From 98fc03d946c636001a40e97082352911cb2e7f22 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Mon, 1 Sep 2003 01:28:20 +0000 Subject: Debian release 3.4p1-3. --- debian/changelog | 22 ++++ debian/control | 3 +- debian/postinst | 9 -- debian/templates | 84 +-------------- debian/templates.da | 157 ++++++++++++++++++++++++++++ debian/templates.de | 95 +++++++++++++++++ debian/templates.es | 207 +++++++++++++++++++++++++++++++++++++ debian/templates.fr | 276 +++++++++++++++++++++++++++++++++++++++++++++++++ debian/templates.ja | 205 ++++++++++++++++++++++++++++++++++++ debian/templates.pt_BR | 181 ++++++++++++++++++++++++++++++++ debian/templates.ru | 207 +++++++++++++++++++++++++++++++++++++ 11 files changed, 1355 insertions(+), 91 deletions(-) create mode 100644 debian/templates.da create mode 100644 debian/templates.de create mode 100644 debian/templates.es create mode 100644 debian/templates.fr create mode 100644 debian/templates.ja create mode 100644 debian/templates.pt_BR create mode 100644 debian/templates.ru diff --git a/debian/changelog b/debian/changelog index f2e32f13e..71a950772 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,25 @@ +openssh (1:3.4p1-3) unstable; urgency=low + + * Add myself to Uploaders: and begin acting as temporary maintainer, at + Matthew's request. (Normal service will resume in some months' time.) + * Add sharutils to Build-Depends (closes: #138465). + * Stop creating the /usr/doc/ssh symlink. + + * Fix some debconf template typos (closes: #160358). + * Split debconf templates into one file per language. + * Add debconf template translations: + - Brazilian Portuguese (thanks, Andre Luis Lopes; closes: #106173). + - Danish (thanks, Claus Hindsgaul; closes: #126607). + - Japanese (thanks, Tomohiro KUBOTA; closes: #137427). + - Russian (thanks, Ilgiz Kalmetev; closes: #136610). + - Spanish (thanks, Carlos Valdivia Yagüe; closes: #129041). + * Update debconf template translations: + - French (thanks, Igor Genibel; closes: #151361). + - German (thanks, Axel Noetzold; closes: #147069). + * Some of these translations are fuzzy. Please send updates. + + -- Colin Watson Sun, 13 Oct 2002 14:09:57 +0100 + openssh (1:3.4p1-2) unstable; urgency=high * Get a security-fixed version into unstable diff --git a/debian/control b/debian/control index 7063438ad..acda7997a 100644 --- a/debian/control +++ b/debian/control @@ -2,8 +2,9 @@ Source: openssh Section: net Priority: standard Maintainer: Matthew Vernon -Build-Depends: libwrap0-dev | libwrap-dev, zlib1g-dev | libz-dev, libssl-dev, libpam0g-dev | libpam-dev, libgnome-dev, groff, debhelper (>=1.1.17) +Build-Depends: libwrap0-dev | libwrap-dev, zlib1g-dev | libz-dev, libssl-dev, libpam0g-dev | libpam-dev, libgnome-dev, groff, debhelper (>=1.1.17), sharutils Standards-Version: 3.5.2 +Uploaders: Colin Watson Package: ssh Architecture: any diff --git a/debian/postinst b/debian/postinst index 34fee95d8..10d61d86e 100644 --- a/debian/postinst +++ b/debian/postinst @@ -315,15 +315,6 @@ setup_startup setup_init -# Automatically added by dh_installdocs -if [ "$1" = "configure" ]; then - if [ -d /usr/doc -a ! -e /usr/doc/ssh -a -d /usr/share/doc/ssh ]; then - ln -sf ../share/doc/ssh /usr/doc/ssh - fi -fi -# End automatically added section - - [ -e /usr/share/debconf/confmodule ] && db_stop exit 0 diff --git a/debian/templates b/debian/templates index a9b4394d4..b56f8a5ec 100644 --- a/debian/templates +++ b/debian/templates @@ -12,11 +12,11 @@ Description: Privilege separation . Privilege separation is turned on by default, so if you decide you want it turned off, you need to add "UsePrivilegeSeparation no" to - /etc/ssh/sshd_config + /etc/ssh/sshd_config. . NB! If you are running a 2.0 series Linux kernel, then privilege separation will not work at all, and your sshd will fail to start - unless you explicity turn privilege separation off. + unless you explicitly turn privilege separation off. Template: ssh/privsep_ask Type: boolean @@ -54,7 +54,7 @@ Description: Generate new configuration file edit sshd_config and set it to no if you wish. . It is strongly recommended that you let me generate a new configuration file - for you + for you. Template: ssh/protocol2_only Type: boolean @@ -89,21 +89,6 @@ Description: Do you want to continue (and risk killing active ssh sessions) ? . You can fix this by adding "--pidfile /var/run/sshd.pid" to the start-stop-daemon line in the stop section of the file. -Description-de: Wollen Sie weitermachen (und das Killen der Session riskieren)? - Die Version von /etc/init.d/ssh, die sie installiert haben, wird - vermutlich ihre aktiven ssh-Instanzen killen. Wenn Sie das Upgrade - via ssh erledigen, dann ist das ein Problem. - . - Sie koennen das Problem beheben, indem sie "--pidfile /var/run/sshd.pid" - an die start-stop-daemon Zeile in dem Bereich stop der Datei - /etc/init.d/ssh ergaenzen. -Description-fr: Voulez vous continuer (et risquer de rompre les sessions ssh actives) ? - Il est probable que la version de /etc/init.d/ssh install=E9e en ce moment - tue toutes les instances de sshd lanc=E9es en ce moment. Si vous faite une - mise =E0 jour via ssh, ca serait une Mauvaise Chose(tm). - . - Vous pouvez corriger /etc/init.d/ssh en ajoutant '--pidfile /var/run/sshd.pid' - a la ligne 'start-stop-daemon' dans la section 'stop' du fichier. Template: ssh/forward_warning Type: note @@ -115,36 +100,12 @@ Description: NOTE: