" | ||
25 | "Content-Transfer-Encoding: 8bit\n" | ||
26 | |||
27 | #. Description | ||
28 | #: ../templates.master:3 | ||
29 | msgid "Privilege separation" | ||
30 | msgstr "Separacja uprawnieñ" | ||
31 | |||
32 | #. Description | ||
33 | #: ../templates.master:3 | ||
34 | msgid "" | ||
35 | "Privilege separation is turned on by default, so if you decide you want it " | ||
36 | "turned off, you need to add \"UsePrivilegeSeparation no\" to /etc/ssh/" | ||
37 | "sshd_config." | ||
38 | msgstr "" | ||
39 | "Separacja uprawnieñ jest domy¶lnie w³±czona, wiêc je¶li zdecydujesz siê j± " | ||
40 | "wy³±czyæ, musisz dodaæ \"UsePrivilegeSeparation no\" do pliku /etc/ssh/" | ||
41 | "sshd_config." | ||
42 | |||
43 | #. Description | ||
44 | #: ../templates.master:19 | ||
45 | msgid "Enable Privilege separation" | ||
46 | msgstr "W³±czenie separacji uprawnieñ" | ||
47 | |||
48 | #. Description | ||
49 | #: ../templates.master:19 | ||
50 | msgid "" | ||
51 | "This version of OpenSSH contains the new privilege separation option. This " | ||
52 | "significantly reduces the quantity of code that runs as root, and therefore " | ||
53 | "reduces the impact of security holes in sshd." | ||
54 | msgstr "" | ||
55 | "Ta wersja OpenSSH zawiera now± opcjê separacji uprawnieñ. Znacz±co zmniejsza " | ||
56 | "ona ilo¶æ kodu, który jest uruchamiany jako root i co za tym idzie redukuje " | ||
57 | "efekty luk bezpieczeñstwa w sshd." | ||
58 | |||
59 | #. Description | ||
60 | #: ../templates.master:19 | ||
61 | msgid "" | ||
62 | "Unfortunately, privilege separation interacts badly with PAM. Any PAM " | ||
63 | "session modules that need to run as root (pam_mkhomedir, for example) will " | ||
64 | "fail, and PAM keyboard-interactive authentication won't work." | ||
65 | msgstr "" | ||
66 | "Niestety separacja uprawnieñ ¼le reaguje z PAMem. Jakikolwiek modu³ sesji " | ||
67 | "PAM, który musi byæ uruchamiany jako root (pam_mkhomedir, na przyk³ad) " | ||
68 | "zawiedzie. Nie bêdzie dzia³aæ równie¿ interaktywna autentykacja z klawiatury " | ||
69 | "(keyboard-interactive authentication)." | ||
70 | |||
71 | #. Description | ||
72 | #: ../templates.master:19 | ||
73 | #, fuzzy | ||
74 | msgid "" | ||
75 | "Since you've opted to have me generate an sshd_config file for you, you can " | ||
76 | "choose whether or not to have Privilege Separation turned on or not. Unless " | ||
77 | "you know you need to use PAM features that won't work with this option, you " | ||
78 | "should say yes here." | ||
79 | msgstr "" | ||
80 | "Zdecydowa³e¶ siê na to abym wygenerowa³ dla ciebie plik sshd_config, i " | ||
81 | "mo¿esz wybraæ czy chcesz w³±czyæ Separacjê Uprawnieñ, czy te¿ nie. Je¶li nie " | ||
82 | "u¿ywasz j±dra z serii 2.0 (w którym to przypadku *musisz* odpowiedzieæ tutaj " | ||
83 | "'nie' albo sshd w ogóle nie ruszy) i je¶li nie musisz korzystaæ z mo¿liwo¶ci " | ||
84 | "PAMa, które nie bêd± dzia³a³y z t± opcj±, powiniene¶ odpowiedzieæ tutaj " | ||
85 | "'tak'." | ||
86 | |||
87 | #. Description | ||
88 | #: ../templates.master:36 | ||
89 | msgid "Generate new configuration file" | ||
90 | msgstr "Wygeneruj nowy plik konfiguracyjny" | ||
91 | |||
92 | #. Description | ||
93 | #: ../templates.master:36 | ||
94 | msgid "" | ||
95 | "This version of OpenSSH has a considerably changed configuration file from " | ||
96 | "the version shipped in Debian 'Potato', which you appear to be upgrading " | ||
97 | "from. I can now generate you a new configuration file (/etc/ssh/sshd." | ||
98 | "config), which will work with the new server version, but will not contain " | ||
99 | "any customisations you made with the old version." | ||
100 | msgstr "" | ||
101 | "W tej wersji OpenSSH zmieni³ siê plik konfiguracyjny w stosunku do wersji " | ||
102 | "dostarczanej z Debianem 'Potato', któr± zdajesz siê aktualizowaæ. Mogê teraz " | ||
103 | "wygenerowaæ nowy plik konfiguracyjny (/etc/ssh/sshd.config), który bêdzie " | ||
104 | "dzia³a³ z now± wersj± serwera, ale nie bêdzie zawiera³ ¿adnych dokonanych " | ||
105 | "przez ciebie w starej wersji zmian." | ||
106 | |||
107 | #. Description | ||
108 | #: ../templates.master:36 | ||
109 | msgid "" | ||
110 | "Please note that this new configuration file will set the value of " | ||
111 | "'PermitRootLogin' to yes (meaning that anyone knowing the root password can " | ||
112 | "ssh directly in as root). It is the opinion of the maintainer that this is " | ||
113 | "the correct default (see README.Debian for more details), but you can always " | ||
114 | "edit sshd_config and set it to no if you wish." | ||
115 | msgstr "" | ||
116 | "Zauwa¿ proszê, ¿e nowy plik konfiguracyjny bêdzie ustawia³ warto¶æ opcji " | ||
117 | "'PermitRootLogin' na 'tak' (co oznacza, ¿e ka¿dy kto zna has³o root'a mo¿e " | ||
118 | "zdalnie zalogowaæ siê przez ssh jako root). W opinii opiekuna pakietu to " | ||
119 | "jest poprawna warto¶æ domy¶lna (szczegó³y w README.Debian), ale mo¿esz sobie " | ||
120 | "wyedytowaæ sshd_config i ustawiæ tê opcjê na 'nie' je¶li siê z t± opini± nie " | ||
121 | "zgadzasz." | ||
122 | |||
123 | #. Description | ||
124 | #: ../templates.master:36 | ||
125 | msgid "" | ||
126 | "It is strongly recommended that you let me generate a new configuration file " | ||
127 | "for you." | ||
128 | msgstr "" | ||
129 | "Jest bardzo wskazane aby¶ pozwoli³ mi wygenerowaæ nowy plik konfiguracyjny." | ||
130 | |||
131 | #. Description | ||
132 | #: ../templates.master:55 | ||
133 | msgid "Allow SSH protocol 2 only" | ||
134 | msgstr "Zezwalaj wy³±cznie na wersjê 2 protoko³u SSH" | ||
135 | |||
136 | #. Description | ||
137 | #: ../templates.master:55 | ||
138 | msgid "" | ||
139 | "This version of OpenSSH supports version 2 of the ssh protocol, which is " | ||
140 | "much more secure. Disabling ssh 1 is encouraged, however this will slow " | ||
141 | "things down on low end machines and might prevent older clients from " | ||
142 | "connecting (the ssh client shipped with \"potato\" is affected)." | ||
143 | msgstr "" | ||
144 | "Ta wersja OpenSSH wspiera drug± wersjê protoko³u ssh, która jest znacznie " | ||
145 | "bardziej bezpieczna. Wy³±czenie ssh 1 jest zalecane, choæ spowalnia to " | ||
146 | "dzia³anie na starych maszynach i mo¿e uniemo¿liwiæ po³±czenie starszym " | ||
147 | "wersjom klientów (dotyczy to np. klienta ssh do³±czanego do \"potato\")." | ||
148 | |||
149 | #. Description | ||
150 | #: ../templates.master:55 | ||
151 | msgid "" | ||
152 | "Also please note that keys used for protocol 1 are different so you will not " | ||
153 | "be able to use them if you only allow protocol 2 connections." | ||
154 | msgstr "" | ||
155 | "Ponadto, zauwa¿ proszê, ¿e klucze u¿ywane przez protokó³ 1 s± inne, wiêc nie " | ||
156 | "bêdziesz móg³ ich u¿ywaæ je¶li zezwolisz na korzystanie wy³±cznie z wersji 2 " | ||
157 | "protoko³u." | ||
158 | |||
159 | #. Description | ||
160 | #: ../templates.master:55 | ||
161 | msgid "" | ||
162 | "If you later change your mind about this setting, README.Debian has " | ||
163 | "instructions on what to do to your sshd_config file." | ||
164 | msgstr "" | ||
165 | "Je¶li pó¼niej zmienisz zdanie co do tego ustawienia, to instrukcje co " | ||
166 | "zmieniæ w sshd_config znajduj± siê w README.Debian." | ||
167 | |||
168 | #. Description | ||
169 | #: ../templates.master:69 | ||
170 | msgid "ssh2 keys merged in configuration files" | ||
171 | msgstr "klucze ssh2 w³±czone do plików konfiguracyjnych" | ||
172 | |||
173 | #. Description | ||
174 | #: ../templates.master:69 | ||
175 | msgid "" | ||
176 | "As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 " | ||
177 | "keys. This means the authorized_keys2 and known_hosts2 files are no longer " | ||
178 | "needed. They will still be read in order to maintain backwards compatibility" | ||
179 | msgstr "" | ||
180 | "Pocz±wszy od wersji 3 OpenSSH nie u¿ywa ju¿ osobnych plików dla kluczy ssh1 " | ||
181 | "i ssh2. Oznacza to, ¿e pliki authorized_keys2 i known_hosts2 nie s± ju¿ " | ||
182 | "potrzebne. Bêd± one jednak odczytywane aby zachowaæ wsteczn± kompatybilno¶æ." | ||
183 | |||
184 | #. Description | ||
185 | #: ../templates.master:78 | ||
186 | msgid "Do you want to continue (and risk killing active ssh sessions) ?" | ||
187 | msgstr "Czy chcesz kontynuowaæ (i ryzykowaæ zabicie aktywnych sesji ssh) ?" | ||
188 | |||
189 | #. Description | ||
190 | #: ../templates.master:78 | ||
191 | msgid "" | ||
192 | "The version of /etc/init.d/ssh that you have installed, is likely to kill " | ||
193 | "all running sshd instances. If you are doing this upgrade via an ssh " | ||
194 | "session, that would be a Bad Thing(tm)." | ||
195 | msgstr "" | ||
196 | "Zainstalowana w³a¶nie wersja /etc/init.d/ssh mo¿e zabiæ wszystkie dzia³aj±ce " | ||
197 | "obecnie kopie sshd. Je¶li robisz ten upgrade via ssh, to by³aby Z³a Rzecz" | ||
198 | "(tm)." | ||
199 | |||
200 | #. Description | ||
201 | #: ../templates.master:78 | ||
202 | msgid "" | ||
203 | "You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-" | ||
204 | "daemon line in the stop section of the file." | ||
205 | msgstr "" | ||
206 | "Mo¿esz to naprawiæ dodaj±c \"--pidfile /var/run/sshd.pid\" do linijki start-" | ||
207 | "stop-daemon w sekcji stop tego pliku." | ||
208 | |||
209 | #. Description | ||
210 | #: ../templates.master:88 | ||
211 | msgid "NOTE: Forwarding of X11 and Authorization disabled by default." | ||
212 | msgstr "" | ||
213 | "UWAGA: Przekazywanie (forwarding) X11 i Autoryzacji jest domy¶lnie wy³±czone." | ||
214 | |||
215 | #. Description | ||
216 | #: ../templates.master:88 | ||
217 | msgid "" | ||
218 | "For security reasons, the Debian version of ssh has ForwardX11 and " | ||
219 | "ForwardAgent set to ``off'' by default." | ||
220 | msgstr "" | ||
221 | "Ze wzglêdów bezpieczeñstwa Debianowa wersja ssh ma ForwardX11 i ForwardAgent " | ||
222 | "ustawione domy¶lnie na 'off'." | ||
223 | |||
224 | #. Description | ||
225 | #: ../templates.master:88 | ||
226 | msgid "" | ||
227 | "You can enable it for servers you trust, either in one of the configuration " | ||
228 | "files, or with the -X command line option." | ||
229 | msgstr "" | ||
230 | "Dla zaufanych serwerów mo¿esz w³±czyæ te opcje w pliku konfiguracyjnym lub " | ||
231 | "przy pomocy opcji -X z linii komend." | ||
232 | |||
233 | #. Description | ||
234 | #: ../templates.master:88 | ||
235 | msgid "More details can be found in /usr/share/doc/ssh/README.Debian" | ||
236 | msgstr "Wiêcej szczegó³ów znajdziesz w /usr/share/doc/ssh/README.Debian." | ||
237 | |||
238 | #. Description | ||
239 | #: ../templates.master:99 | ||
240 | msgid "Warning: rsh-server is installed --- probably not a good idea" | ||
241 | msgstr "" | ||
242 | "Uwaga: serwer rsh jest zainstalowany --- prawdopodobnie nienajlepszy pomys³" | ||
243 | |||
244 | #. Description | ||
245 | #: ../templates.master:99 | ||
246 | msgid "" | ||
247 | "having rsh-server installed undermines the security that you were probably " | ||
248 | "wanting to obtain by installing ssh. I'd advise you to remove that package." | ||
249 | msgstr "" | ||
250 | "Posiadanie zainstalowanego serwera rsh podminowuje zabezpieczenia, które " | ||
251 | "prawdopodobnie starasz siê uzyskaæ instaluj±c ssh. Radzi³bym usun±æ ten " | ||
252 | "pakiet." | ||
253 | |||
254 | #. Description | ||
255 | #: ../templates.master:106 | ||
256 | msgid "Warning: telnetd is installed --- probably not a good idea" | ||
257 | msgstr "" | ||
258 | "Uwaga: telnetd jest zainstalowany --- prawdopodobnie nienajlepszy pomys³" | ||
259 | |||
260 | #. Description | ||
261 | #: ../templates.master:106 | ||
262 | msgid "" | ||
263 | "I'd advise you to either remove the telnetd package (if you don't actually " | ||
264 | "need to offer telnet access) or install telnetd-ssl so that there is at " | ||
265 | "least some chance that telnet sessions will not be sending unencrypted login/" | ||
266 | "password and session information over the network." | ||
267 | msgstr "" | ||
268 | "Radzi³bym albo usun±æ pakiet telnetd (je¶li nie potrzebujesz koniecznie " | ||
269 | "udostêpniaæ telnet'a) albo zainstalowaæ telnetd-ssl aby by³a choæ szansza, " | ||
270 | "¿e sesje telnet nie bêd± przesy³aæ niezaszyfrowanego loginu/has³a oraz " | ||
271 | "danych sesji przez sieæ." | ||
272 | |||
273 | #. Description | ||
274 | #: ../templates.master:114 | ||
275 | msgid "Warning: you must create a new host key" | ||
276 | msgstr "Uwaga: musisz utworzyæ nowy klucz hosta" | ||
277 | |||
278 | #. Description | ||
279 | #: ../templates.master:114 | ||
280 | msgid "" | ||
281 | "There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can " | ||
282 | "not handle this host key file, and I can't find the ssh-keygen utility from " | ||
283 | "the old (non-free) SSH installation." | ||
284 | msgstr "" | ||
285 | "Istnieje stary /etc/ssh/ssh_host_key, który jest zaszyfrowany przez IDEA. " | ||
286 | "OpenSSH nie umie korzystaæ z tak zaszyfrowanego klucza, a nie mo¿e znale¼æ " | ||
287 | "polecenia ssh-keygen ze starego SSH (non-free)." | ||
288 | |||
289 | #. Description | ||
290 | #: ../templates.master:114 | ||
291 | msgid "You will need to generate a new host key." | ||
292 | msgstr "Bêdziesz musia³ wygenerowaæ nowy klucz hosta." | ||
293 | |||
294 | #. Description | ||
295 | #: ../templates.master:124 | ||
296 | msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?" | ||
297 | msgstr "Czy chcesz aby /usr/lib/ssh-keysign by³ zainstalowany jako SUID root?" | ||