Forwarding of X11 and Authorization disabled by default. in one of the configuration files, or with the -X command line option. . More details can be found in /usr/share/doc/ssh/README.Debian -Description-de: HINWEIS: Forwarden von X11 und Authorisierung ist abgeschaltet. - Aus Sicherheitsgruenden haben die Debian Pakete von ssh ForwardX11 und - ForwardAgent auf "off" gesetzt. - . - Sie koenne dies fuer Server denen Sie trauen, entweder per Eintrag im - den Konfigurations Dateien oder per -X Kommando-Zeilen Option aendern. - . - Weitere Details koennen Sie in /usr/share/doc/ssh/README.Debian finden. -Description-fr: NOTE: Suivi de session X11 et d'agent d'autorisation d=E9sactiv=E9s par d=E9faut. - Pour des raisons de s=E9curit=E9, la version Debian de ssh positionne les - options ForwardX11 et ForwardAgent a ``Off'' par d=E9faut. - . - Vous pouvez activer ces options pour les serveurs en lesquels vous avez - confiance, soit dans un des fichiers de configuration, soit avec l'option - -X de la ligne de commande. - . - Plus d'informations sont disponibles dans /usr/share/doc/ssh/README.Debian. Template: ssh/insecure_rshd Type: note Description: Warning: rsh-server is installed --- probably not a good idea having rsh-server installed undermines the security that you were probably wanting to obtain by installing ssh. I'd advise you to remove that package. -Description-de: Warnung: rsh-server ist installiert --- moeglicherweise - ist es eine schlechte Idee den rsh-server installiert zu haben, da er - die Sicherheit untergraebt. Wir empfehlen das Paket zu entfernen. -Description-fr: Attention: le paquet rsh-server est install=E9 --- ce n'estprobablement pas une bonne id=E9e - Avoir un serveur rsh install=E9 affaibli la s=E9curit=E9 que vous vouliez - probablement obtenir en installant ssh. Je vous conseillerais de - d=E9installer ce paquet. Template: ssh/insecure_telnetd Type: note @@ -153,17 +114,6 @@ Description: Warning: telnetd is installed --- probably not a good idea need to offer telnet access) or install telnetd-ssl so that there is at least some chance that telnet sessions will not be sending unencrypted login/password and session information over the network. -Description-de: Warnung: telnetd ist installiert --- schlechte Idee - Wir empfehlen das telnetd Paket zu entfernen (wenn sie keine telnet Zugang - anbieten) oder telnetd-ssl zu installieren, so dass die Moeglichkeit besteht - dass das Login und Password nicht unverschluesselt durch das Netz gesendet - werden. -Description-fr: Attention: le paquet telnetd est install=E9 --- ce n'est probablement pas une bonne id=E9e - Je vous conseillerais de, soit enlever le paquet telnetd (si ce service - n'est pas n=E9cessaire), soit de le remplacer par le paquet telnetd-ssl - pour qu'il y ait au moins une chance que les sessions telnet soient - encrypt=E9es et que les mot de passes et logins ne passent pas en clair sur - le r=E9seau. Template: ssh/encrypted_host_key_but_no_keygen Type: note @@ -173,15 +123,6 @@ Description: Warning: you must create a new host key ssh-keygen utility from the old (non-free) SSH installation. . You will need to generate a new host key. -Description-de: Warnung: Sie muessen einen neuen Host Key erzeugen - Es existiert eine alte Variante von /etc/ssh/ssh_host_key welche - per IDEA verschluesselt ist. OpenSSH kann eine solche Host Key Datei - nicht lesen und ssh-keygen von der alten (nicht-freien) ssh Installation - kann nicht gefunden werden. -Description-fr: Attention: vous devez cr=E9er une nouvelle cl=E9 d'h=F4te - Il existe un vieux /etc/ssh/ssh_host_key qui est encrypt=E9 avec IDEA. - OpenSSH ne peut utiliser ce fichier de cl=E9, et je ne peux trouver - l'utilitaire ssh-keygen de l'installation pr=E9c=E9dente (non libre) de SSH. Template: ssh/SUID_client Type: boolean @@ -208,22 +149,3 @@ Description: Do you want to run the sshd server ? If you are only interested in using the ssh client for outbound connections on this machine, and don't want to log into it at all using ssh, then you can disable sshd here. -Description-de: Wollen Sie den sshd Server starten? - Das Paket enthaelt sowohl den client als auch den sshd server. - . - Normal wird der sshd Secure Shell Server fuer Remote Logins per ssh - gestartet. - . - Wenn Sie nur den ssh client nutzen wollen, um sich mit anderen Rechner - zu verbinden und sich nicht per ssh in diesen Computer einloggen wollen, - dann koennen Sie hier den sshd abschalten. -Description-fr: Voulez vous utiliser le serveur sshd ? - Ce paquet contient a la fois le client ssh et le serveur sshd. - . - Normalement le serveur sshd sera lanc=E9 pour permettre les logins distants - via ssh. - . - Si vous d=E9sirez seulement utiliser le client ssh pour vous connecter a - distance sur d'autres machines a partir de celle-ci, et que vous ne - voulez pas vous logguer sur cette machine a distance via ssh, alors vous - pouvez d=E9sactiver sshd maintenant. diff --git a/debian/templates.da b/debian/templates.da new file mode 100644 index 000000000..c17c60039 --- /dev/null +++ b/debian/templates.da @@ -0,0 +1,157 @@ +Template: ssh/protocol2_only +Type: boolean +Default: true +Description: Allow SSH protocol 2 only + This version of OpenSSH supports version 2 of the ssh protocol, which is + much more secure. Disabling ssh 1 is encouraged, however this will slow + things down on low end machines and might prevent older