298 | |||
299 | #. Description | ||
300 | #: ../templates.master:124 | ||
301 | msgid "" | ||
302 | "You have the option of installing the ssh-keysign helper with the SUID bit " | ||
303 | "set." | ||
304 | msgstr "" | ||
305 | "Masz mo¿liwo¶æ zainstalowania pomocniczego programu ssh-keysign z w³±czonym " | ||
306 | "bitem SETUID." | ||
307 | |||
308 | #. Description | ||
309 | #: ../templates.master:124 | ||
310 | msgid "" | ||
311 | "If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-" | ||
312 | "based authentication." | ||
313 | msgstr "" | ||
314 | "Je¶li uczynisz ssh-keysign SUIDowym, bêdziesz móg³ u¿ywaæ opartej na hostach " | ||
315 | "autentykacji drugiej wersji protoko³u SSH." | ||
316 | |||
317 | #. Description | ||
318 | #: ../templates.master:124 | ||
319 | msgid "" | ||
320 | "If in doubt, I suggest you install it with SUID. If it causes problems you " | ||
321 | "can change your mind later by running: dpkg-reconfigure ssh" | ||
322 | msgstr "" | ||
323 | "Je¶li masz w±tpliwo¶ci, radzê zainstalowaæ go z SUIDem. Je¶li to sprawia " | ||
324 | "problemy, mo¿esz zmieniæ swoje zdanie uruchamiaj±c pó¼niej polecenie: dpkg-" | ||
325 | "reconfigure ssh" | ||
326 | |||
327 | #. Description | ||
328 | #: ../templates.master:137 | ||
329 | msgid "Do you want to run the sshd server ?" | ||
330 | msgstr "Czy chcesz uruchamiaæ serwer sshd ?" | ||
331 | |||
332 | #. Description | ||
333 | #: ../templates.master:137 | ||
334 | msgid "This package contains both the ssh client, and the sshd server." | ||
335 | msgstr "Ten pakiet zawiera zarówno klienta ssh, jak i serwer sshd." | ||
336 | |||
337 | #. Description | ||
338 | #: ../templates.master:137 | ||
339 | msgid "" | ||
340 | "Normally the sshd Secure Shell Server will be run to allow remote logins via " | ||
341 | "ssh." | ||
342 | msgstr "" | ||
343 | "Normalnie serwer sshd (Secure Shell Server) bêdzie uruchomiony aby umo¿liwiæ " | ||
344 | "zdalny dostêp przez ssh." | ||
345 | |||
346 | #. Description | ||
347 | #: ../templates.master:137 | ||
348 | msgid "" | ||
349 | "If you are only interested in using the ssh client for outbound connections " | ||
350 | "on this machine, and don't want to log into it at all using ssh, then you " | ||
351 | "can disable sshd here." | ||
352 | msgstr "" | ||
353 | "Je¶li jeste¶ zainteresowny u¿ywaniem wy³±cznie klienta ssh dla po³±czeñ " | ||
354 | "wychodz±cych z tej maszyny, i nie chcesz siê na ni± logowaæ przy pomocy ssh, " | ||
355 | "to mo¿esz teraz wy³±czyæ serwer sshd." | ||
356 | |||
357 | #. Description | ||
358 | #: ../templates.master:149 | ||
359 | msgid "Environment options on keys have been deprecated" | ||
360 | msgstr "" | ||
361 | |||
362 | #. Description | ||
363 | #: ../templates.master:149 | ||
364 | msgid "" | ||
365 | "This version of OpenSSH disables the environment option for public keys by " | ||
366 | "default, in order to avoid certain attacks (for example, LD_PRELOAD). If you " | ||
367 | "are using this option in an authorized_keys file, beware that the keys in " | ||
368 | "question will no longer work until the option is removed." | ||
369 | msgstr "" | ||
370 | |||
371 | #. Description | ||
372 | #: ../templates.master:149 | ||
373 | msgid "" | ||
374 | "To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/" | ||
375 | "sshd_config after the upgrade is complete, taking note of the warning in the " | ||
376 | "sshd_config(5) manual page." | ||
377 | msgstr "" | ||
378 | |||
379 | #~ msgid "" | ||
380 | #~ "NB! If you are running a 2.0 series Linux kernel, then privilege " | ||
381 | #~ "separation will not work at all, and your sshd will fail to start unless " | ||
382 | #~ "you explicitly turn privilege separation off." | ||
383 | #~ msgstr "" | ||
384 | #~ "UWAGA! Je¿eli u¿ywasz j±dra Linux'a z serii 2.0, to separacja uprawnieñ w " | ||
385 | #~ "ogóle nie bêdzie dzia³aæ i sshd nie wystartuje dopóki w³asnorêcznie nie " | ||
386 | #~ "wy³±czysz separacji uprawnieñ w /etc/ssh/sshd_config." | ||
diff --git a/debian/po/pt_BR.po b/debian/po/pt_BR.po new file mode 100644 index 000000000..017d13cf4 --- /dev/null +++ b/debian/po/pt_BR.po | |||
@@ -0,0 +1,399 @@ | |||
1 | # | ||
2 | # Translators, if you are not familiar with the PO format, gettext | ||
3 | # documentation is worth reading, especially sections dedicated to | ||
4 | # this format, e.g. by running: | ||
5 | # info -n '(gettext)PO Files' | ||
6 | # info -n '(gettext)Header Entry' | ||
7 | # | ||
8 | # Some information specific to po-debconf are available at | ||
9 | # /usr/share/doc/po-debconf/README-trans | ||
10 | # or http://www.debian.org/intl/l10n/po-debconf/README-trans | ||
11 | # | ||
12 | # Developers do not need to manually edit POT or PO files. | ||
13 | # | ||
14 | msgid "" | ||
15 | msgstr "" | ||
16 | "Project-Id-Version: openssh-3.6.1p2-5\n" | ||
17 | "Report-Msgid-Bugs-To: \n" | ||
18 | "POT-Creation-Date: 2003-08-27 02:20+0100\n" | ||
19 | "PO-Revision-Date: 2003-03-08 16:56+0300\n" | ||
20 | "Last-Translator: André Luís Lopes <andrelop@debian.org>\n" | ||
21 | "Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n" | ||
22 | "MIME-Version: 1.0\n" | ||
23 | "Content-Type: text/plain; charset=ISO-8859-1\n" | ||
24 | "Content-Transfer-Encoding: 8bit\n" | ||
25 | |||
26 | #. Description | ||
27 | #: ../templates.master:3 | ||
28 | msgid "Privilege separation" | ||
29 | msgstr "Separação de Previlégios" | ||
30 | |||
31 | #. Description | ||
32 | #: ../templates.master:3 | ||
33 | msgid "" | ||
34 | "Privilege separation is turned on by default, so if you decide you want it " | ||
35 | "turned off, you need to add \"UsePrivilegeSeparation no\" to /etc/ssh/" | ||
36 | "sshd_config." | ||
37 | msgstr "" | ||
38 | "A separação de previlégios está habilitado por padrão, portanto caso você " | ||
39 | "decida que deseja desabilitá-la você precisará adicionar a linha " | ||
40 | "\"UsePrivilegeSeparation no\" ao arquivo /etc/ssh/sshd_config." | ||
41 | |||
42 | #. Description | ||
43 | #: ../templates.master:19 | ||
44 | msgid "Enable Privilege separation" | ||
45 | msgstr "Habilitar Separação de Privilégios" | ||
46 | |||
47 | #. Description | ||
48 | #: ../templates.master:19 | ||
49 | msgid "" | ||
50 | "This version of OpenSSH contains the new privilege separation option. This " | ||
51 | "significantly reduces the quantity of code that runs as root, and therefore " | ||
52 | "reduces the impact of security holes in sshd." | ||
53 | msgstr "" | ||
54 | "Esta versão do OpenSSH contém a nova opção de separação de privilégios. Esta " | ||
55 | "opção reduz significativamente a quantidade de código que é executada como " | ||
56 | "root e portanto reduz o impacto de falhas de segurança no sshd." | ||
57 | |||
58 | #. Description | ||
59 | #: ../templates.master:19 | ||
60 | msgid "" | ||
61 | "Unfortunately, privilege separation interacts badly with PAM. Any PAM " | ||
62 | "session modules that need to run as root (pam_mkhomedir, for example) will " | ||
63 | "fail, and PAM keyboard-interactive authentication won't work." | ||
64 | msgstr "" | ||
65 | "Infelizmente, a separação de privilégios interage de maneira ruim com o PAM. " | ||
66 | "Quaisquer módulos de sessão PAM que precisem ser executados como root " | ||
67 | "(pam_mkhomedir, por exemplo) irão falhar e autenticação interativa com " | ||
68 | "teclado do PAM não funcionará." | ||
69 | |||
70 | #. Description | ||
71 | #: ../templates.master:19 | ||
72 | msgid "" | ||
73 | "Since you've opted to have me generate an sshd_config file for you, you can " | ||
74 | "choose whether or not to have Privilege Separation turned on or not. Unless " | ||
75 | "you know you need to use PAM features that won't work with this option, you " | ||
76 | "should say yes here." | ||
77 | msgstr "" | ||
78 | "Uma vez que você optou por permitir que o debconf gere o arquivo sshd_config " | ||
79 | "para você, é possível escolher se você deseja ter ou não o recurso de " | ||
80 | "Separação de Privilégios habilitado. A menos que você saiba que utiliza " | ||
81 | "recursos PAM que não funcionarão com esta opção, você deve responder " | ||
82 | "positivamente aqui." | ||
83 | |||
84 | #. Description | ||
85 | #: ../templates.master:36 | ||
86 | msgid "Generate new configuration file" | ||
87 | msgstr "Gerar novo arquivo de configuração" | ||
88 | |||
89 | #. Description | ||
90 | #: ../templates.master:36 | ||
91 | msgid "" | ||
92 | "This version of OpenSSH has a considerably changed configuration file from " | ||
93 | "the version shipped in Debian 'Potato', which you appear to be upgrading " | ||
94 | "from. I can now generate you a new configuration file (/etc/ssh/sshd." | ||
95 | "config), which will work with the new server version, but will not contain " | ||
96 | "any customisations you made with the old version." | ||
97 | msgstr "" | ||
98 | "Esta versão do OpenSSH possui um arquivo de configuração consideravelmente " | ||
99 | "diferente da versão fornecida com o Debian 'Potato' (Debian versão 2.2), a " | ||
100 | "versão do Debian da qual você parece estar atualizando. Esse assistente de " | ||
101 | "confgiuração inicial pode agora gerar um novo arquivo de configuração (/etc/" | ||
102 | "ssh/sshd_config) que irá funcionar com o nova versão do servidor sshd mas " | ||
103 | "não irá conter nenhuma personalização que você possa ter feito na versão " | ||
104 | "anterior." | ||
105 | |||
106 | #. Description | ||
107 | #: ../templates.master:36 | ||
108 | msgid "" | ||
109 | "Please note that this new configuration file will set the value of " | ||
110 | "'PermitRootLogin' to yes (meaning that anyone knowing the root password can " | ||
111 | "ssh directly in as root). It is the opinion of the maintainer that this is " | ||
112 | "the correct default (see README.Debian for more details), but you can always " | ||
113 | "edit sshd_config and set it to no if you wish." | ||
114 | msgstr "" | ||
115 | "Por favor note que este novo arquivo de configuração irá definir o valor da " | ||
116 | "opção 'PermitRootLogin' para \"yes\" (o que significa que qualquer pessoa " | ||
117 | "que conheça a senha de root poderá conectar via ssh diretamente como root no " | ||
118 | "servidor onde este pacote esta sendo instalado). A opinião do mantenedor do " | ||
119 | "pacote é que esse é o comportamente padrão correto (consulte o arquivo " | ||
120 | "README.Debian deste pacote para maiores detalhes), mas você poderá sempre " | ||
121 | "editar o arquivo sshd_config e definir esta opção para \"no\" caso você não " | ||
122 | "concorde com o mantenedor do OpenSSH." | ||
123 | |||
124 | #. Description | ||
125 | #: ../templates.master:36 | ||
126 | msgid "" | ||
127 | "It is strongly recommended that you let me generate a new configuration file " | ||
128 | "for you." | ||
129 | msgstr "" | ||
130 | "É fortemente recomendado que você permita que o novo arquivo de configuração " | ||
131 | "será gerado automaticamente para você." | ||
132 | |||
133 | #. Description | ||
134 | #: ../templates.master:55 | ||
135 | msgid "Allow SSH protocol 2 only" | ||
136 | msgstr "Permitir somente protocolo SSH versão 2" | ||
137 | |||
138 | #. Description | ||
139 | #: ../templates.master:55 | ||
140 | msgid "" | ||
141 | "This version of OpenSSH supports version 2 of the ssh protocol, which is " | ||
142 | "much more secure. Disabling ssh 1 is encouraged, however this will slow " | ||
143 | "things down on low end machines and might prevent older clients from " | ||
144 | "connecting (the ssh client shipped with \"potato\" is affected)." | ||
145 | msgstr "" | ||
146 | "Esta versão do OpenSSH suporta a versão 2 do protocolo ssh, a qual é muito " | ||
147 | "mais segura que a versão anterior. É recomendado desabilitar o suporte ao " | ||
148 | "protocolo ssh versão 1, porém isto fará com que conexões fiquem mais lentas " | ||
149 | "em máquinas mais antigas e pode impedir que clientes antigos consigam se " | ||
150 | "conectar (o cliente ssh fornecido com a versão do Debian 2.2 \"potato\" é " | ||
151 | "afetada.)" | ||
152 | |||
153 | #. Description | ||
154 | #: ../templates.master:55 | ||
155 | msgid "" | ||
156 | "Also please note that keys used for protocol 1 are different so you will not " | ||
157 | "be able to use them if you only allow protocol 2 connections." | ||
158 | msgstr "" | ||
159 | "Por favor note também que as chaves usadas para o protocolo 1 são diferentes " | ||
160 | "portanto você não poderá usá-las caso você somente permita conexões usando o " | ||
161 | "protocolo 2." | ||
162 | |||
163 | #. Description | ||
164 | #: ../templates.master:55 | ||
165 | msgid "" | ||
166 | "If you later change your mind about this setting, README.Debian has " | ||
167 | "instructions on what to do to your sshd_config file." | ||
168 | msgstr "" | ||
169 | "Caso você posteriormente mude de idéia sobre esta configuração, o arquivo " | ||
170 | "README.Debian deste pacote possui instruções sobre o que mudar em seu " | ||
171 | "arquivo de configuração sshd_config." | ||
172 | |||
173 | #. Description | ||
174 | #: ../templates.master:69 | ||
175 | msgid "ssh2 keys merged in configuration files" | ||
176 | msgstr "Chaves ssh2 incluídas nos arquivos de configuração" | ||
177 | |||
178 | #. Description | ||
179 | #: ../templates.master:69 | ||
180 | msgid "" | ||
181 | "As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 " | ||
182 | "keys. This means the authorized_keys2 and known_hosts2 files are no longer " | ||
183 | "needed. They will still be read in order to maintain backwards compatibility" | ||
184 | msgstr "" | ||
185 | "A partir do versão 3 o OpenSSH não usa mais arquivos separados para as " | ||
186 | "chaves ssh1 e ssh2. Isto significa que os arquivos \"authorized_keys2\" e " | ||
187 | "\"know_hosts2\" não são mais necessários. Os mesmos continuarão a ser lidos " | ||
188 | "para manter a compatibilidade com versões anteriores." | ||
189 | |||
190 | #. Description | ||
191 | #: ../templates.master:78 | ||
192 | msgid "Do you want to continue (and risk killing active ssh sessions) ?" | ||
193 | msgstr "Deseja continuar (e arriscar acabar com sessões ssh ativas) ?" | ||
194 | |||
195 | #. Description | ||
196 | #: ../templates.master:78 | ||
197 | msgid "" | ||
198 | "The version of /etc/init.d/ssh that you have installed, is likely to kill " | ||
199 | "all running sshd instances. If you are doing this upgrade via an ssh " | ||
200 | "session, that would be a Bad Thing(tm)." | ||
201 | msgstr "" | ||
202 | "A versão de /etc/init.d/ssh que você possui instalada está prestes a matar " | ||
203 | "todas as instâncias sshd sendo executadas. Se você está fazendo esta " | ||
204 | "atualização através de uma sessão ssh, isto seria uma Coisa Ruim(tm)." | ||
205 | |||
206 | #. Description | ||
207 | #: ../templates.master:78 | ||
208 | msgid "" | ||
209 | "You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-" | ||
210 | "daemon line in the stop section of the file." | ||
211 | msgstr "" | ||
212 | "Você pode corrigir isto adicionando \"--pidfile /var/run/sshd.pid\" na linha " | ||
213 | "start-stop-daemon na seção stop deste arquivo." | ||
214 | |||
215 | #. Description | ||
216 | #: ../templates.master:88 | ||
217 | msgid "NOTE: Forwarding of X11 and Authorization disabled by default." | ||
218 | msgstr "NOTA: Encaminhamento de X11 e Autorização desabilitados por padrão." | ||
219 | |||
220 | #. Description | ||
221 | #: ../templates.master:88 | ||
222 | msgid "" | ||
223 | "For security reasons, the Debian version of ssh has ForwardX11 and " | ||
224 | "ForwardAgent set to ``off'' by default." | ||
225 | msgstr "" | ||
226 | "Por razôes de segurança, a versão Debian do ssh tem as opções ForwardX11 e " | ||
227 | "ForwardAgent definidas como ``off'' por padrão." | ||
228 | |||
229 | #. Description | ||
230 | #: ../templates.master:88 | ||
231 | msgid "" | ||
232 | "You can enable it for servers you trust, either in one of the configuration " | ||
233 | "files, or with the -X command line option." | ||
234 | msgstr "" | ||
235 | "Você pode habilitar isso para servidores que você confia, ou em um dos " | ||
236 | "arquivos de configuração, ou com a opção de linha de comando -X." | ||
237 | |||
238 | #. Description | ||
239 | #: ../templates.master:88 | ||
240 | msgid "More details can be found in /usr/share/doc/ssh/README.Debian" | ||
241 | msgstr "" | ||
242 | "Maiores detalhes podem ser encontrados em /usr/share/doc/ssh/README.Debian." | ||
243 | |||
244 | #. Description | ||
245 | #: ../templates.master:99 | ||
246 | msgid "Warning: rsh-server is installed --- probably not a good idea" | ||
247 | msgstr "Aviso: rsh-server está instalado --- provavelmente não é uma boa idéia" | ||
248 | |||
249 | #. Description | ||
250 | #: ../templates.master:99 | ||
251 | msgid "" | ||
252 | "having rsh-server installed undermines the security that you were probably " | ||
253 | "wanting to obtain by installing ssh. I'd advise you to remove that package." | ||
254 | msgstr "" | ||
255 | "Possuir o rsh-server instalado minará a segurança que você estava " | ||
256 | "provavelmente querendo obter instalando o ssh. Eu recomendaria a você " | ||
257 | "remover este pacote." | ||
258 | |||
259 | #. Description | ||
260 | #: ../templates.master:106 | ||
261 | msgid "Warning: telnetd is installed --- probably not a good idea" | ||
262 | msgstr "Aviso: telnetd está instalado --- provavelmente não é uma boa idéia" | ||
263 | |||
264 | #. Description | ||
265 | #: ../templates.master:106 | ||
266 | msgid "" | ||
267 | "I'd advise you to either remove the telnetd package (if you don't actually " | ||
268 | "need to offer telnet access) or install telnetd-ssl so that there is at " | ||
269 | "least some chance that telnet sessions will not be sending unencrypted login/" | ||
270 | "password and session information over the network." | ||
271 | msgstr "" | ||
272 | "Eu recomendaria a você ou remover o pacote telnetd (se você atualmente não " | ||
273 | "precisa oferecer acesso telnet) ou instalar telnetd-ssl. Assim existe pelo " | ||
274 | "menos uma chance das sessões telnet não enviarem login/senha não encriptados " | ||
275 | "e informações de sessão através da rede." | ||
276 | |||
277 | #. Description | ||
278 | #: ../templates.master:114 | ||
279 | msgid "Warning: you must create a new host key" | ||
280 | msgstr "Aviso: você deve criar uma nova host key" | ||
281 | |||
282 | #. Description | ||
283 | #: ../templates.master:114 | ||
284 | msgid "" | ||
285 | "There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can " | ||
286 | "not handle this host key file, and I can't find the ssh-keygen utility from " | ||
287 | "the old (non-free) SSH installation." | ||
288 | msgstr "" | ||
289 | "Existe uma antiga /etc/ssh/ssh_host_key, a qual é encriptada usando IDEA. O " | ||
290 | "OpenSSH não pode gerenciar este arquivo host key e eu não consigo encontrar " | ||
291 | "o utilitário ssh-keygen da antiga (non-free) instalação SSH." | ||
292 | |||
293 | #. Description | ||
294 | #: ../templates.master:114 | ||
295 | msgid "You will need to generate a new host key." | ||
296 | msgstr "Você precisará gerar uma nova host key." | ||
297 | |||
298 | #. Description | ||
299 | #: ../templates.master:124 | ||
300 | msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?" | ||
301 | msgstr "Deseja que que /usr/lib/ssh-keysign seja instalado SUID root ?" | ||
302 | |||
303 | #. Description | ||
304 | #: ../templates.master:124 | ||
305 | msgid "" | ||
306 | "You have the option of installing the ssh-keysign helper with the SUID bit " | ||
307 | "set." | ||
308 | msgstr "" | ||
309 | "Existe a opção de instalar o cliente auxiliar ssh-keysign com o bit SUID " | ||
310 | "definido." | ||
311 | |||
312 | #. Description | ||
313 | #: ../templates.master:124 | ||
314 | msgid "" | ||
315 | "If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-" | ||
316 | "based authentication." | ||
317 | msgstr "" | ||
318 | "Caso você instale o ssh-keysign com o bit SUID ativado, você será capaz de " | ||
319 | "usar a autenticação baseada em host do protocolo SSH 2." | ||
320 | |||
321 | #. Description | ||
322 | #: ../templates.master:124 | ||
323 | msgid "" | ||
324 | "If in doubt, I suggest you install it with SUID. If it causes problems you " | ||
325 | "can change your mind later by running: dpkg-reconfigure ssh" | ||
326 | msgstr "" | ||
327 | "Caso esteja em dúvida, é sugerido que você instale com o bit SUID ativado. " | ||
328 | "Caso isso cause problemas e você mude de idéia posteriormente execute o " | ||
329 | "comando : dpkg-reconfigure ssh" | ||
330 | |||
331 | #. Description | ||
332 | #: ../templates.master:137 | ||
333 | msgid "Do you want to run the sshd server ?" | ||
334 | msgstr "Você quer executar o servidor sshd ?" | ||
335 | |||
336 | #. Description | ||
337 | #: ../templates.master:137 | ||
338 | msgid "This package contains both the ssh client, and the sshd server." | ||
339 | msgstr "Este pacote contém ambos o cliente ssh e o servidor sshd." | ||
340 | |||
341 | #. Description | ||
342 | #: ../templates.master:137 | ||
343 | msgid "" | ||
344 | "Normally the sshd Secure Shell Server will be run to allow remote logins via " | ||
345 | "ssh." | ||
346 | msgstr "" | ||
347 | "Normalmente o sshd Secure Shell Server será executado para permitir logins " | ||
348 | "remotos via ssh." | ||
349 | |||
350 | #. Description | ||
351 | #: ../templates.master:137 | ||
352 | msgid "" | ||
353 | "If you are only interested in using the ssh client for outbound connections " | ||
354 | "on this machine, and don't want to log into it at all using ssh, then you " | ||
355 | "can disable sshd here." | ||
356 | msgstr "" | ||
357 | "Se você está interessado somente em usar o cliente ssh para conexões para " | ||
358 | "fora desta máquina, e não quer logar na mesma usando ssh, então você pode " | ||
359 | "desabilitar o sshd aqui." | ||
360 | |||
361 | #. Description | ||
362 | #: ../templates.master:149 | ||
363 | msgid "Environment options on keys have been deprecated" | ||
364 | msgstr "Opções ed ambiente sobre chaves estão obsoletas" | ||
365 | |||
366 | #. Description | ||
367 | #: ../templates.master:149 | ||
368 | msgid "" | ||
369 | "This version of OpenSSH disables the environment option for public keys by " | ||
370 | "default, in order to avoid certain attacks (for example, LD_PRELOAD). If you " | ||
371 | "are using this option in an authorized_keys file, beware that the keys in " | ||
372 | "question will no longer work until the option is removed." | ||
373 | msgstr "" | ||
374 | "Esta versão do OpenSSH desabilita a opção de ambiente para chaves públicas " | ||
375 | "por padrão par evitar certos ataques (por exemplo, LD_PRELOAD). Caso você " | ||
376 | "esteja usando esta opção em um arquivo authorized_keys, tenha cuidado pois " | ||
377 | "as chaves em questão não irão mais funcionar até que esta opção seja " | ||
378 | "removida." | ||
379 | |||
380 | #. Description | ||
381 | #: ../templates.master:149 | ||
382 | msgid "" | ||
383 | "To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/" | ||
384 | "sshd_config after the upgrade is complete, taking note of the warning in the " | ||
385 | "sshd_config(5) manual page." | ||
386 | msgstr "" | ||
387 | "Para reabilitar esta opção, defina a opção \"PermitUserEnvironment yes\" no " | ||
388 | "arquivo /et/ssh/sshd_config depois da a atualização terminar, atentando para " | ||
389 | "o aviso na página de manual do sshd_config(5)." | ||
390 | |||
391 | #~ msgid "" | ||
392 | #~ "NB! If you are running a 2.0 series Linux kernel, then privilege " | ||
393 | #~ "separation will not work at all, and your sshd will fail to start unless " | ||
394 | #~ "you explicitly turn privilege separation off." | ||
395 | #~ msgstr "" | ||
396 | #~ "NB ! Caso você esteja executando um kernel Linux da séria 2.0 o recurso " | ||
397 | #~ "de separação de privilégios não funcionará e seu daemon sshd irá falhar " | ||
398 | #~ "ao iniciar a menos que você explicitamente desabilite o recurso de " | ||
399 | #~ "separação de privilégios." | ||
diff --git a/debian/po/ru.po b/debian/po/ru.po new file mode 100644 index 000000000..bb33e63a1 --- /dev/null +++ b/debian/po/ru.po | |||
@@ -0,0 +1,339 @@ | |||
1 | # | ||
2 | # Translators, if you are not familiar with the PO format, gettext | ||
3 | # documentation is worth reading, especially sections dedicated to | ||
4 | # this format, e.g. by running: | ||
5 | # info -n '(gettext)PO Files' | ||
6 | # info -n '(gettext)Header Entry' | ||
7 | # | ||
8 | # Some information specific to po-debconf are available at | ||
9 | # /usr/share/doc/po-debconf/README-trans | ||
10 | # or http://www.debian.org/intl/l10n/po-debconf/README-trans | ||
11 | # | ||
12 | # Developers do not need to manually edit POT or PO files. | ||
13 | # | ||
14 | #, fuzzy | ||
15 | msgid "" | ||
16 | msgstr "" | ||
17 | "Project-Id-Version: PACKAGE VERSION\n" | ||
18 | "Report-Msgid-Bugs-To: \n" | ||
19 | "POT-Creation-Date: 2003-08-27 02:20+0100\n" | ||
20 | "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" | ||
21 | "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" | ||
22 | "Language-Team: LANGUAGE <LL@li.org>\n" | ||
23 | "MIME-Version: 1.0\n" | ||
24 | "Content-Type: text/plain; charset=KOI8-R\n" | ||
25 | "Content-Transfer-Encoding: 8bit\n" | ||
26 | |||
27 | #. Description | ||
28 | #: ../templates.master:3 | ||
29 | msgid "Privilege separation" | ||
30 | msgstr "" | ||
31 | |||
32 | #. Description | ||
33 | #: ../templates.master:3 | ||
34 | msgid "" | ||
35 | "Privilege separation is turned on by default, so if you decide you want it " | ||
36 | "turned off, you need to add \"UsePrivilegeSeparation no\" to /etc/ssh/" | ||
37 | "sshd_config." | ||
38 | msgstr "" | ||
39 | |||
40 | #. Description | ||
41 | #: ../templates.master:19 | ||
42 | msgid "Enable Privilege separation" | ||
43 | msgstr "" | ||
44 | |||
45 | #. Description | ||
46 | #: ../templates.master:19 | ||
47 | msgid "" | ||
48 | "This version of OpenSSH contains the new privilege separation option. This " | ||
49 | "significantly reduces the quantity of code that runs as root, and therefore " | ||
50 | "reduces the impact of security holes in sshd." | ||
51 | msgstr "" | ||
52 | |||
53 | #. Description | ||
54 | #: ../templates.master:19 | ||
55 | msgid "" | ||
56 | "Unfortunately, privilege separation interacts badly with PAM. Any PAM " | ||
57 | "session modules that need to run as root (pam_mkhomedir, for example) will " | ||
58 | "fail, and PAM keyboard-interactive authentication won't work." | ||
59 | msgstr "" | ||
60 | |||
61 | #. Description | ||
62 | #: ../templates.master:19 | ||
63 | msgid "" | ||
64 | "Since you've opted to have me generate an sshd_config file for you, you can " | ||
65 | "choose whether or not to have Privilege Separation turned on or not. Unless " | ||