clients from + connecting. + . + Also please note that keys used for protocol 1 are different so you will + not be able to use them if you only allow protocol 2 connections. +Description-da: Tillad kun SSH protokol 2 + Denne udgave af OpenSSH understøtter version 2 af ssh-protokollen, som er + betydeligt mere sikker. Det anbefales af deaktivere version 1. Dog kan det + sløve langsomme maskiner, og forhindre ældre klienter i at opnå forbindelse. + +Template: ssh/ssh2_keys_merged +Type: note +Description: ssh2 keys merged in configuration files + As of version 3 OpenSSH no longer uses seperate files for ssh1 and ssh2 + keys. This means the authorized_keys2 and known_hosts2 files are no longer + needed. They will still be read in order to maintain backwards + compatibility +Description-da: ssh2-nøgler flettet i opsætningsfilerne + Siden version 3 har OpenSSH ikke længere separate filer for ssh1- og + ssh2-nøgler. Det betyder, at filerne authorized_keys2 og known_hosts2 ikke + længere er nødvendige. De vil stadig dog stadig blive læst for + bagudkompatilitetens skyld. + +Template: ssh/use_old_init_script +Type: boolean +Default: false +Description: Do you want to continue (and risk killing active ssh sessions) ? + The version of /etc/init.d/ssh that you have installed, is likely to kill + all running sshd instances. If you are doing this upgrade via an ssh + session, that would be a Bad Thing(tm). + . + You can fix this by adding "--pidfile /var/run/sshd.pid" to the + start-stop-daemon line in the stop section of the file. +Description-da: Vil du fortsætte (og risikere at afbryde aktive ssh-forbindelser)? + Den udgave af /etc/init.d/ssh, du har installeret, vil sandsynligvis afbryde + alle sshd-dæmoner. Det vil være en rigtigt dårlig idé, hvis du er ved at + opgradering via en ssh-forbindelse. + . + Du kan afhjælpe dette ved at tilføje "--pidfile /var/run/sshd.pid" til + 'start-stop-daemon'-linjen i stop-afsnittet af filen. + + +Template: ssh/forward_warning +Type: note +Description: NOTE: Forwarding of X11 and Authorization disabled by default. + For security reasons, the Debian version of ssh has ForwardX11 and + ForwardAgent set to ``off'' by default. + . + You can enable it for servers you trust, either in one of the + configuration files, or with the -X command line option. + . + More details can be found in /usr/share/doc/ssh/README.Debian +Description-da: BEMÆRK: Videregivelse af X11 og adgangkontrol er som standard deaktiveret. + Af sikkerhedsgrunde har Debianudgaven af ssh sat ForwardX11 og ForwardAgent + til 'off' som standard. + . + Du kan aktivere dem for servere, du stoler på i en af opsætningsfilerne + eller med kommandolinjetilvalget '-X'. + +Template: ssh/insecure_rshd +Type: note +Description: Warning: rsh-server is installed --- probably not a good idea + having rsh-server installed undermines the security that you were probably + wanting to obtain by installing ssh. I'd advise you to remove that + package. +Description-da: Advarsel: rsh-serveren er installeret --- sikkert ikke en god idé + Den sikkerhed, du nok ønskede at opnå ved at installere ssh undermineres + ved, at du har rsh-server installeret. Jeg vil råde dig til at fjerne + pakken rsh-server. + +Template: ssh/insecure_telnetd +Type: note +Description: Warning: telnetd is installed --- probably not a good idea + I'd advise you to either remove the telnetd package (if you don't actually + need to offer telnet access) or install telnetd-ssl so that there is at + least some chance that telnet sessions will not be sending unencrypted + login/password and session information over the network. +Description-da: Advarsel: telnetd er installeret --- sikkert ikke en god idé + Jeg vil råde dig til enten at fjerne pakken telnetd (hvis du i virkeligheden + ikke har brug for at tilbyde telnet-adgang) eller installere telnetd-ssl, så + der i det mindste er en mulighed for, at telnet-sessioner ikke sender + adgangskoder og sessions-oplysninger ukrypteret over netværket. + +Template: ssh/encrypted_host_key_but_no_keygen +Type: note +Description: Warning: you must create a new host key + There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH + can not handle this host key file, and I can't find the ssh-keygen utility + from the old (non-free) SSH installation. + . + You will need to generate a new host key. +Description-da: Advarsel: du skal oprette en ny værtsnøgle + Der ligger en gammel, IDEA-krypteret /etc/ssh/ssh_host_key. OpenSSH kan + ikke håndtere sådan en værtsnøglefil, og jeg kan ikke finde værktøjet + ssh-keygen fra den gamle (ikke-frie, 'non-free') SSH-installation. + +Template: ssh/SUID_client +Type: boolean +Default: false +Description: Do you want /usr/bin/ssh to be installed SUID root? + You have the option of installing the ssh client with the SUID bit set. + . + If you make ssh SUID, you will be able to use Rhosts/RhostsRSA + authentication, but will not be able to use socks via the LD_PRELOAD + trick. This is the traditional approach. + . + If you do not make ssh SUID, you will be able to use socks, but + Rhosts/RhostsRSA authentication will stop working, which may stop you + logging in to remote systems. It will also mean that the source port will + be above 1024, which may confound firewall rules you've set up. + . + If in doubt, I suggest you install it with SUID. If it causes problems + you can change your mind later by running: dpkg-reconfigure ssh +Description-da: Vil du have, at /usr/bin/ssh bliver installeret 'SUID root'? + Du har mulighed for at installere ssh-klienten med SUID-flaget sat. + . + Hvis du gør ssh SUID, vil du kunne bruge adgangskontrollen + Rhosts/RhostsRSA, men vil ikke kunne bruge socks med LD_PRELOAD-tricket. + Det vil være den almindelige fremgangsmåde. + . + Hvis du ikke gør ssh SUID, vil du kunne bruge socks, men adgangskontrol + med Rhosts/RhostRSA vil holde op med at virke, hvilket kan forhindre dig + i at logge ind på fjerne systemer. Det vil også betyde, at kildeporten + vil ligge over 1024, hvilket kan kollidere med eventuelle brandmure, du + har sat op. + . + Hvis du er i tvivl, foreslår jeg, at du installerer den med SUID. Hvis det + giver problemer, kan du senere ombestemme dig ved at køre: + 'dpkg-reconfigure ssh'. + +Template: ssh/run_sshd +Type: boolean +Default: true +Description: Do you want to run the sshd server ? + This package contains both the ssh client, and the sshd server. + . + Normally the sshd Secure Shell Server will be run to allow remote logins + via ssh. + . + If you are only interested in using the ssh client for outbound + connections on this machine, and don't want to log into it at all using + ssh, then you can disable sshd here. +Description-da: Vil du køre sshd-serveren? + Denne pakke indeholder både ssh-klienten og sshd-serveren. + . + Normalt vil sshd sikker skalserver ('Secure Shell Server') blive aktiveret + og tillade fjerne brugere i at logge på via ssh. + . + Hvis du udelukkende er interesseret i at bruge ssh-klienten til udgående + forbindelser fra denne maskine, og ikke ønsker at tilgå denne maskine + udefra via ssh, kan du nu deaktivere sshd. diff --git a/debian/templates.de b/debian/templates.de new file mode 100644 index 000000000..5feb24cd9 --- /dev/null +++ b/debian/templates.de @@ -0,0 +1,95 @@ +Template: ssh/use_old_init_script +Type: boolean +Default: false +Description: Do you want to continue (and risk killing active ssh sessions) ? + The version of /etc/init.d/ssh that you have installed, is likely to kill + all running sshd instances. If you are doing this upgrade via an ssh + session, that would be a Bad Thing(tm). + . + You can fix this by adding "--pidfile /var/run/sshd.pid" to the + start-stop-daemon line in the stop section of the file. +Description-de: Wollen Sie weitermachen (und das Killen der Session riskieren)? + Die Version von /etc/init.d/ssh, die Sie installiert haben, wird + vermutlich Ihre aktiven ssh-Instanzen killen. Wenn Sie das Upgrade + via ssh erledigen, dann ist das ein Problem. + . + Sie können das Problem beheben, indem sie "--pidfile /var/run/sshd.pid" + an die start-stop-daemon Zeile in dem Bereich stop der Datei + /etc/init.d/ssh ergänzen. + +Template: ssh/forward_warning +Type: note +Description: NOTE: Forwarding of X11 and Authorization disabled by default. + For security reasons, the Debian version of ssh has ForwardX11 and + ForwardAgent set to ``off'' by default. + . + You can enable it for servers you trust, either + in one of the configuration files, or with the -X command line option. + . + More details can be found in /usr/share/doc/ssh/README.Debian +Description-de: HINWEIS: Forwarden von X11 und Authorisierung ist abgeschaltet. + Aus Sicherheitsgründen sind die Debian Pakete von ssh ForwardX11 und + ForwardAgent auf "off" gesetzt. + . + Sie können dies für Server, denen Sie trauen, entweder per Eintrag in + die Konfigurations Dateien oder per Kommando-Zeilen Option -X ändern. + . + Weitere Details koennen Sie in /usr/share/doc/ssh/README.Debian finden. + +Template: ssh/insecure_rshd +Type: note +Description: Warning: rsh-server is installed --- probably not a good idea + having rsh-server installed undermines the security that you were probably + wanting to obtain by installing ssh. I'd advise you to remove that package. +Description-de: Warnung: rsh-server ist installiert --- möglicherweise + ist es eine schlechte Idee, den rsh-server installiert zu haben, da er + die Sicherheit untergräbt. Wir empfehlen, das Paket zu entfernen. + +Template: ssh/insecure_telnetd +Type: note +Description: Warning: telnetd is installed --- probably not a good idea + I'd advise you to either remove the telnetd package (if you don't actually + need to offer telnet access) or install telnetd-ssl so that there is at + least some chance that telnet sessions will not be sending unencrypted + login/password and session information over the network. +Description-de: Warnung: telnetd ist installiert --- schlechte Idee + Wir empfehlen das telnetd Paket zu entfernen (falls Sie keinen telnet Zugang + anbieten) oder telnetd-ssl zu installieren, so daß Sie verhindern können, + daß Login und Password unverschlüsselt durch das Netz gesendet + werden. + +Template: ssh/encrypted_host_key_but_no_keygen +Type: note +Description: Warning: you must create a new host key + There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. + OpenSSH can not handle this host key file, and I can't find the + ssh-keygen utility from the old (non-free) SSH installation. + . + You will need to generate a new host key. +Description-de: Warnung: Sie müssen einen neuen Host Key erzeugen + Es existiert eine alte Variante von /etc/ssh/ssh_host_key welche + per IDEA verschlüsselt ist. OpenSSH kann eine solche Host Key Datei + nicht lesen und ssh-keygen von der alten (nicht-freien) ssh