66 | "you know you need to use PAM features that won't work with this option, you " | ||
67 | "should say yes here." | ||
68 | msgstr "" | ||
69 | |||
70 | #. Description | ||
71 | #: ../templates.master:36 | ||
72 | msgid "Generate new configuration file" | ||
73 | msgstr "" | ||
74 | |||
75 | #. Description | ||
76 | #: ../templates.master:36 | ||
77 | msgid "" | ||
78 | "This version of OpenSSH has a considerably changed configuration file from " | ||
79 | "the version shipped in Debian 'Potato', which you appear to be upgrading " | ||
80 | "from. I can now generate you a new configuration file (/etc/ssh/sshd." | ||
81 | "config), which will work with the new server version, but will not contain " | ||
82 | "any customisations you made with the old version." | ||
83 | msgstr "" | ||
84 | |||
85 | #. Description | ||
86 | #: ../templates.master:36 | ||
87 | msgid "" | ||
88 | "Please note that this new configuration file will set the value of " | ||
89 | "'PermitRootLogin' to yes (meaning that anyone knowing the root password can " | ||
90 | "ssh directly in as root). It is the opinion of the maintainer that this is " | ||
91 | "the correct default (see README.Debian for more details), but you can always " | ||
92 | "edit sshd_config and set it to no if you wish." | ||
93 | msgstr "" | ||
94 | |||
95 | #. Description | ||
96 | #: ../templates.master:36 | ||
97 | msgid "" | ||
98 | "It is strongly recommended that you let me generate a new configuration file " | ||
99 | "for you." | ||
100 | msgstr "" | ||
101 | |||
102 | #. Description | ||
103 | #: ../templates.master:55 | ||
104 | msgid "Allow SSH protocol 2 only" | ||
105 | msgstr "" | ||
106 | |||
107 | #. Description | ||
108 | #: ../templates.master:55 | ||
109 | msgid "" | ||
110 | "This version of OpenSSH supports version 2 of the ssh protocol, which is " | ||
111 | "much more secure. Disabling ssh 1 is encouraged, however this will slow " | ||
112 | "things down on low end machines and might prevent older clients from " | ||
113 | "connecting (the ssh client shipped with \"potato\" is affected)." | ||
114 | msgstr "" | ||
115 | |||
116 | #. Description | ||
117 | #: ../templates.master:55 | ||
118 | msgid "" | ||
119 | "Also please note that keys used for protocol 1 are different so you will not " | ||
120 | "be able to use them if you only allow protocol 2 connections." | ||
121 | msgstr "" | ||
122 | |||
123 | #. Description | ||
124 | #: ../templates.master:55 | ||
125 | msgid "" | ||
126 | "If you later change your mind about this setting, README.Debian has " | ||
127 | "instructions on what to do to your sshd_config file." | ||
128 | msgstr "" | ||
129 | |||
130 | #. Description | ||
131 | #: ../templates.master:69 | ||
132 | msgid "ssh2 keys merged in configuration files" | ||
133 | msgstr "" | ||
134 | |||
135 | #. Description | ||
136 | #: ../templates.master:69 | ||
137 | msgid "" | ||
138 | "As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 " | ||
139 | "keys. This means the authorized_keys2 and known_hosts2 files are no longer " | ||
140 | "needed. They will still be read in order to maintain backwards compatibility" | ||
141 | msgstr "" | ||
142 | |||
143 | #. Description | ||
144 | #: ../templates.master:78 | ||
145 | msgid "Do you want to continue (and risk killing active ssh sessions) ?" | ||
146 | msgstr "÷Ù ÈÏÔÉÔÅ ÐÒÏÄÏÌÖÉÔØ (ÒÉÓËÕÑ ÐÏÔÅÒÑÔØ ÁËÔÉ×ÎÙÅ ssh-ÓÏÅÄÉÎÅÎÉÑ)?" | ||
147 | |||
148 | #. Description | ||
149 | #: ../templates.master:78 | ||
150 | msgid "" | ||
151 | "The version of /etc/init.d/ssh that you have installed, is likely to kill " | ||
152 | "all running sshd instances. If you are doing this upgrade via an ssh " | ||
153 | "session, that would be a Bad Thing(tm)." | ||
154 | msgstr "" | ||
155 | "÷ÅÒÓÉÑ /etc/init.d/ssh, ËÏÔÏÒÕÀ ×Ù ÕÓÔÁÎÁ×ÌÉ×ÁÅÔÅ, ÍÏÖÅÔ ÕÂÉÔØ ×ÓÅ " | ||
156 | "ÚÁÐÕÝÅÎÎÙÅ ÐÒÏÃÅÓÓÙ ssh. åÓÌÉ ×Ù ÏÓÕÝÅÓÔ×ÌÑÅÔÅ ÜÔÏ ÏÂÎÏ×ÌÅÎÉÅ ÞÅÒÅÚ ssh " | ||
157 | "ÓÅÓÓÉÀ, ÔÏ ÜÔÏ ðÌÏÈÁÑ ÷ÅÝØ (tm)." | ||
158 | |||
159 | #. Description | ||
160 | #: ../templates.master:78 | ||
161 | msgid "" | ||
162 | "You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-" | ||
163 | "daemon line in the stop section of the file." | ||
164 | msgstr "" | ||
165 | "üÔÏ ÍÏÖÎÏ ÉÓÐÒÁ×ÉÔØ ÄÏÂÁ×ÌÅÎÉÅÍ \"--pidfile /var/run/sshd.pid\" × ÓÔÒÏËÅ " | ||
166 | "start-stop-daemon × ÒÁÚÄÅÌÅ stop ÜÔÏÇÏ ÆÁÊÌÁ." | ||
167 | |||
168 | #. Description | ||
169 | #: ../templates.master:88 | ||
170 | msgid "NOTE: Forwarding of X11 and Authorization disabled by default." | ||
171 | msgstr "ðòéíåþáîéå: æÏÒ×ÁÒÄÉÎÇ X11 É Authorization ÚÁÐÒÅÝÅÎ ÐÏ ÕÍÏÌÞÁÎÉÀ." | ||
172 | |||
173 | #. Description | ||
174 | #: ../templates.master:88 | ||
175 | msgid "" | ||
176 | "For security reasons, the Debian version of ssh has ForwardX11 and " | ||
177 | "ForwardAgent set to ``off'' by default." | ||
178 | msgstr "" | ||
179 | "ðÏ ÐÒÉÞÉÎÁÍ ÂÅÚÏÐÁÓÎÏÓÔÉ, × ×ÅÒÓÉÉ ÄÌÑ Debian ssh ÉÍÅÅÔ ForwardX11 É " | ||
180 | "ForwardAgent ÕÓÔÁÎÏ×ÌÅÎÎÙÍÉ × ``off'' ÐÏ ÕÍÏÌÞÁÎÉÀ." | ||
181 | |||
182 | #. Description | ||
183 | #: ../templates.master:88 | ||
184 | msgid "" | ||
185 | "You can enable it for servers you trust, either in one of the configuration " | ||
186 | "files, or with the -X command line option." | ||
187 | msgstr "" | ||
188 | "÷Ù ÍÏÖÅÔÅ ÒÁÚÒÅÛÉÔØ ÉÈ ÄÌÑ ÓÅÒ×ÅÒÏ×, ËÏÔÏÒÙÍ ÄÏ×ÅÒÑÅÔÅ ÌÉÂÏ × ÏÄÎÏÍ ÉÚ " | ||
189 | "ÎÁÓÔÒÏÅÞÎÙÈ ÆÁÊÌÏ×, ÉÌÉ ÐÁÒÁÍÅÔÒÏÍ ËÏÍÁÎÄÎÏÊ ÓÔÒÏËÉ -X." | ||
190 | |||
191 | #. Description | ||
192 | #: ../templates.master:88 | ||
193 | msgid "More details can be found in /usr/share/doc/ssh/README.Debian" | ||
194 | msgstr "" | ||
195 | "äÏÐÏÌÎÉÔÅÌØÕÀ ÉÎÆÏÒÍÁÃÉÀ ÍÏÖÎÏ ÎÁÊÔÉ × /usr/share/doc/ssh/README.Debian" | ||
196 | |||
197 | #. Description | ||
198 | #: ../templates.master:99 | ||
199 | msgid "Warning: rsh-server is installed --- probably not a good idea" | ||
200 | msgstr "ðÒÅÄÕÐÒÅÖÄÅÎÉÅ: ÕÓÔÁÎÏ×ÌÅÎ rsh-server --- ×ÉÄÉÍÏ, ÎÅ ÏÞÅÎØ ÈÏÒÏÛÏ" | ||
201 | |||
202 | #. Description | ||
203 | #: ../templates.master:99 | ||
204 | msgid "" | ||
205 | "having rsh-server installed undermines the security that you were probably " | ||
206 | "wanting to obtain by installing ssh. I'd advise you to remove that package." | ||
207 | msgstr "" | ||
208 | "õÓÔÁÎÏ×ÌÅÎÎÙÊ rsh-server ÓÎÉÖÁÅÔ ÂÅÚÏÐÁÓÎÏÓÔØ, ËÏÔÏÒÕÀ ×Ù ×ÅÒÏÑÔÎÏ " | ||
209 | "ÈÏÔÉÔÅ ÐÏ×ÙÓÉÔØ ÕÓÔÁÎÁ×ÌÉ×ÁÑ ssh. òÅËÏÍÅÎÄÕÅÔÓÑ ÕÄÁÌÉÔØ ÜÔÏÔ ÐÁËÅÔ." | ||
210 | |||
211 | #. Description | ||
212 | #: ../templates.master:106 | ||
213 | msgid "Warning: telnetd is installed --- probably not a good idea" | ||
214 | msgstr "ðÒÅÄÕÐÒÅÖÄÅÎÉÅ: ÕÓÔÁÎÏ×ÌÅÎ telnetd --- ×ÉÄÉÍÏ, ÎÅ ÏÞÅÎØ ÈÏÒÏÛÏ" | ||
215 | |||
216 | #. Description | ||
217 | #: ../templates.master:106 | ||
218 | msgid "" | ||
219 | "I'd advise you to either remove the telnetd package (if you don't actually " | ||
220 | "need to offer telnet access) or install telnetd-ssl so that there is at " | ||
221 | "least some chance that telnet sessions will not be sending unencrypted login/" | ||
222 | "password and session information over the network." | ||
223 | msgstr "" | ||
224 | "ñ ÒÅËÏÍÅÎÄÏ×ÁÌ ÂÙ ×ÁÍ ÕÄÁÌÉÔØ ÐÁËÅÔ telnetd (ÅÓÌÉ ×ÁÍ ÄÅÊÓÔ×ÉÔÅÌØÎÏ ÎÅ ÎÕÖÅÎ " | ||
225 | "ÄÏÓÔÕÐ telnet) ÉÌÉ ÕÓÔÁÎÏ×ÉÔØ telnet-ssl, ÞÔÏÂÙ ÉÍÅÔØ ÈÏÔÑ ÂÙ " | ||
226 | "×ÏÚÍÏÖÎÏÓÔØ ÎÅ ÐÅÒÅÄÁ×ÁÔØ ÐÏ ÓÅÔÉ ÎÅÚÁÛÉÆÒÏ×ÁÎÎÙÅ ÉÍÅÎÁ É ÐÁÒÏÌÉ " | ||
227 | "ÐÏÌØÚÏ×ÁÔÅÌÅÊ É ÐÒÏÞÕÀ ÉÎÆÏÒÍÁÃÉÀ × telnet-ÓÅÓÓÉÑÈ." | ||
228 | |||
229 | #. Description | ||
230 | #: ../templates.master:114 | ||
231 | msgid "Warning: you must create a new host key" | ||
232 | msgstr "ðÒÅÄÕÐÒÅÖÄÅÎÉÅ: ×Ù ÄÏÌÖÎÙ ÓÏÚÄÁÔØ ÎÏ×ÙÊ ËÌÀÞ ÍÁÛÉÎÙ." | ||
233 | |||
234 | #. Description | ||
235 | #: ../templates.master:114 | ||
236 | msgid "" | ||
237 | "There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can " | ||
238 | "not handle this host key file, and I can't find the ssh-keygen utility from " | ||
239 | "the old (non-free) SSH installation." | ||
240 | msgstr "" | ||
241 | "åÓÔØ ÓÔÁÒÙÊ /etc/ssh/ssh_host_key, ËÏÔÏÒÙÊ ÚÁÛÉÆÒÏ×ÁÎ IDEA. OpenSSH ÎÅ " | ||
242 | "ÍÏÖÅÔ ÒÁÂÏÔÁÔØ Ó ÜÔÉÍ ËÌÀÞÏÍ ÍÁÛÉÎÙ, É Ñ ÎÅ ÍÏÇÕ ÎÁÊÔÉ ÕÔÉÌÉÔÕ ssh-" | ||
243 | "keygen ÏÔ ÓÔÁÒÏÊ (ÎÅÓ×ÏÂÏÄÎÏÊ) ÉÎÓÔÁÌÌÑÃÉÉ SSH." | ||
244 | |||
245 | #. Description | ||
246 | #: ../templates.master:114 | ||
247 | msgid "You will need to generate a new host key." | ||
248 | msgstr "÷ÁÍ ÎÁÄÏ ÂÕÄÅÔ ÓÇÅÎÅÒÉÒÏ×ÁÔØ ÎÏ×ÙÊ ËÌÀÞ ÈÏÓÔÁ." | ||
249 | |||
250 | #. Description | ||
251 | #: ../templates.master:124 | ||
252 | #, fuzzy | ||
253 | msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?" | ||
254 | msgstr "èÏÔÉÔÅ ÕÓÔÁÎÏ×ÉÔØ /usr/bin/ssh ËÁË SUID root?" | ||
255 | |||
256 | #. Description | ||
257 | #: ../templates.master:124 | ||
258 | #, fuzzy | ||
259 | msgid "" | ||
260 | "You have the option of installing the ssh-keysign helper with the SUID bit " | ||
261 | "set." | ||
262 | msgstr "" | ||
263 | "÷Ù ÉÍÅÅÔÅ ×ÏÚÍÏÖÎÏÓÔØ ÕÓÔÁÎÏ×ÉÔØ /usr/bin/ssh Ó ÕÓÔÁÎÏ×ÌÅÎÎÙÍ ÂÉÔÏÍ SUID." | ||
264 | |||
265 | #. Description | ||
266 | #: ../templates.master:124 | ||
267 | #, fuzzy | ||
268 | msgid "" | ||
269 | "If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-" | ||
270 | "based authentication." | ||
271 | msgstr "" | ||
272 | "åÓÌÉ ×Ù ÄÅÌÁÅÔÅ ssh SUID, ÔÏ ×Ù ÓÍÏÖÅÔÅ ÉÓÐÏÌØÚÏ×ÁÔØ ÁÕÔÅÎÔÉÆÉËÁÃÉÀ " | ||
273 | "Rhosts/RhostsRSA, ÎÏ ÎÅ ÓÍÏÖÅÔÅ ÉÓÐÏÌØÚÏ×ÁÔØ socks ÞÅÒÅÚ LD_PRELOAD. üÔÏ " | ||
274 | "ÔÒÁÄÉÃÉÏÎÎÏÅ ÐÏ×ÅÄÅÎÉÅ." | ||
275 | |||
276 | #. Description | ||
277 | #: ../templates.master:124 | ||
278 | #, fuzzy | ||
279 | msgid "" | ||
280 | "If in doubt, I suggest you install it with SUID. If it causes problems you " | ||
281 | "can change your mind later by running: dpkg-reconfigure ssh" | ||
282 | msgstr "" | ||
283 | "åÓÌÉ ×Ù ÓÄÅÌÁÅÔÅ ssh SUID, ÔÏ ×Ù ÓÍÏÖÅÔÅ ÉÓÐÏÌØÚÏ×ÁÔØ socks, ÎÏ ÚÁÔÏ " | ||
284 | "ÁÕÔÅÎÔÉÆÉËÁÃÉÑ Rhosts/RhostsRSA ÎÅ ÂÕÄÅÔ ÒÁÂÏÔÁÔØ, ÞÔÏ ÍÏÖÅÔ ÓÄÅÌÁÔØ " | ||
285 | "ÎÅ×ÏÚÍÏÖÎÙÍ ×ÁÛÕ ÒÅÇÉÓÔÒÁÃÉÀ ÎÁ ÕÄÁÌÅÎÎÙÈ ÓÉÓÔÅÍÁÈ. ôÁËÖÅ ÜÔÏ ÏÚÎÁÞÁÅÔ ÞÔÏ " | ||
286 | "ÎÏÍÅÒ ÉÓÔÏÞÎÉËÏ×ÏÇÏ ÐÏÒÔÁ ÂÕÄÅÔ ÂÏÌØÛÅ 1024, ÞÔÏ ÍÏÖÅÔ ÎÅ ÎÁÒÕÛÉÔØ ÒÁÂÏÔÕ " | ||
287 | "ÕÓÔÁÎÏ×ÌÅÎÎÙÈ ×ÁÍÉ ÐÒÁ×ÉÌ ÆÁÊÒ×ÏÌÁ." | ||
288 | |||
289 | #. Description | ||
290 | #: ../templates.master:137 | ||
291 | msgid "Do you want to run the sshd server ?" | ||
292 | msgstr "èÏÔÉÔÅ ÚÁÐÕÓÔÉÔØ ÓÅÒ×ÅÒ sshd?" | ||
293 | |||
294 | #. Description | ||
295 | #: ../templates.master:137 | ||
296 | msgid "This package contains both the ssh client, and the sshd server." | ||
297 | msgstr "üÔÏÔ ÐÁËÅÔ ÓÏÄÅÒÖÉÔ É ssh-ËÌÉÅÎÔ, É ssh-ÓÅÒ×ÅÒ." | ||
298 | |||
299 | #. Description | ||
300 | #: ../templates.master:137 | ||
301 | msgid "" | ||
302 | "Normally the sshd Secure Shell Server will be run to allow remote logins via " | ||
303 | "ssh." | ||
304 | msgstr "" | ||
305 | "ïÂÙÞÎÏ sshd Secure Shell Server ÚÁÐÕÓËÁÅÔÓÑ ÄÌÑ ÕÄÁÌÅÎÎÏÇÏ ×ÈÏÄÁ × " | ||
306 | "ÒÅÇÉÓÔÒÁÃÉÉ × ÓÉÓÔÅÍÅ ÞÅÒÅÚ ssh." | ||
307 | |||
308 | #. Description | ||
309 | #: ../templates.master:137 | ||
310 | msgid "" | ||
311 | "If you are only interested in using the ssh client for outbound connections " | ||
312 | "on this machine, and don't want to log into it at all using ssh, then you " | ||
313 | "can disable sshd here." | ||
314 | msgstr "" | ||
315 | "åÓÌÉ ×ÁÓ ÉÎÔÅÒÅÓÕÅÔ ÔÏÌØËÏ ÉÓÐÏÌØÚÏ×ÁÎÉÅ ssh-ËÌÉÅÎÔÁ ÄÌÑ ÉÓÈÏÄÑÝÉÈ " | ||
316 | "ÓÏÅÄÉÎÅÎÉÊ Ó ÜÔÏÊ ÍÁÛÉÎÙ, É ×Ù ÎÅ ÈÏÔÉÔÅ ×ÈÏÄÉÔØ × ÅÅ ÓÉÓÔÅÍÕ ÞÅÒÅÚ ssh, " | ||
317 | "ÔÏ ×Ù ÍÏÖÅÔÅ ÓÅÊÞÁÓ ÚÁÐÒÅÔÉÔØ sshd." | ||
318 | |||
319 | #. Description | ||
320 | #: ../templates.master:149 | ||
321 | msgid "Environment options on keys have been deprecated" | ||
322 | msgstr "" | ||
323 | |||
324 | #. Description | ||
325 | #: ../templates.master:149 | ||
326 | msgid "" | ||
327 | "This version of OpenSSH disables the environment option for public keys by " | ||
328 | "default, in order to avoid certain attacks (for example, LD_PRELOAD). If you " | ||
329 | "are using this option in an authorized_keys file, beware that the keys in " | ||
330 | "question will no longer work until the option is removed." | ||
331 | msgstr "" | ||
332 | |||
333 | #. Description | ||
334 | #: ../templates.master:149 | ||
335 | msgid "" | ||
336 | "To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/" | ||
337 | "sshd_config after the upgrade is complete, taking note of the warning in the " | ||
338 | "sshd_config(5) manual page." | ||
339 | msgstr "" | ||
diff --git a/debian/po/templates.pot b/debian/po/templates.pot new file mode 100644 index 000000000..42e6a9522 --- /dev/null +++ b/debian/po/templates.pot | |||
@@ -0,0 +1,302 @@ | |||
1 | # | ||
2 | # Translators, if you are not familiar with the PO format, gettext | ||
3 | # documentation is worth reading, especially sections dedicated to | ||
4 | # this format, e.g. by running: | ||
5 | # info -n '(gettext)PO Files' | ||
6 | # info -n '(gettext)Header Entry' | ||
7 | # | ||
8 | # Some information specific to po-debconf are available at | ||
9 | # /usr/share/doc/po-debconf/README-trans | ||
10 | # or http://www.debian.org/intl/l10n/po-debconf/README-trans | ||
11 | # | ||
12 | # Developers do not need to manually edit POT or PO files. | ||
13 | # | ||
14 | #, fuzzy | ||
15 | msgid "" | ||
16 | msgstr "" | ||
17 | "Project-Id-Version: PACKAGE VERSION\n" | ||
18 | "Report-Msgid-Bugs-To: \n" | ||
19 | "POT-Creation-Date: 2003-08-27 02:20+0100\n" | ||
20 | "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" | ||
21 | "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" | ||
22 | "Language-Team: LANGUAGE <LL@li.org>\n" | ||
23 | "MIME-Version: 1.0\n" | ||