Installation + kann nicht gefunden werden. + +Template: ssh/run_sshd +Type: boolean +Default: true +Description: Do you want to run the sshd server ? + This package contains both the ssh client, and the sshd server. + . + Normally the sshd Secure Shell Server will be run to allow remote + logins via ssh. + . + If you are only interested in using the ssh client for outbound + connections on this machine, and don't want to log into it at all + using ssh, then you can disable sshd here. +Description-de: Möchten Sie den sshd Server starten? + Das Paket enthält sowohl den Client als auch den sshd Server. + . + Normal wird der sshd Secure Shell Server für Remote Logins per ssh + gestartet. + . + Wenn Sie nur den ssh client nutzen wollen, um sich mit anderen Rechnern + zu verbinden und sich nicht per ssh in diesen Computer einloggen wollen, + dann können Sie hier den sshd abschalten. diff --git a/debian/templates.es b/debian/templates.es new file mode 100644 index 000000000..c3cc971ca --- /dev/null +++ b/debian/templates.es @@ -0,0 +1,207 @@ +Template: ssh/new_config +Type: boolean +Default: true +Description: Generate new configuration file + This version of OpenSSH has a considerably changed configuration file from + the version shipped in Debian 'Potato', which you appear to be upgrading + from. I can now generate you a new configuration file + (/etc/ssh/sshd.config), which will work with the new server version, but + will not contain any customisations you made with the old version. + . + Please note that this new configuration file will set the value of + 'PermitRootLogin' to yes (meaning that anyone knowing the root password + can ssh directly in as root). It is the opinion of the maintainer that + this is the correct default (see README.Debian for more details), but you + can always edit sshd_config and set it to no if you wish. + . + It is strongly recommended that you let me generate a new configuration + file for you +Description-es: Generar un fichero de configuración nuevo + Esta versión de OpenSSH tiene un fichero de configuración muy distinto del + que incluía la versión de 'Potato'. Parece que está actualizando desde esa + versión, por lo que puede generar un nuevo fichero de configuración + (/etc/ssh/sshd.config), que funcionará con la nueva versión del servidor, + pero no tendrá ninguno de los cambios que hubiera hecho a la versión + antigua. + . + Debe saber que este nuevo fichero de configuración pondrá el valor de + 'PermitRootLogin' a "yes" (por lo que root podrá entrar directamente por + ssh). El mantenedor opina que ésta es la opción por defecto más adecuada + (consulte README.Debian para conocer más detalles), pero recuerde que + siempre puede editar sshd_config y cambiarlo. + . + Es muy recomendable generar ahora automáticamente un nuevo fichero de + configuración. + +Template: ssh/protocol2_only +Type: boolean +Default: true +Description: Allow SSH protocol 2 only + This version of OpenSSH supports version 2 of the ssh protocol, which is + much more secure. Disabling ssh 1 is encouraged, however this will slow + things down on low end machines and might prevent older clients from + connecting (the ssh client shipped with "potato" is affected). + . + Also please note that keys used for protocol 1 are different so you will + not be able to use them if you only allow protocol 2 connections. + . + If you later change your mind about this setting, README.Debian has + instructions on what to do to your sshd_config file. +Description-es: Permitir sólo la versión 2 del protocolo SSH + Esta versión de OpenSSH soporta la versión 2 del protocolo ssh, que es + mucho más segura que la anterior. Se recomienda no usar ssh versión 1, + aunque irá más lento en máquinas modestas y puede impedir que se conecten + clientes antiguos, como por ejemplo el cliente de ssh incluido en + "potato". + . + También tenga en cuenta que las claves utilizadas para el protocolo 1 son + diferentes, por lo que no podrá usarlas si únicamente permite conexiones + mediante el protocolo 2. + . + Si cambia de opinión más tarde, el fichero README.Debian contiene + instrucciones sobre qué ha de cambiar en el fichero sshd_config. + +Template: ssh/ssh2_keys_merged +Type: note +Description: ssh2 keys merged in configuration files + As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 + keys. This means the authorized_keys2 and known_hosts2 files are no longer + needed. They will still be read in order to maintain backwards + compatibility +Description-es: Las claves ssh2 ya se incluyen en los ficheros de configuración + A partir de la versión 3, OpenSSH ya no utiliza ficheros diferentes para + las claves ssh1 y ssh2. Esto quiere decir que ya no son necesarios los + ficheros authorized_keys2 y known_hosts2, aunque aún se seguirán leyendo + para mantener compatibilidad hacia atrás. + +Template: ssh/use_old_init_script +Type: boolean +Default: false +Description: Do you want to continue (and risk killing active ssh sessions) ? + The version of /etc/init.d/ssh that you have installed, is likely to kill + all running sshd instances. If you are doing this upgrade via an ssh + session, that would be a Bad Thing(tm). + . + You can fix this by adding "--pidfile /var/run/sshd.pid" to the + start-stop-daemon line in the stop section of the file. +Description-es: ¿Desea continuar, aún a riesgo de matar todas las sesiones ssh? + La versión de /etc/init.d/ssh que tiene instalada, es muy probable que + mate el demonio ssh. Si está actualizando mediante una sesión ssh, puede + no ser muy buena idea. + . + Puede arreglarlo añadiendo "--pidfile /var/run/sshd.pid" a la línea + 'start-stop-daemon' en la sección 'stop' del fichero. + +Template: ssh/forward_warning +Type: note +Description: NOTE: Forwarding of X11 and Authorization disabled by default. + For security reasons, the Debian version of ssh has ForwardX11 and + ForwardAgent set to ``off'' by default. + . + You can enable it for servers you trust, either in one of the + configuration files, or with the -X command line option. + . + More details can be found in /usr/share/doc/ssh/README.Debian +Description-es: NOTA: Reenvío de X11 y Autorización desactivadas por defecto. + Por razones de seguridad, la versión de ssh de Debian tiene por defecto + ForwardX11 y ForwardAgent puestas a ``off''. + . + Puede activar estas opciones para los servidores en los que confíe, en + los ficheros de configuración o con la opción -X en línea de comandos. + . + Puede encontrar más detalles en /usr/share/doc/ssh/README.Debian. + +Template: ssh/insecure_rshd +Type: note +Description: Warning: rsh-server is installed --- probably not a good idea + having rsh-server installed undermines the security that you were probably + wanting to obtain by installing ssh. I'd advise you to remove that + package. +Description-es: Aviso: tiene rsh-server instalado (no es una buena idea) + Tener rsh-server instalado representa un menoscabo de la seguridad que + probablemente desea obtener instalando ssh. Le aconsejaría borrar ese + paquete. + +Template: ssh/insecure_telnetd +Type: note +Description: Warning: telnetd is installed --- probably not a good idea + I'd advise you to either remove the telnetd package (if you don't actually + need to offer telnet access) or install telnetd-ssl so that there is at + least some chance that telnet sessions will not be sending unencrypted + login/password and session information over the network. +Description-es: Aviso: tiene telnetd instalado (no es una buena idea) + Le aconsejaría borrar el paquete telnetd si no necesita realmente + ofrecer acceso mediante telnet o instalar telnetd-ssl para que las + contraseñas, login y demás información de las sesiones telnet no viajen + sin cifrar por la red. + +Template: ssh/encrypted_host_key_but_no_keygen +Type: note +Description: Warning: you must create a new host key + There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH + can not handle this host key file, and I can't find the ssh-keygen utility + from the old (non-free) SSH installation. + . + You will need to generate a new host key. +Description-es: Aviso: debe crear una nueva clave para su servidor + Su sistema tiene un /etc/ssh/ssh_host_key antiguo, que usa cifrado IDEA. + OpenSSH no puede manejar este fichero de claves y tampoco se encuentra la + utilidad ssh-keygen incluida en el paquete ssh no libre. + . + Necesitará generar una nueva clave para su servidor. + +Template: ssh/SUID_client +Type: boolean +Default: true +Description: Do you want /usr/bin/ssh to be installed SUID root? + You have the option of installing the ssh client with the SUID bit set. + . + If you make ssh SUID, you will be able to use Rhosts/RhostsRSA + authentication, but will not be able to use socks via the LD_PRELOAD + trick. This is the traditional approach. + . + If you do not make ssh SUID, you will be able to use socks, but + Rhosts/RhostsRSA authentication will stop working, which may stop you + logging in to remote systems. It will also mean that the source port will + be above 1024, which may confound firewall rules you've set up. + . + If in doubt, I suggest you install it with SUID. If it causes problems + you can change your mind later by running: dpkg-reconfigure ssh +Description-es: ¿Desea hacer que /usr/bin/ssh se ejecute con permisos de root? + Tiene la posibilidad de instalar el cliente ssh setuid root. + . + Instalarlo setuid root le permitirá usar la autentificación + Rhosts/RhostsRSA, pero no podrá usar socks mediante el truco de + LD_PRELOAD. Tradicionalmente, este ha sido el enfoque más habitual. + . + Si no hace ssh setuid, podrá usar socks pero la autentificación + Rhosts/RhostsRSA dejará de funcionar, lo cual le puede impedir el acceso + a sistemas remotos. También significará que el puerto de origen se + encontrará por encima del 1024, lo cual puede confundir a las reglas del + cortafuegos que haya configurado. + . + Si tiene dudas, le sugiero que lo instale sin setuid. Si esto le causa + algún problema puede cambiar posteriormente la configuración ejecutando: + dpkg-reconfigure ssh + +Template: ssh/run_sshd +Type: boolean +Default: true +Description: Do you want to run the sshd server ? + This package contains both the ssh client, and the sshd server. + . + Normally the sshd Secure Shell Server will be run to allow remote logins + via ssh. + . + If you are only interested in using the ssh client for outbound + connections on this machine, and don't want to log into it at all using + ssh, then you can disable sshd here. +Description-es: ¿Quiere ejecutar el servidor sshd? + Este paquete contiene el cliente ssh y el servidor sshd. + . + Generalmente, el servidor de ssh se ejecuta para permitir el acceso + mediante ssh. + . + Si sólo está interesado en usar el cliente ssh en conexiones