24 | "Content-Type: text/plain; charset=CHARSET\n" | ||
25 | "Content-Transfer-Encoding: 8bit\n" | ||
26 | |||
27 | #. Description | ||
28 | #: ../templates.master:3 | ||
29 | msgid "Privilege separation" | ||
30 | msgstr "" | ||
31 | |||
32 | #. Description | ||
33 | #: ../templates.master:3 | ||
34 | msgid "" | ||
35 | "Privilege separation is turned on by default, so if you decide you want it " | ||
36 | "turned off, you need to add \"UsePrivilegeSeparation no\" to /etc/ssh/" | ||
37 | "sshd_config." | ||
38 | msgstr "" | ||
39 | |||
40 | #. Description | ||
41 | #: ../templates.master:19 | ||
42 | msgid "Enable Privilege separation" | ||
43 | msgstr "" | ||
44 | |||
45 | #. Description | ||
46 | #: ../templates.master:19 | ||
47 | msgid "" | ||
48 | "This version of OpenSSH contains the new privilege separation option. This " | ||
49 | "significantly reduces the quantity of code that runs as root, and therefore " | ||
50 | "reduces the impact of security holes in sshd." | ||
51 | msgstr "" | ||
52 | |||
53 | #. Description | ||
54 | #: ../templates.master:19 | ||
55 | msgid "" | ||
56 | "Unfortunately, privilege separation interacts badly with PAM. Any PAM " | ||
57 | "session modules that need to run as root (pam_mkhomedir, for example) will " | ||
58 | "fail, and PAM keyboard-interactive authentication won't work." | ||
59 | msgstr "" | ||
60 | |||
61 | #. Description | ||
62 | #: ../templates.master:19 | ||
63 | msgid "" | ||
64 | "Since you've opted to have me generate an sshd_config file for you, you can " | ||
65 | "choose whether or not to have Privilege Separation turned on or not. Unless " | ||
66 | "you know you need to use PAM features that won't work with this option, you " | ||
67 | "should say yes here." | ||
68 | msgstr "" | ||
69 | |||
70 | #. Description | ||
71 | #: ../templates.master:36 | ||
72 | msgid "Generate new configuration file" | ||
73 | msgstr "" | ||
74 | |||
75 | #. Description | ||
76 | #: ../templates.master:36 | ||
77 | msgid "" | ||
78 | "This version of OpenSSH has a considerably changed configuration file from " | ||
79 | "the version shipped in Debian 'Potato', which you appear to be upgrading " | ||
80 | "from. I can now generate you a new configuration file (/etc/ssh/sshd." | ||
81 | "config), which will work with the new server version, but will not contain " | ||
82 | "any customisations you made with the old version." | ||
83 | msgstr "" | ||
84 | |||
85 | #. Description | ||
86 | #: ../templates.master:36 | ||
87 | msgid "" | ||
88 | "Please note that this new configuration file will set the value of " | ||
89 | "'PermitRootLogin' to yes (meaning that anyone knowing the root password can " | ||
90 | "ssh directly in as root). It is the opinion of the maintainer that this is " | ||
91 | "the correct default (see README.Debian for more details), but you can always " | ||
92 | "edit sshd_config and set it to no if you wish." | ||
93 | msgstr "" | ||
94 | |||
95 | #. Description | ||
96 | #: ../templates.master:36 | ||
97 | msgid "" | ||
98 | "It is strongly recommended that you let me generate a new configuration file " | ||
99 | "for you." | ||
100 | msgstr "" | ||
101 | |||
102 | #. Description | ||
103 | #: ../templates.master:55 | ||
104 | msgid "Allow SSH protocol 2 only" | ||
105 | msgstr "" | ||
106 | |||
107 | #. Description | ||
108 | #: ../templates.master:55 | ||
109 | msgid "" | ||
110 | "This version of OpenSSH supports version 2 of the ssh protocol, which is " | ||
111 | "much more secure. Disabling ssh 1 is encouraged, however this will slow " | ||
112 | "things down on low end machines and might prevent older clients from " | ||
113 | "connecting (the ssh client shipped with \"potato\" is affected)." | ||
114 | msgstr "" | ||
115 | |||
116 | #. Description | ||
117 | #: ../templates.master:55 | ||
118 | msgid "" | ||
119 | "Also please note that keys used for protocol 1 are different so you will not " | ||
120 | "be able to use them if you only allow protocol 2 connections." | ||
121 | msgstr "" | ||
122 | |||
123 | #. Description | ||
124 | #: ../templates.master:55 | ||
125 | msgid "" | ||
126 | "If you later change your mind about this setting, README.Debian has " | ||
127 | "instructions on what to do to your sshd_config file." | ||
128 | msgstr "" | ||
129 | |||
130 | #. Description | ||
131 | #: ../templates.master:69 | ||
132 | msgid "ssh2 keys merged in configuration files" | ||
133 | msgstr "" | ||
134 | |||
135 | #. Description | ||
136 | #: ../templates.master:69 | ||
137 | msgid "" | ||
138 | "As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 " | ||
139 | "keys. This means the authorized_keys2 and known_hosts2 files are no longer " | ||
140 | "needed. They will still be read in order to maintain backwards compatibility" | ||
141 | msgstr "" | ||
142 | |||
143 | #. Description | ||
144 | #: ../templates.master:78 | ||
145 | msgid "Do you want to continue (and risk killing active ssh sessions) ?" | ||
146 | msgstr "" | ||
147 | |||
148 | #. Description | ||
149 | #: ../templates.master:78 | ||
150 | msgid "" | ||
151 | "The version of /etc/init.d/ssh that you have installed, is likely to kill " | ||
152 | "all running sshd instances. If you are doing this upgrade via an ssh " | ||
153 | "session, that would be a Bad Thing(tm)." | ||
154 | msgstr "" | ||
155 | |||
156 | #. Description | ||
157 | #: ../templates.master:78 | ||
158 | msgid "" | ||
159 | "You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-" | ||
160 | "daemon line in the stop section of the file." | ||
161 | msgstr "" | ||
162 | |||
163 | #. Description | ||
164 | #: ../templates.master:88 | ||
165 | msgid "NOTE: Forwarding of X11 and Authorization disabled by default." | ||
166 | msgstr "" | ||
167 | |||
168 | #. Description | ||
169 | #: ../templates.master:88 | ||
170 | msgid "" | ||
171 | "For security reasons, the Debian version of ssh has ForwardX11 and " | ||
172 | "ForwardAgent set to ``off'' by default." | ||
173 | msgstr "" | ||
174 | |||
175 | #. Description | ||
176 | #: ../templates.master:88 | ||
177 | msgid "" | ||
178 | "You can enable it for servers you trust, either in one of the configuration " | ||
179 | "files, or with the -X command line option." | ||
180 | msgstr "" | ||
181 | |||
182 | #. Description | ||
183 | #: ../templates.master:88 | ||
184 | msgid "More details can be found in /usr/share/doc/ssh/README.Debian" | ||
185 | msgstr "" | ||
186 | |||
187 | #. Description | ||
188 | #: ../templates.master:99 | ||
189 | msgid "Warning: rsh-server is installed --- probably not a good idea" | ||
190 | msgstr "" | ||
191 | |||
192 | #. Description | ||
193 | #: ../templates.master:99 | ||
194 | msgid "" | ||
195 | "having rsh-server installed undermines the security that you were probably " | ||
196 | "wanting to obtain by installing ssh. I'd advise you to remove that package." | ||
197 | msgstr "" | ||
198 | |||
199 | #. Description | ||
200 | #: ../templates.master:106 | ||
201 | msgid "Warning: telnetd is installed --- probably not a good idea" | ||
202 | msgstr "" | ||
203 | |||
204 | #. Description | ||
205 | #: ../templates.master:106 | ||
206 | msgid "" | ||
207 | "I'd advise you to either remove the telnetd package (if you don't actually " | ||
208 | "need to offer telnet access) or install telnetd-ssl so that there is at " | ||
209 | "least some chance that telnet sessions will not be sending unencrypted login/" | ||
210 | "password and session information over the network." | ||
211 | msgstr "" | ||
212 | |||
213 | #. Description | ||
214 | #: ../templates.master:114 | ||
215 | msgid "Warning: you must create a new host key" | ||
216 | msgstr "" | ||
217 | |||
218 | #. Description | ||
219 | #: ../templates.master:114 | ||
220 | msgid "" | ||
221 | "There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can " | ||
222 | "not handle this host key file, and I can't find the ssh-keygen utility from " | ||
223 | "the old (non-free) SSH installation." | ||
224 | msgstr "" | ||
225 | |||
226 | #. Description | ||
227 | #: ../templates.master:114 | ||
228 | msgid "You will need to generate a new host key." | ||
229 | msgstr "" | ||
230 | |||
231 | #. Description | ||
232 | #: ../templates.master:124 | ||
233 | msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?" | ||
234 | msgstr "" | ||
235 | |||
236 | #. Description | ||
237 | #: ../templates.master:124 | ||
238 | msgid "" | ||
239 | "You have the option of installing the ssh-keysign helper with the SUID bit " | ||
240 | "set." | ||
241 | msgstr "" | ||
242 | |||
243 | #. Description | ||
244 | #: ../templates.master:124 | ||
245 | msgid "" | ||
246 | "If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-" | ||
247 | "based authentication." | ||
248 | msgstr "" | ||
249 | |||
250 | #. Description | ||
251 | #: ../templates.master:124 | ||
252 | msgid "" | ||
253 | "If in doubt, I suggest you install it with SUID. If it causes problems you " | ||
254 | "can change your mind later by running: dpkg-reconfigure ssh" | ||
255 | msgstr "" | ||
256 | |||
257 | #. Description | ||
258 | #: ../templates.master:137 | ||
259 | msgid "Do you want to run the sshd server ?" | ||
260 | msgstr "" | ||
261 | |||
262 | #. Description | ||
263 | #: ../templates.master:137 | ||
264 | msgid "This package contains both the ssh client, and the sshd server." | ||
265 | msgstr "" | ||
266 | |||
267 | #. Description | ||
268 | #: ../templates.master:137 | ||
269 | msgid "" | ||
270 | "Normally the sshd Secure Shell Server will be run to allow remote logins via " | ||
271 | "ssh." | ||
272 | msgstr "" | ||
273 | |||
274 | #. Description | ||
275 | #: ../templates.master:137 | ||
276 | msgid "" | ||
277 | "If you are only interested in using the ssh client for outbound connections " | ||
278 | "on this machine, and don't want to log into it at all using ssh, then you " | ||
279 | "can disable sshd here." | ||
280 | msgstr "" | ||
281 | |||
282 | #. Description | ||
283 | #: ../templates.master:149 | ||
284 | msgid "Environment options on keys have been deprecated" | ||
285 | msgstr "" | ||
286 | |||
287 | #. Description | ||
288 | #: ../templates.master:149 | ||
289 | msgid "" | ||
290 | "This version of OpenSSH disables the environment option for public keys by " | ||
291 | "default, in order to avoid certain attacks (for example, LD_PRELOAD). If you " | ||
292 | "are using this option in an authorized_keys file, beware that the keys in " | ||
293 | "question will no longer work until the option is removed." | ||
294 | msgstr "" | ||
295 | |||
296 | #. Description | ||
297 | #: ../templates.master:149 | ||
298 | msgid "" | ||
299 | "To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/" | ||
300 | "sshd_config after the upgrade is complete, taking note of the warning in the " | ||
301 | "sshd_config(5) manual page." | ||
302 | msgstr "" | ||
diff --git a/debian/postinst b/debian/postinst new file mode 100644 index 000000000..af0f8a21c --- /dev/null +++ b/debian/postinst | |||
@@ -0,0 +1,329 @@ | |||
1 | #!/bin/sh -e | ||
2 | |||
3 | action="$1" | ||
4 | oldversion="$2" | ||
5 | |||
6 | . /usr/share/debconf/confmodule | ||
7 | db_version 2.0 | ||
8 | |||
9 | umask 022 | ||
10 | |||
11 | if [ "$action" != configure ] | ||
12 | then | ||
13 | exit 0 | ||
14 | fi | ||
15 | |||
16 | |||
17 | |||
18 | check_idea_key() { | ||
19 | #check for old host_key files using IDEA, which openssh does not support | ||
20 | if [ -f /etc/ssh/ssh_host_key ] ; then | ||
21 | if ssh-keygen -p -N '' -f /etc/ssh/ssh_host_key 2>&1 | \ | ||
22 | grep -q 'unknown cipher' 2>/dev/null ; then | ||
23 | mv /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.old | ||
24 | mv /etc/ssh/ssh_host_key.pub /etc/ssh/ssh_host_key.pub.old | ||
25 | fi | ||
26 | fi | ||
27 | } | ||
28 | |||
29 | |||
30 | create_key() { | ||
31 | local msg="$1" | ||
32 | shift | ||
33 | local file="$1" | ||
34 | shift | ||
35 | |||
36 | if [ ! -f "$file" ] ; then | ||
37 | echo -n $msg | ||
38 | ssh-keygen -q -f "$file" -N '' "$@" | ||
39 | echo | ||
40 | fi | ||
41 | } | ||
42 | |||
43 | |||
44 | create_keys() { | ||
45 | db_get ssh/protocol2_only | ||
46 | if [ "$RET" = "false" ] ; then | ||
47 | create_key "Creating SSH1 key; this may take some time ..." \ | ||
48 | /etc/ssh/ssh_host_key -t rsa1 | ||
49 | fi | ||
50 | |||
51 | create_key "Creating SSH2 RSA key; this may take some time ..." \ | ||
52 | /etc/ssh/ssh_host_rsa_key -t rsa | ||
53 | create_key "Creating SSH2 DSA key; this may take some time ..." \ | ||
54 | /etc/ssh/ssh_host_dsa_key -t dsa | ||
55 | } | ||
56 | |||
57 | |||
58 | create_sshdconfig() { | ||
59 | if [ -e /etc/ssh/sshd_config ] ; then | ||
60 | if dpkg --compare-versions "$oldversion" lt-nl 1:1.3 ; then | ||
61 | db_get ssh/new_config | ||
62 | if [ "$RET" = "false" ] ; then return 0; fi | ||
63 | else return 0 | ||
64 | fi | ||
65 | fi | ||
66 | |||
67 | #Preserve old sshd_config before generating a new one | ||
68 | if [ -e /etc/ssh/sshd_config ] ; then | ||
69 | mv /etc/ssh/sshd_config /etc/ssh/sshd_config.dpkg-old | ||
70 | fi | ||
71 | |||
72 | cat <<EOF > /etc/ssh/sshd_config | ||
73 | # Package generated configuration file | ||
74 | # See the sshd(8) manpage for details | ||
75 | |||
76 | # What ports, IPs and protocols we listen for | ||
77 | Port 22 | ||
78 | # Use these options to restrict which interfaces/protocols sshd will bind to | ||
79 | #ListenAddress :: | ||
80 | #ListenAddress 0.0.0.0 | ||
81 | EOF | ||
82 | db_get ssh/protocol2_only | ||