salientes de + esta máquina, y no quiere acceder a ella mediante ssh, entonces puede + desactivar sshd. diff --git a/debian/templates.fr b/debian/templates.fr new file mode 100644 index 000000000..f23a83ae1 --- /dev/null +++ b/debian/templates.fr @@ -0,0 +1,276 @@ +Template: ssh/privsep_tell +Type: note +Description: Privilege separation + This version of OpenSSH contains the new privilege separation + option. This significantly reduces the quantity of code that runs as + root, and therefore reduces the impact of security holes in sshd. + . + Unfortunately, privilege separation interacts badly with PAM. Any + PAM session modules that need to run as root (pam_mkhomedir, for + example) will fail, and PAM keyboard-interactive authentication + won't work. + . + Privilege separation is turned on by default, so if you decide you + want it turned off, you need to add "UsePrivilegeSeparation no" to + /etc/ssh/sshd_config + . + NB! If you are running a 2.0 series Linux kernel, then privilege + separation will not work at all, and your sshd will fail to start + unless you explicity turn privilege separation off. +Description-fr: La séparation des privilèges + Cette version d'OpenSSH est livrée avec la nouvelle option de + séparation des privilèges. Celà réduit de manière signifiante la + quantité de code s'exéctutant en tant que root, et donc réduit + l'impact des trous de sécurité dans sshd. + . + Malheureusement, la séparation des privilèges intéragit mal avec PAM. + Tous les modules de session PAM ayant besoin d'être exécuté en tant que + root (pam_mkhomedir, par exemple) ne s'exécutera pas, et + l'authentification intéractive au clavier ne fonctionnera pas. + . + La séparation des privilèges est activée par défaut, donc si vous + souhaitez la désactiver, vous devez ajouter «UsePrivilegeSeparation no» + dans /etc/ssh/sshd_config + . + NB! Si vous avez un noyau Linux de la série des 2.0, alors la + séparation des privilèges ne fonctionnera pas, et votre démon sshd ne + se lancera pas jusqu'à ce que vous désactiviez explicitement la + séparation des privilèges. + +Template: ssh/privsep_ask +Type: boolean +Default: true +Description: Enable Privilege separation + This version of OpenSSH contains the new privilege separation + option. This significantly reduces the quantity of code that runs as + root, and therefore reduces the impact of security holes in sshd. + . + Unfortunately, privilege separation interacts badly with PAM. Any + PAM session modules that need to run as root (pam_mkhomedir, for + example) will fail, and PAM keyboard-interactive authentication + won't work. + . + Since you've opted to have me generate an sshd_config file for you, + you can choose whether or not to have Privilege Separation turned on + or not. Unless you are running 2.0 (in which case you *must* say no + here or your sshd won't start at all) or know you need to use PAM + features that won't work with this option, you should say yes here. +Description-fr: Activation de la séparation des privilèges + Cette version d'OpenSSH est livrée avec la nouvelle option de + séparation des privilèges. Celà réduit de manière signifiante la + quantité de code s'exéctutant en tant que root, et donc réduit + l'impact des trous de sécurité dans sshd. + . + Malheureusement, la séparation des privilèges intéragit mal avec PAM. + Tous les modules de session PAM ayant besoin d'être exécuté en tant que + root (pam_mkhomedir, par exemple) ne s'exécutera pas, et + l'authentification intéractive au clavier ne fonctionnera pas. + . + Comme vous souhaitez que je génère le fichier de configuration à votre + place, vous pouvez choisir d'activer ou non l'option de séparation des + privilèges. Si vous utilisez un noyau 2.0 (dans ce cas vous *devez* + répondre non ici ou bien sshd ne se lancera pas) ou bien si vous avez + besoin de fonctionnalités PAM, cela ne fonctionnera pas avec cette + option d'activée, dans le cas contraire vous pouvez dire oui. + +Template: ssh/new_config +Type: boolean +Default: true +Description: Generate new configuration file + This version of OpenSSH has a considerably changed configuration file from + the version shipped in Debian 'Potato', which you appear to be upgrading from. + I can now generate you a new configuration file (/etc/ssh/sshd.config), which + will work with the new server version, but will not contain any customisations + you made with the old version. + . + Please note that this new configuration file will set the value of + 'PermitRootLogin' to yes (meaning that anyone knowing the root password can + ssh directly in as root). It is the opinion of the maintainer that this is + the correct default (see README.Debian for more details), but you can always + edit sshd_config and set it to no if you wish. + . + It is strongly recommended that you let me generate a new configuration file + for you +Description-fr: Génération du fichier de configuration + Cette version d'OpenSSH possède un fichier de configuration + considérablement différent de celui fournit avec la Debian 'Potato', + qui apparement est la version à partir de laquelle vous effectuez la + mise à jour. Je peux générer pour vous un nouveau fichier de + configuration (/etc/ssh/sshd_config), lequel fonctionnera avec la + nouvelle version du serveur, mais ne contiendra aucuns des paramétrages + personnels que vous avaient déjà fait. + . + Notez que le nouveau fichier de