83 | if [ "$RET" = "false" ]; then | ||
84 | cat <<EOF >> /etc/ssh/sshd_config | ||
85 | Protocol 2,1 | ||
86 | # HostKeys for protocol version 1 | ||
87 | HostKey /etc/ssh/ssh_host_key | ||
88 | # HostKeys for protocol version 2 | ||
89 | HostKey /etc/ssh/ssh_host_rsa_key | ||
90 | HostKey /etc/ssh/ssh_host_dsa_key | ||
91 | EOF | ||
92 | else | ||
93 | cat <<EOF >> /etc/ssh/sshd_config | ||
94 | Protocol 2 | ||
95 | # HostKeys for protocol version 2 | ||
96 | HostKey /etc/ssh/ssh_host_rsa_key | ||
97 | HostKey /etc/ssh/ssh_host_dsa_key | ||
98 | EOF | ||
99 | fi | ||
100 | |||
101 | db_get ssh/privsep_ask | ||
102 | if [ "$RET" = "false" ]; then | ||
103 | cat <<EOF >> /etc/ssh/sshd_config | ||
104 | #Explicitly set PrivSep off, as requested | ||
105 | UsePrivilegeSeparation no | ||
106 | |||
107 | # Use PAM authentication via keyboard-interactive so PAM modules can | ||
108 | # properly interface with the user | ||
109 | PAMAuthenticationViaKbdInt yes | ||
110 | EOF | ||
111 | else | ||
112 | cat <<EOF >> /etc/ssh/sshd_config | ||
113 | #Privilege Separation is turned on for security | ||
114 | UsePrivilegeSeparation yes | ||
115 | |||
116 | # ...but breaks Pam auth via kbdint, so we have to turn it off | ||
117 | # Use PAM authentication via keyboard-interactive so PAM modules can | ||
118 | # properly interface with the user (off due to PrivSep) | ||
119 | PAMAuthenticationViaKbdInt no | ||
120 | EOF | ||
121 | fi | ||
122 | |||
123 | cat <<EOF >> /etc/ssh/sshd_config | ||
124 | # Lifetime and size of ephemeral version 1 server key | ||
125 | KeyRegenerationInterval 3600 | ||
126 | ServerKeyBits 768 | ||
127 | |||
128 | # Logging | ||
129 | SyslogFacility AUTH | ||
130 | LogLevel INFO | ||
131 | |||
132 | # Authentication: | ||
133 | LoginGraceTime 600 | ||
134 | PermitRootLogin yes | ||
135 | StrictModes yes | ||
136 | |||
137 | RSAAuthentication yes | ||
138 | PubkeyAuthentication yes | ||
139 | #AuthorizedKeysFile %h/.ssh/authorized_keys | ||
140 | |||
141 | # rhosts authentication should not be used | ||
142 | RhostsAuthentication no | ||
143 | # Don't read the user's ~/.rhosts and ~/.shosts files | ||
144 | IgnoreRhosts yes | ||
145 | # For this to work you will also need host keys in /etc/ssh_known_hosts | ||
146 | RhostsRSAAuthentication no | ||
147 | # similar for protocol version 2 | ||
148 | HostbasedAuthentication no | ||
149 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | ||
150 | #IgnoreUserKnownHosts yes | ||
151 | |||
152 | # To enable empty passwords, change to yes (NOT RECOMMENDED) | ||
153 | PermitEmptyPasswords no | ||
154 | |||
155 | # Change to no to disable s/key passwords | ||
156 | #ChallengeResponseAuthentication yes | ||
157 | |||
158 | # To disable tunneled clear text passwords, change to no here! | ||
159 | PasswordAuthentication yes | ||
160 | |||
161 | |||
162 | # To change Kerberos options | ||
163 | #KerberosAuthentication no | ||
164 | #KerberosOrLocalPasswd yes | ||
165 | #AFSTokenPassing no | ||
166 | #KerberosTicketCleanup no | ||
167 | |||
168 | # Kerberos TGT Passing does only work with the AFS kaserver | ||
169 | #KerberosTgtPassing yes | ||
170 | |||
171 | X11Forwarding no | ||
172 | X11DisplayOffset 10 | ||
173 | PrintMotd no | ||
174 | PrintLastLog yes | ||
175 | KeepAlive yes | ||
176 | #UseLogin no | ||
177 | |||
178 | #MaxStartups 10:30:60 | ||
179 | #Banner /etc/issue.net | ||
180 | #ReverseMappingCheck yes | ||
181 | |||
182 | Subsystem sftp /usr/lib/sftp-server | ||
183 | |||
184 | EOF | ||
185 | } | ||
186 | |||
187 | |||
188 | fix_rsh_diversion() { | ||
189 | # get rid of mistaken rsh diversion (circa 1.2.27-1) | ||
190 | |||
191 | if [ -L /usr/bin/rsh ] && | ||
192 | dpkg-divert --list '/usr/bin/rsh.real/rsh' | grep -q ' ssh$' ; then | ||
193 | for cmd in rlogin rsh rcp ; do | ||
194 | [ -L /usr/bin/$cmd ] && rm /usr/bin/$cmd | ||
195 | dpkg-divert --package ssh --remove --rename \ | ||
196 | --divert /usr/bin/rsh.real/$cmd /usr/bin/$cmd | ||
197 | |||
198 | [ -L /usr/man/man1/$cmd.1.gz ] && rm /usr/man/man1/$$cmd.1.gz | ||
199 | dpkg-divert --package ssh --remove --rename \ | ||
200 | --divert /usr/man/man1/$cmd.real.1.gz /usr/man/man1/$cmd.1.gz | ||
201 | done | ||
202 | |||
203 | rmdir /usr/bin/rsh.real | ||
204 | fi | ||
205 | } | ||
206 | |||
207 | |||
208 | fix_statoverride() { | ||
209 | # Remove an erronous override for sshd (we should have overridden ssh) | ||
210 | if [ -x /usr/sbin/dpkg-statoverride ]; then | ||
211 | if dpkg-statoverride --list /usr/sbin/sshd >/dev/null ; then | ||
212 | dpkg-statoverride --remove /usr/sbin/sshd | ||
213 | fi | ||
214 | fi | ||
215 | } | ||
216 | |||
217 | |||
218 | create_alternatives() { | ||
219 | # Create alternatives for the various r* tools. | ||
220 | # Make sure we don't change existing alternatives that a user might have | ||
221 | # changed, but clean up after some old alternatives that mistakenly pointed | ||
222 | # rlogin and rcp to ssh. | ||
223 | update-alternatives --quiet --remove rlogin /usr/bin/ssh | ||
224 | update-alternatives --quiet --remove rcp /usr/bin/ssh | ||
225 | for cmd in rsh rlogin rcp; do | ||
226 | scmd="s${cmd#r}" | ||
227 | if ! update-alternatives --display "$cmd" | \ | ||
228 | grep -q "$scmd"; then | ||
229 | update-alternatives --quiet --install "/usr/bin/$cmd" "$cmd" "/usr/bin/$scmd" 20 \ | ||
230 | --slave "/usr/share/man/man1/$cmd.1.gz" "$cmd.1.gz" "/usr/share/man/man1/$scmd.1.gz" | ||
231 | fi | ||
232 | done | ||
233 | } | ||
234 | |||
235 | setup_sshd_user() { | ||
236 | if ! getent passwd sshd >/dev/null; then | ||
237 | adduser --quiet --system --no-create-home --home /var/run/sshd sshd | ||
238 | fi | ||
239 | } | ||
240 | |||
241 | set_sshd_permissions() { | ||
242 | if dpkg --compare-versions "$oldversion" lt-nl 1:3.4p1-1 ; then | ||
243 | if [ -x /usr/sbin/dpkg-statoverride ] ; then | ||
244 | if dpkg-statoverride --list /usr/bin/ssh >/dev/null; then | ||
245 | dpkg-statoverride --remove /usr/bin/ssh >/dev/null | ||
246 | fi | ||
247 | fi | ||
248 | fi | ||
249 | |||
250 | if [ ! -x /usr/sbin/dpkg-statoverride ] || \ | ||
251 | ! dpkg-statoverride --list /usr/lib/ssh-keysign >/dev/null ; then | ||
252 | db_get ssh/SUID_client | ||
253 | if [ "$RET" = "false" ] ; then | ||
254 | chmod 0755 /usr/lib/ssh-keysign | ||
255 | elif [ "$RET" = "true" ] ; then | ||
256 | chmod 4755 /usr/lib/ssh-keysign | ||
257 | fi | ||
258 | fi | ||
259 | } | ||
260 | |||
261 | |||
262 | fix_ssh_group() { | ||
263 | # Try to remove non-system group mistakenly created by 1:3.5p1-1. | ||
264 | # set_ssh_agent_permissions() below will re-create it properly. | ||
265 | if getent group ssh >/dev/null; then | ||
266 | delgroup --quiet ssh || true | ||
267 | fi | ||
268 | } | ||
269 | |||
270 | |||
271 | set_ssh_agent_permissions() { | ||
272 | if ! getent group ssh >/dev/null; then | ||
273 | addgroup --system --quiet ssh | ||
274 | fi | ||
275 | if ! [ -x /usr/sbin/dpkg-statoverride ] || \ | ||
276 | ! dpkg-statoverride --list /usr/bin/ssh-agent >/dev/null ; then | ||
277 | chgrp ssh /usr/bin/ssh-agent | ||
278 | chmod 2755 /usr/bin/ssh-agent | ||
279 | fi | ||
280 | } | ||
281 | |||
282 | |||
283 | fix_conffile_permissions() { | ||
284 | # Clean up after executable /etc/default/ssh in 1:3.5p1-5. dpkg | ||
285 | # doesn't do this for us; see bug #192981. | ||
286 | chmod 644 /etc/default/ssh | ||
287 | } | ||
288 | |||
289 | setup_startup() { | ||
290 | db_get ssh/run_sshd | ||
291 | if [ "$RET" = "false" ] ; then | ||
292 | /etc/init.d/ssh stop 2>&1 >/dev/null | ||
293 | touch /etc/ssh/sshd_not_to_be_run | ||
294 | else | ||
295 | rm -f /etc/ssh/sshd_not_to_be_run 2>/dev/null | ||
296 | fi | ||
297 | } | ||
298 | |||
299 | |||
300 | setup_init() { | ||
301 | if [ -e /etc/init.d/ssh ]; then | ||
302 | update-rc.d ssh defaults >/dev/null | ||
303 | /etc/init.d/ssh restart | ||
304 | fi | ||
305 | } | ||
306 | |||
307 | check_idea_key | ||
308 | create_keys | ||
309 | create_sshdconfig | ||
310 | fix_rsh_diversion | ||
311 | fix_statoverride | ||
312 | create_alternatives | ||
313 | setup_sshd_user | ||
314 | set_sshd_permissions | ||
315 | if [ "$2" = "1:3.5p1-1" ]; then | ||
316 | fix_ssh_group | ||
317 | fi | ||
318 | set_ssh_agent_permissions | ||
319 | if dpkg --compare-versions "$2" lt 1:3.6.1p2-2; then | ||
320 | fix_conffile_permissions | ||
321 | fi | ||
322 | setup_startup | ||
323 | setup_init | ||
324 | |||
325 | |||
326 | db_stop | ||
327 | |||
328 | exit 0 | ||
329 | |||
diff --git a/debian/postrm b/debian/postrm new file mode 100644 index 000000000..73eeeb463 --- /dev/null +++ b/debian/postrm | |||
@@ -0,0 +1,30 @@ | |||
1 | #!/bin/sh -e | ||
2 | |||
3 | #DEBHELPER# | ||
4 | |||
5 | if [ "$1" = "purge" ] | ||
6 | then | ||
7 | # Remove all non-conffiles that ssh might create, so that we can | ||
8 | # smoothly remove /etc/ssh if and only if the user hasn't dropped some | ||
9 | # other files in there. Conffiles have already been removed at this | ||
10 | # point. | ||
11 | rm -f /etc/ssh/moduli /etc/ssh/primes | ||
12 | rm -f /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.pub | ||
13 | rm -f /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub | ||
14 | rm -f /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub | ||
15 | rm -f /etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts2 | ||
16 | rm -f /etc/ssh/sshd_config | ||
17 | rm -f /etc/ssh/sshd_not_to_be_run | ||
18 | rmdir --ignore-fail-on-non-empty /etc/ssh | ||
19 | fi | ||
20 | |||
21 | if [ "$1" = "purge" ] ; then | ||
22 | update-rc.d ssh remove >/dev/null | ||
23 | fi | ||
24 | |||
25 | if [ "$1" = "purge" ] ; then | ||
26 | deluser --quiet sshd > /dev/null || true | ||
27 | delgroup --quiet ssh > /dev/null || true | ||
28 | fi | ||
29 | |||
30 | exit 0 | ||
diff --git a/debian/preinst b/debian/preinst new file mode 100644 index 000000000..320d4df2a --- /dev/null +++ b/debian/preinst | |||
@@ -0,0 +1,79 @@ | |||
1 | #!/bin/sh -e | ||
2 | |||
3 | action=$1 | ||
4 | version=$2 | ||
5 | |||
6 | if [ -d /etc/ssh-nonfree -a ! -d /etc/ssh ]; then | ||
7 | version=1.2.27 | ||
8 | fi | ||
9 | |||
10 | if [ "$action" = upgrade -o "$action" = install ] | ||
11 | then | ||
12 | # check if debconf is missing | ||
13 | if ! test -f /usr/share/debconf/confmodule | ||
14 | then | ||
15 | cat <<EOF | ||
16 | |||
17 | WARNING: ssh's pre-configuration script relies on debconf to tell you | ||
18 | about some problems that might prevent you from logging in if you are | ||
19 | upgrading from the old, Non-free version of ssh. | ||
20 | |||
21 | If this is a new installation, you don't need to worry about this. | ||
22 | Just go ahead and install ssh (make sure to read .../ssh/README.Debian). | ||
23 | |||
24 | If you are upgrading, but you have alternative ways of logging into | ||
25 | the machine (i.e. you're sitting in front of it, or you have telnetd | ||
26 | running), then you also don't need to worry too much, because you can | ||
27 | fix it up afterwards if there's a problem. | ||
28 | |||
29 | If you're upgrading from an older (non-free) version of ssh, and ssh | ||
30 | is the only way you have to access this machine, then you should | ||
31 | probably abort the installation of ssh, install debconf, and then | ||
32 | retry the installation of ssh. | ||
33 | |||
34 | EOF | ||
35 | echo -n "Do you want to install SSH anyway [yN]: " | ||
36 | read input | ||
37 | expr "$input" : '[Yy]' >/dev/null || exit 1 | ||
38 | |||
39 | # work around for missing debconf | ||
40 | db_get() { : ; } | ||
41 | RET=true | ||
42 | if [ -d /etc/ssh-nonfree -a ! -d /etc/ssh ]; then | ||
43 | cp -a /etc/ssh-nonfree /etc/ssh | ||
44 | fi | ||
45 | else | ||
46 | # Source debconf library. | ||
47 | . /usr/share/debconf/confmodule | ||
48 | db_version 2.0 | ||
49 | fi | ||
50 | |||
51 | db_get ssh/use_old_init_script | ||
52 | if [ "$RET" = "false" ]; then | ||
53 | echo "ssh config: Aborting because ssh/use_old_init_script = false" >&2 | ||
54 | exit 1 | ||
55 | fi | ||
56 | |||
57 | # deal with upgrading from pre-OpenSSH versions | ||
58 | key=/etc/ssh/ssh_host_key | ||
59 | export key | ||
60 | if [ -n "$version" ] && [ -x /usr/bin/ssh-keygen ] && [ -f $key ] && | ||
61 | dpkg --compare-versions "$version" lt 1.2.28 | ||
62 | then | ||
63 | # make sure that keys get updated to get rid of IDEA | ||
64 | # | ||
65 | # N.B. this only works because we've still got the old | ||
66 | # nonfree ssh-keygen at this point | ||
67 | # | ||
68 | # First, check if we need to bother | ||
69 | echo -en '\0\0' | 3<&0 sh -c \ | ||
70 | 'dd if=$key bs=1 skip=32 count=2 2>/dev/null | cmp -s - /dev/fd/3' || { | ||
71 | # this means that bytes 32&33 of the key were not both zero, in which | ||
72 | # case the key is encrypted, which we need to fix | ||
73 | chmod 600 $key | ||
74 | ssh-keygen -u -f $key >/dev/null | ||
75 | } | ||
76 | fi | ||
77 | fi | ||
78 | |||
79 | #DEBHELPER# | ||
diff --git a/debian/prerm b/debian/prerm new file mode 100644 index 000000000..8ed7e07ec --- /dev/null +++ b/debian/prerm | |||
@@ -0,0 +1,44 @@ | |||
1 | #! /bin/sh | ||
2 | # prerm script for ssh | ||
3 | # | ||
4 | # see: dh_installdeb(1) | ||
5 | |||
6 | set -e | ||
7 | |||
8 | # summary of how this script can be called: | ||
9 | # * <prerm> `remove' | ||
10 | # * <old-prerm> `upgrade' <new-version> | ||
11 | # * <new-prerm> `failed-upgrade' <old-version> | ||
12 | # * <conflictor's-prerm> `remove' `in-favour' <package> <new-version> | ||
13 | # * <deconfigured's-prerm> `deconfigure' `in-favour' | ||
14 | # <package-being-installed> <version> `removing' | ||
15 | # <conflicting-package> <version> | ||
16 | # for details, see /usr/share/doc/packaging-manual/ | ||
17 | |||
18 | case "$1" in | ||
19 | remove|deconfigure) | ||
20 | update-alternatives --quiet --remove rsh /usr/bin/ssh | ||
21 | update-alternatives --quiet --remove rlogin /usr/bin/slogin | ||
22 | update-alternatives --quiet --remove rcp /usr/bin/scp | ||
23 | if [ -e /etc/init.d/ssh ]; then | ||
24 | /etc/init.d/ssh stop | ||
25 | fi | ||
26 | # install-info --quiet --remove /usr/info/ssh-askpass.info.gz | ||
27 | ;; | ||
28 | upgrade) | ||
29 | # install-info --quiet --remove /usr/info/ssh-askpass.info.gz | ||
30 | ;; | ||
31 | failed-upgrade) | ||
32 | ;; | ||
33 | *) | ||
34 | echo "prerm called with unknown argument \`$1'" >&2 | ||
35 | exit 0 | ||
36 | ;; | ||
37 | esac | ||
38 | |||
39 | # dh_installdeb will replace this with shell code automatically | ||
40 | # generated by other debhelper scripts. | ||
41 | |||
42 | #DEBHELPER# | ||
43 | |||
44 | exit 0 | ||
diff --git a/debian/rules b/debian/rules new file mode 100755 index 000000000..ec594ecb0 --- /dev/null +++ b/debian/rules | |||
@@ -0,0 +1,130 @@ | |||
1 | #!/usr/bin/make -f | ||
2 | |||
3 | # Uncomment this to turn on verbose mode. | ||
4 | # export DH_VERBOSE=1 | ||
5 | |||
6 | # This is the debhelper compatability version to use. | ||
7 | export DH_COMPAT=1 | ||
8 | |||
9 | # This has to be exported to make some magic below work. | ||
10 | export DH_OPTIONS | ||
11 | |||
12 | ifeq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) | ||
13 | OPTFLAGS := -O2 | ||
14 | else | ||
15 | OPTFLAGS := -O0 | ||
16 | endif | ||
17 | |||
18 | #PKG_VER = $(shell perl -e 'print <> =~ /\((.*)\)/' debian/changelog) | ||
19 | |||
20 | ifeq (,$(wildcard /usr/bin/po2debconf)) | ||
21 | PO2DEBCONF := no | ||
22 | MINDEBCONFVER := 0.5 | ||
23 | else | ||
24 | PO2DEBCONF := yes | ||
25 | MINDEBCONFVER := 1.2.0 | ||
26 | endif | ||
27 | |||
28 | # Change the version string to include the Debian version | ||
29 | SSH_VERSION := $(shell sed -e '/define/!d; s/.*\"\(.*\)\".*/\1/; q' <version.h) Debian $(shell dpkg-parsechangelog | sed -n -e '/^Version:/s/Version: //p') | ||
30 | |||
31 | build: build-stamp | ||
32 | build-stamp: | ||
33 | dh_testdir | ||
34 | ./configure --prefix=/usr --sysconfdir=/etc/ssh --libexecdir=/usr/lib --mandir=/usr/share/man --with-tcp-wrappers --with-xauth=/usr/bin/X11/xauth --with-default-path=/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin --with-superuser-path=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin --with-pam --with-4in6 \ | ||
35 | --with-privsep-path=/var/run/sshd --without-rand-helper | ||
36 | $(MAKE) -j 2 ASKPASS_PROGRAM='/usr/bin/ssh-askpass' CFLAGS='$(OPTFLAGS) -g -Wall -fno-builtin-log -DLOGIN_PROGRAM=\"/bin/login\" -DLOGIN_NO_ENDOPT -DSSHD_PAM_SERVICE=\"ssh\" -D__FILE_OFFSET_BITS=64 -DHAVE_MMAP_ANON_SHARED -DSSH_VERSION="\"$(SSH_VERSION)\""' \ | ||
37 | SSH_KEYSIGN='/usr/lib/ssh-keysign' | ||
38 | # Support building on Debian 3.0 (with GNOME 1.4) and later. | ||
39 | if [ -f /usr/include/libgnomeui-2.0/gnome.h ]; then \ | ||
40 | $(MAKE) -C contrib gnome-ssh-askpass2 CC='gcc $(OPTFLAGS) -g -Wall'; \ | ||
41 | elif [ -f /usr/include/gnome-1.0/gnome.h ]; then \ | ||
42 | $(MAKE) -C contrib gnome-ssh-askpass1 CC='gcc $(OPTFLAGS) -g -Wall'; \ | ||
43 | fi | ||
44 | |||
45 | touch build-stamp | ||
46 | |||
47 | clean: | ||
48 | dh_testdir | ||
49 | rm -f build-stamp | ||
50 | -$(MAKE) -i distclean | ||
51 | -$(MAKE) -C contrib clean | ||
52 | rm -f config.log | ||
53 | ifeq ($(PO2DEBCONF),yes) | ||
54 | # Hack for woody compatibility. This makes sure that the | ||
55 | # debian/templates file shipped in the source package doesn't | ||
56 | # specify encodings, which woody's debconf can't handle. If building | ||
57 | # on a system with po-debconf installed (conveniently debhelper (>= | ||
58 | # 4.1.16) depends on it), the binary-arch target will generate a | ||
59 | # better version for sarge. | ||
60 | echo 1 > debian/po/output | ||
61 | po2debconf debian/templates.master > debian/templates | ||
62 | rm -f debian/po/output | ||
63 | endif | ||
64 | dh_clean | ||
65 | |||
66 | install: DH_OPTIONS= | ||
67 | install: build | ||
68 | dh_testdir | ||
69 | dh_testroot | ||
70 | dh_clean -k | ||
71 | dh_installdirs | ||
72 | |||
73 | # Add here commands to install the package into debian/tmp. | ||
74 | $(MAKE) DESTDIR=`pwd`/debian/tmp install-nokeys | ||
75 | |||
76 | rm -f debian/tmp/etc/ssh/sshd_config | ||
77 | #Temporary hack: remove /usr/share/Ssh.bin, since we have no smartcard support anyway. | ||
78 | rm -f debian/tmp/usr/share/Ssh.bin | ||
79 | |||
80 | install -m 755 contrib/ssh-copy-id debian/tmp/usr/bin/ssh-copy-id | ||
81 | install -m 644 -c contrib/ssh-copy-id.1 debian/tmp/usr/share/man/man1/ssh-copy-id.1 | ||
82 | install -m 644 debian/moduli.5 debian/tmp/usr/share/man/man5/moduli.5 | ||
83 | |||
84 | if [ -f contrib/gnome-ssh-askpass2 ]; then \ | ||
85 | install -s -o root -g root -m 755 contrib/gnome-ssh-askpass2 debian/ssh-askpass-gnome/usr/lib/ssh/gnome-ssh-askpass; \ | ||
86 | elif [ -f contrib/gnome-ssh-askpass1 ]; then \ | ||
87 | install -s -o root -g root -m 755 contrib/gnome-ssh-askpass1 debian/ssh-askpass-gnome/usr/lib/ssh/gnome-ssh-askpass; \ | ||
88 | fi | ||
89 | install -m 644 debian/gnome-ssh-askpass.1 debian/ssh-askpass-gnome/usr/share/man/man1/gnome-ssh-askpass.1 | ||
90 | |||
91 | install -m 755 debian/ssh-argv0 debian/tmp/usr/bin/ssh-argv0 | ||
92 | install -m 644 debian/ssh-argv0.1 debian/tmp/usr/share/man/man1/ssh-argv0.1 | ||
93 | |||
94 | install -o root -g root debian/init debian/tmp/etc/init.d/ssh | ||
95 | install -o root -g root -m 644 debian/ssh.default debian/tmp/etc/default/ssh | ||
96 | |||
97 | install -o root -g root -m 755 -d debian/tmp/var/run/sshd | ||
98 | |||
99 | # Build architecture-independent files here. | ||
100 | binary-indep: build install | ||
101 | # nothing to do | ||
102 | |||
103 | # Build architecture-dependent files here. | ||
104 | binary-arch: build install | ||
105 | dh_testdir | ||
106 | dh_testroot | ||
107 | ifeq ($(PO2DEBCONF),yes) | ||
108 | po2debconf -e utf8 debian/templates.master > debian/templates | ||
109 | endif | ||
110 | dh_installdebconf | ||
111 | dh_installdocs OVERVIEW README | ||
112 | cat debian/copyright.head LICENCE > debian/tmp/usr/share/doc/ssh/copyright | ||
113 | nroff RFC.nroff > debian/tmp/usr/share/doc/ssh/RFC | ||
114 | gzip -9 debian/tmp/usr/share/doc/ssh/RFC | ||
115 | rm -rf debian/tmp/usr/share/doc/ssh/RFC.nroff.gz | ||
116 | dh_installpam | ||
117 | dh_installchangelogs ChangeLog | ||
118 | dh_strip | ||
119 | dh_compress | ||
120 | dh_fixperms | ||
121 | dh_installdeb | ||
122 | test ! -e debian/tmp/etc/ssh/ssh_prng_cmds \ | ||
123 | || echo "/etc/ssh/ssh_prng_cmds" >> debian/tmp/DEBIAN/conffiles | ||
124 | dh_shlibdeps | ||
125 | dh_gencontrol -- -V'debconf-depends=debconf (>= $(MINDEBCONFVER))' | ||
126 | dh_md5sums | ||
127 | dh_builddeb | ||
128 | |||
129 | binary: binary-indep binary-arch | ||
130 | .PHONY: build clean binary-indep binary-arch binary install | ||
diff --git a/debian/ssh-argv0 b/debian/ssh-argv0 new file mode 100644 index 000000000..67599aec2 --- /dev/null +++ b/debian/ssh-argv0 | |||
@@ -0,0 +1,30 @@ | |||
1 | #! /bin/sh -e | ||
2 | |||
3 | # Copyright (c) 2001 Jonathan Amery. | ||
4 | # | ||
5 | # Redistribution and use in source and binary forms, with or without | ||
6 | # modification, are permitted provided that the following conditions | ||
7 | # are met: | ||
8 | # 1. Redistributions of source code must retain the above copyright | ||
9 | # notice, this list of conditions and the following disclaimer. | ||
10 | # 2. Redistributions in binary form must reproduce the above copyright | ||
11 | # notice, this list of conditions and the following disclaimer in the | ||
12 | # documentation and/or other materials provided with the distribution. | ||
13 | # | ||
14 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
15 | # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
16 | # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
17 | # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
18 | # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
19 | # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
20 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
21 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
22 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
23 | # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
24 | |||
25 | if [ "${0##*/}" = "ssh-argv0" ] | ||
26 | then | ||
27 | echo 'ssh-argv0: This script should not be run like this, see ssh-argv0(1) for details' 1>&2 | ||
28 | exit 1 | ||
29 | fi | ||
30 | exec ssh "${0##*/}" "$@" | ||
diff --git a/debian/ssh-argv0.1 b/debian/ssh-argv0.1 new file mode 100644 index 000000000..a36a63d40 --- /dev/null +++ b/debian/ssh-argv0.1 | |||
@@ -0,0 +1,64 @@ | |||
1 | .Dd September 7, 2001 | ||
2 | .Dt SSH-ARGV0 1 | ||
3 | .Os Debian Project | ||
4 | .Sh NAME | ||
5 | .Nm ssh-argv0 | ||
6 | .Nd replaces the old ssh command-name as hostname handling | ||
7 | .Sh SYNOPSIS | ||
8 | .Ar hostname | user@hostname | ||
9 | .Op Fl l Ar login_name | ||
10 | .Op Ar command | ||
11 | .Pp | ||
12 | .Ar hostname | user@hostname | ||
13 | .Op Fl afgknqstvxACNTX1246 | ||
14 | .Op Fl b Ar bind_address | ||
15 | .Op Fl c Ar cipher_spec | ||
16 | .Op Fl e Ar escape_char | ||
17 | .Op Fl i Ar identity_file | ||
18 | .Op Fl l Ar login_name | ||
19 | .Op Fl m Ar mac_spec | ||
20 | .Op Fl o Ar option | ||
21 | .Op Fl p Ar port | ||
22 | .Op Fl F Ar configfile | ||
23 | .Oo Fl L Xo | ||
24 | .Sm off | ||
25 | .Ar port : | ||
26 | .Ar host : | ||
27 | .Ar hostport | ||
28 | .Sm on | ||
29 | .Xc | ||
30 | .Oc | ||
31 | .Oo Fl R Xo | ||
32 | .Sm off | ||
33 | .Ar port : | ||
34 | .Ar host : | ||
35 | .Ar hostport | ||
36 | .Sm on | ||
37 | .Xc | ||
38 | .Oc | ||
39 | .Op Fl D Ar port | ||
40 | .Op Ar command | ||
41 | .Sh DESCRIPTION | ||
42 | .Nm | ||
43 | replaces the old ssh command-name as hostname handling. | ||
44 | If you link to this script with a hostname then executing the link is | ||
45 | equivalent to having executed ssh with that hostname as an argument. | ||
46 | All other arguments are passed to ssh and will be processed normally. | ||
47 | .Sh OPTIONS | ||
48 | See | ||
49 | .Xr ssh 1 . | ||
50 | .Sh FILES | ||
51 | See | ||
52 | .Xr ssh 1 . | ||
53 | .Sh AUTHORS | ||
54 | OpenSSH is a derivative of the original and free | ||
55 | ssh 1.2.12 release by Tatu Ylonen. | ||
56 | Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, | ||
57 | Theo de Raadt and Dug Song | ||
58 | removed many bugs, re-added newer features and | ||
59 | created OpenSSH. | ||
60 | Markus Friedl contributed the support for SSH | ||
61 | protocol versions 1.5 and 2.0. | ||
62 | Jonathan Amery wrote this ssh-argv0 script and the associated documentation. | ||
63 | .Sh SEE ALSO | ||
64 | .Xr ssh 1 | ||
diff --git a/debian/ssh-askpass-gnome.copyright b/debian/ssh-askpass-gnome.copyright new file mode 100644 index 000000000..4a71dda00 --- /dev/null +++ b/debian/ssh-askpass-gnome.copyright | |||
@@ -0,0 +1,44 @@ | |||
1 | This package contains a Gnome based implementation of ssh-askpass | ||
2 | written by Damien Miller. | ||
3 | |||
4 | It is split out from the main package to isolate the dependency on the | ||
5 | Gnome and X11 libraries. | ||
6 | |||
7 | It was packaged for Debian by Philip Hands <phil@hands.com>. | ||
8 | |||
9 | Copyright: | ||
10 | |||
11 | /* | ||
12 | ** | ||
13 | ** GNOME ssh passphrase requestor | ||
14 | ** | ||
15 | ** Damien Miller <djm@ibs.com.au> | ||
16 | ** | ||
17 | ** Copyright 1999 Internet Business Solutions | ||
18 | ** | ||
19 | ** Permission is hereby granted, free of charge, to any person | ||
20 | ** obtaining a copy of this software and associated documentation | ||
21 | ** files (the "Software"), to deal in the Software without | ||
22 | ** restriction, including without limitation the rights to use, copy, | ||
23 | ** modify, merge, publish, distribute, sublicense, and/or sell copies | ||
24 | ** of the Software, and to permit persons to whom the Software is | ||
25 | ** furnished to do so, subject to the following conditions: | ||
26 | ** | ||
27 | ** The above copyright notice and this permission notice shall be | ||
28 | ** included in all copies or substantial portions of the Software. | ||
29 | ** | ||
30 | ** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY | ||
31 | ** KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE | ||
32 | ** WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE | ||
33 | ** AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER OR INTERNET | ||
34 | ** BUSINESS SOLUTIONS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
35 | ** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, | ||
36 | ** ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE | ||
37 | ** OR OTHER DEALINGS IN THE SOFTWARE. | ||
38 | ** | ||
39 | ** Except as contained in this notice, the name of Internet Business | ||
40 | ** Solutions shall not be used in advertising or otherwise to promote | ||
41 | ** the sale, use or other dealings in this Software without prior | ||
42 | ** written authorization from Internet Business Solutions. | ||
43 | ** | ||
44 | */ | ||
diff --git a/debian/ssh-askpass-gnome.dirs b/debian/ssh-askpass-gnome.dirs new file mode 100644 index 000000000..4d0ee7a32 --- /dev/null +++ b/debian/ssh-askpass-gnome.dirs | |||
@@ -0,0 +1,2 @@ | |||
1 | usr/lib/ssh | ||
2 | usr/share/man/man1 | ||
diff --git a/debian/ssh-askpass-gnome.postinst b/debian/ssh-askpass-gnome.postinst new file mode 100644 index 000000000..7441cca29 --- /dev/null +++ b/debian/ssh-askpass-gnome.postinst | |||
@@ -0,0 +1,53 @@ | |||
1 | #! /bin/sh | ||
2 | # postinst script for ssh-askpass-gnome | ||
3 | # | ||
4 | # see: dh_installdeb(1) | ||
5 | |||
6 | set -e | ||
7 | |||
8 | # summary of how this script can be called: | ||
9 | # * <postinst> `configure' <most-recently-configured-version> | ||
10 | # * <old-postinst> `abort-upgrade' <new version> | ||
11 | # * <conflictor's-postinst> `abort-remove' `in-favour' <package> | ||
12 | # <new-version> | ||
13 | # * <deconfigured's-postinst> `abort-deconfigure' `in-favour' | ||
14 | # <failed-install-package> <version> `removing' | ||
15 | # <conflicting-package> <version> | ||
16 | # for details, see /usr/share/doc/packaging-manual/ | ||
17 | # | ||
18 | # quoting from the policy: | ||
19 | # Any necessary prompting should almost always be confined to the | ||
20 | # post-installation script, and should be protected with a conditional | ||
21 | # so that unnecessary prompting doesn't happen if a package's | ||
22 | # installation fails and the `postinst' is called with `abort-upgrade', | ||
23 | # `abort-remove' or `abort-deconfigure'. | ||
24 | |||
25 | case "$1" in | ||
26 | configure) | ||
27 | update-alternatives --quiet \ | ||
28 | --install /usr/bin/ssh-askpass ssh-askpass \ | ||
29 | /usr/lib/ssh/gnome-ssh-askpass 30 \ | ||
30 | --slave /usr/share/man/man1/ssh-askpass.1.gz \ | ||
31 | ssh-askpass.1.gz /usr/share/man/man1/gnome-ssh-askpass.1.gz | ||
32 | |||
33 | |||
34 | ;; | ||
35 | |||
36 | abort-upgrade|abort-remove|abort-deconfigure) | ||
37 | |||
38 | ;; | ||
39 | |||
40 | *) | ||
41 | echo "postinst called with unknown argument \`$1'" >&2 | ||
42 | exit 0 | ||
43 | ;; | ||
44 | esac | ||
45 | |||
46 | # dh_installdeb will replace this with shell code automatically | ||
47 | # generated by other debhelper scripts. | ||
48 | |||
49 | #DEBHELPER# | ||
50 | |||
51 | exit 0 | ||
52 | |||
53 | |||
diff --git a/debian/ssh-askpass-gnome.prerm b/debian/ssh-askpass-gnome.prerm new file mode 100644 index 000000000..6f3f5756d --- /dev/null +++ b/debian/ssh-askpass-gnome.prerm | |||
@@ -0,0 +1,41 @@ | |||
1 | #! /bin/sh | ||
2 | # prerm script for ssh-askpass-gnome | ||
3 | # | ||
4 | # see: dh_installdeb(1) | ||
5 | |||
6 | set -e | ||
7 | |||
8 | # summary of how this script can be called: | ||
9 | # * <prerm> `remove' | ||
10 | # * <old-prerm> `upgrade' <new-version> | ||
11 | # * <new-prerm> `failed-upgrade' <old-version> | ||
12 | # * <conflictor's-prerm> `remove' `in-favour' <package> <new-version> | ||
13 | # * <deconfigured's-prerm> `deconfigure' `in-favour' | ||
14 | # <package-being-installed> <version> `removing' | ||
15 | # <conflicting-package> <version> | ||
16 | # for details, see /usr/share/doc/packaging-manual/ | ||
17 | |||
18 | case "$1" in | ||
19 | remove|deconfigure) | ||
20 | update-alternatives --quiet --remove ssh-askpass /usr/lib/ssh/gnome-ssh-askpass | ||
21 | # install-info --quiet --remove /usr/info/ssh-askpass.info.gz | ||
22 | ;; | ||
23 | upgrade) | ||
24 | # install-info --quiet --remove /usr/info/ssh-askpass.info.gz | ||
25 | ;; | ||
26 | failed-upgrade) | ||
27 | ;; | ||
28 | *) | ||
29 | echo "prerm called with unknown argument \`$1'" >&2 | ||
30 | exit 0 | ||
31 | ;; | ||
32 | esac | ||
33 | |||
34 | # dh_installdeb will replace this with shell code automatically | ||
35 | # generated by other debhelper scripts. | ||
36 | |||
37 | #DEBHELPER# | ||
38 | |||
39 | exit 0 | ||
40 | |||
41 | |||
diff --git a/debian/ssh.default b/debian/ssh.default new file mode 100644 index 000000000..aa03c4e07 --- /dev/null +++ b/debian/ssh.default | |||
@@ -0,0 +1,5 @@ | |||
1 | # Default settings for ssh. This file is sourced by /bin/sh from | ||
2 | # /etc/init.d/ssh. | ||
3 | |||
4 | # Options to pass to sshd | ||
5 | SSHD_OPTS= | ||
diff --git a/debian/ssh.pam b/debian/ssh.pam new file mode 100644 index 000000000..f6fbd3ebc --- /dev/null +++ b/debian/ssh.pam | |||
@@ -0,0 +1,21 @@ | |||
1 | #%PAM-1.0 | ||
2 | auth required pam_nologin.so | ||
3 | auth required pam_unix.so | ||
4 | auth required pam_env.so # [1] | ||
5 | |||
6 | account required pam_unix.so | ||
7 | |||
8 | session required pam_unix.so | ||
9 | session optional pam_motd.so # [1] | ||
10 | session optional pam_mail.so standard noenv # [1] | ||
11 | session required pam_limits.so | ||
12 | |||
13 | password required pam_unix.so | ||
14 | |||
15 | # Alternate strength checking for password. Note that this | ||
16 | # requires the libpam-cracklib package to be installed. | ||
17 | # You will need to comment out the password line above and | ||
18 | # uncomment the next two in order to use this. | ||
19 | # | ||
20 | # password required pam_cracklib.so retry=3 minlen=6 difok=3 | ||
21 | # password required pam_unix.so use_authtok nullok md5 | ||
diff --git a/debian/templates.master b/debian/templates.master new file mode 100644 index 000000000..a4005fd38 --- /dev/null +++ b/debian/templates.master | |||
@@ -0,0 +1,157 @@ | |||
1 | Template: ssh/privsep_tell | ||
2 | Type: note | ||
3 | _Description: Privilege separation | ||
4 | This version of OpenSSH contains the new privilege separation option. This | ||
5 | significantly reduces the quantity of code that runs as root, and | ||
6 | therefore reduces the impact of security holes in sshd. | ||
7 | . | ||
8 | Unfortunately, privilege separation interacts badly with PAM. Any PAM | ||
9 | session modules that need to run as root (pam_mkhomedir, for example) will | ||
10 | fail, and PAM keyboard-interactive authentication won't work. | ||
11 | . | ||
12 | Privilege separation is turned on by default, so if you decide you want it | ||
13 | turned off, you need to add "UsePrivilegeSeparation no" to | ||
14 | /etc/ssh/sshd_config. | ||
15 | |||
16 | Template: ssh/privsep_ask | ||
17 | Type: boolean | ||
18 | Default: true | ||
19 | _Description: Enable Privilege separation | ||
20 | This version of OpenSSH contains the new privilege separation option. This | ||
21 | significantly reduces the quantity of code that runs as root, and | ||
22 | therefore reduces the impact of security holes in sshd. | ||
23 | . | ||
24 | Unfortunately, privilege separation interacts badly with PAM. Any PAM | ||
25 | session modules that need to run as root (pam_mkhomedir, for example) will | ||
26 | fail, and PAM keyboard-interactive authentication won't work. | ||
27 | . | ||
28 | Since you've opted to have me generate an sshd_config file for you, you | ||
29 | can choose whether or not to have Privilege Separation turned on or not. | ||
30 | Unless you know you need to use PAM features that won't work with this | ||
31 | option, you should say yes here. | ||
32 | |||
33 | Template: ssh/new_config | ||
34 | Type: boolean | ||
35 | Default: true | ||
36 | _Description: Generate new configuration file | ||
37 | This version of OpenSSH has a considerably changed configuration file from | ||
38 | the version shipped in Debian 'Potato', which you appear to be upgrading | ||
39 | from. I can now generate you a new configuration file | ||
40 | (/etc/ssh/sshd.config), which will work with the new server version, but | ||
41 | will not contain any customisations you made with the old version. | ||
42 | . | ||
43 | Please note that this new configuration file will set the value of | ||
44 | 'PermitRootLogin' to yes (meaning that anyone knowing the root password | ||
45 | can ssh directly in as root). It is the opinion of the maintainer that | ||
46 | this is the correct default (see README.Debian for more details), but you | ||
47 | can always edit sshd_config and set it to no if you wish. | ||
48 | . | ||
49 | It is strongly recommended that you let me generate a new configuration | ||
50 | file for you. | ||
51 | |||
52 | Template: ssh/protocol2_only | ||
53 | Type: boolean | ||
54 | Default: true | ||
55 | _Description: Allow SSH protocol 2 only | ||
56 | This version of OpenSSH supports version 2 of the ssh protocol, which is | ||
57 | much more secure. Disabling ssh 1 is encouraged, however this will slow | ||
58 | things down on low end machines and might prevent older clients from | ||
59 | connecting (the ssh client shipped with "potato" is affected). | ||
60 | . | ||
61 | Also please note that keys used for protocol 1 are different so you will | ||
62 | not be able to use them if you only allow protocol 2 connections. | ||
63 | . | ||
64 | If you later change your mind about this setting, README.Debian has | ||
65 | instructions on what to do to your sshd_config file. | ||
66 | |||
67 | Template: ssh/ssh2_keys_merged | ||
68 | Type: note | ||
69 | _Description: ssh2 keys merged in configuration files | ||
70 | As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 | ||
71 | keys. This means the authorized_keys2 and known_hosts2 files are no longer | ||
72 | needed. They will still be read in order to maintain backwards | ||
73 | compatibility | ||
74 | |||
75 | Template: ssh/use_old_init_script | ||
76 | Type: boolean | ||
77 | Default: false | ||
78 | _Description: Do you want to continue (and risk killing active ssh sessions) ? | ||
79 | The version of /etc/init.d/ssh that you have installed, is likely to kill | ||
80 | all running sshd instances. If you are doing this upgrade via an ssh | ||
81 | session, that would be a Bad Thing(tm). | ||
82 | . | ||
83 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | ||
84 | start-stop-daemon line in the stop section of the file. | ||
85 | |||
86 | Template: ssh/forward_warning | ||
87 | Type: note | ||
88 | _Description: NOTE: Forwarding of X11 and Authorization disabled by default. | ||
89 | For security reasons, the Debian version of ssh has ForwardX11 and | ||
90 | ForwardAgent set to ``off'' by default. | ||
91 | . | ||
92 | You can enable it for servers you trust, either in one of the | ||
93 | configuration files, or with the -X command line option. | ||
94 | . | ||
95 | More details can be found in /usr/share/doc/ssh/README.Debian | ||
96 | |||
97 | Template: ssh/insecure_rshd | ||
98 | Type: note | ||
99 | _Description: Warning: rsh-server is installed --- probably not a good idea | ||
100 | having rsh-server installed undermines the security that you were probably | ||
101 | wanting to obtain by installing ssh. I'd advise you to remove that | ||
102 | package. | ||
103 | |||
104 | Template: ssh/insecure_telnetd | ||
105 | Type: note | ||
106 | _Description: Warning: telnetd is installed --- probably not a good idea | ||
107 | I'd advise you to either remove the telnetd package (if you don't actually | ||
108 | need to offer telnet access) or install telnetd-ssl so that there is at | ||
109 | least some chance that telnet sessions will not be sending unencrypted | ||
110 | login/password and session information over the network. | ||
111 | |||
112 | Template: ssh/encrypted_host_key_but_no_keygen | ||
113 | Type: note | ||
114 | _Description: Warning: you must create a new host key | ||
115 | There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH | ||
116 | can not handle this host key file, and I can't find the ssh-keygen utility | ||
117 | from the old (non-free) SSH installation. | ||
118 | . | ||
119 | You will need to generate a new host key. | ||
120 | |||
121 | Template: ssh/SUID_client | ||
122 | Type: boolean | ||
123 | Default: true | ||
124 | _Description: Do you want /usr/lib/ssh-keysign to be installed SUID root? | ||
125 | You have the option of installing the ssh-keysign helper with the SUID bit | ||
126 | set. | ||
127 | . | ||
128 | If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 | ||
129 | host-based authentication. | ||
130 | . | ||
131 | If in doubt, I suggest you install it with SUID. If it causes problems | ||
132 | you can change your mind later by running: dpkg-reconfigure ssh | ||
133 | |||
134 | Template: ssh/run_sshd | ||
135 | Type: boolean | ||
136 | Default: true | ||
137 | _Description: Do you want to run the sshd server ? | ||
138 | This package contains both the ssh client, and the sshd server. | ||
139 | . | ||
140 | Normally the sshd Secure Shell Server will be run to allow remote logins | ||
141 | via ssh. | ||
142 | . | ||
143 | If you are only interested in using the ssh client for outbound | ||
144 | connections on this machine, and don't want to log into it at all using | ||
145 | ssh, then you can disable sshd here. | ||
146 | |||
147 | Template: ssh/user_environment_tell | ||
148 | Type: note | ||
149 | _Description: Environment options on keys have been deprecated | ||
150 | This version of OpenSSH disables the environment option for public keys by | ||
151 | default, in order to avoid certain attacks (for example, LD_PRELOAD). If | ||
152 | you are using this option in an authorized_keys file, beware that the keys | ||
153 | in question will no longer work until the option is removed. | ||
154 | . | ||
155 | To re-enable this option, set "PermitUserEnvironment yes" in | ||
156 | /etc/ssh/sshd_config after the upgrade is complete, taking note of the | ||
157 | warning in the sshd_config(5) manual page. | ||