configuration mettre l'option + 'PermitRootLogin' à yes (signifiant que toute personne connaissant le + mot de passe root pourra directement se connecter en tant que root). + C'est ce que considère comme option par défaut le mainteneur (voir le + fichier README.Debian pour plus de détails), mais vous pouvez toujours + éditer le fichier sshd_config et mettre la valeur à no si vous le + souhaitez. + . + Il est fortement conseillé de me laisser générer le nouveau fichier de + configuration à votre place. + +Template: ssh/protocol2_only +Type: boolean +Default: true +Description: Allow SSH protocol 2 only + This version of OpenSSH supports version 2 of the ssh protocol, which + is much more secure. Disabling ssh 1 is encouraged, however this + will slow things down on low end machines and might prevent older + clients from connecting (the ssh client shipped with "potato" is affected). + . + Also please note that keys used for protocol 1 are different so you will + not be able to use them if you only allow protocol 2 connections. + . + If you later change your mind about this setting, README.Debian has + instructions on what to do to your sshd_config file. +Description-fr: Permettre seulement la version 2 du protocole SSH + Cette version d'OpenSSH supporte la version 2 du protocole ssh, lequel + étant beaucoup plus sécurisé. Désactiver ssh 1 est conseillé, sinon + cela risque de ralentir les transactions et les machines et cela peut + prévenir de la connexion d'anciens client (le client ssh fournit dans + la «potato» est affecté). + . + De plus, les clés utilisés par la version 1 du protocol sont + différentes et vous ne serez donc plus capable de les utiliser si vous + n'autoriser seulement que les connexions utilisant la version 2 du + protocole. + . + Si vous changez d'avis ultérieurement par rapport à ce point de + configuration, les instructions sur ce que vous devez modifier dans le + fichier sshd_config sont fournies dans le README.Debian. + +Template: ssh/ssh2_keys_merged +Type: note +Description: ssh2 keys merged in configuration files + As of version 3 OpenSSH no longer uses separate files for ssh1 and + ssh2 keys. This means the authorized_keys2 and known_hosts2 files + are no longer needed. They will still be read in order to maintain + backwards compatibility +Description-fr: Agrégation des clés ssh2 dans le fichier de configuration + Étant donné que la version 3 d'OpenSSH n'utilise plus de fichiers + séparé pour les clés ssh1 et ssh2. Cela signifie que les fichier + authorized_key2 et known_hosts2 ne sont plus nécessaires. Ils sont + quand même lus afin de concerver une compatibilité ascendante. + +Template: ssh/use_old_init_script +Type: boolean +Default: false +Description: Do you want to continue (and risk killing active ssh sessions) ? + The version of /etc/init.d/ssh that you have installed, is likely to kill + all running sshd instances. If you are doing this upgrade via an ssh + session, that would be a Bad Thing(tm). + . + You can fix this by adding "--pidfile /var/run/sshd.pid" to the + start-stop-daemon line in the stop section of the file. +Description-fr: Voulez vous continuer (et risquer de rompre les sessions ssh actives) ? + Il est probable que la version de /etc/init.d/ssh installée en ce moment + tue toutes les instances de sshd lancées en ce moment. Si vous faite une + mise à jour via ssh, ca serait une Mauvaise Chose(tm). + . + Vous pouvez corriger /etc/init.d/ssh en ajoutant '--pidfile /var/run/sshd.pid' + a la ligne 'start-stop-daemon' dans la section 'stop' du fichier. + +Template: ssh/forward_warning +Type: note +Description: NOTE: Forwarding of X11 and Authorization disabled by default. + For security reasons, the Debian version of ssh has ForwardX11 and + ForwardAgent set to ``off'' by default. + . + You can enable it for servers you trust, either + in one of the configuration files, or with the -X command line option. + . + More details can be found in /usr/share/doc/ssh/README.Debian +Description-fr: NOTE: Suivi de session X11 et d'agent d'autorisation désactivés par défaut. + Pour des raisons de sécurité, la version Debian de ssh positionne les + options ForwardX11 et ForwardAgent a ``Off'' par défaut. + . + Vous pouvez activer ces options pour les serveurs en lesquels vous avez + confiance, soit dans un des fichiers de configuration, soit avec l'option + -X de la ligne de commande. + . + Plus d'informations sont disponibles dans /usr/share/doc/ssh/README.Debian. + +Template: ssh/insecure_rshd +Type: note +Description: Warning: rsh-server is installed --- probably not a good idea + having rsh-server installed undermines the security that you were probably + wanting to obtain by installing ssh. I'd advise you to remove that package. +Description-fr: Attention: le paquet rsh-server est installé --- ce n'est probablement pas une bonne idée + Avoir un serveur rsh installé affaibli la sécurité que vous vouliez + probablement obtenir en installant ssh. Je vous conseillerais de + déinstaller ce paquet. + +Template: ssh/insecure_telnetd +Type: note +Description: Warning: telnetd is installed --- probably not a good idea + I'd advise you to either remove the telnetd package (if you don't actually + need to offer telnet access) or install telnetd-ssl so that there is at + least some chance that telnet sessions will not be sending unencrypted + login/password and session information over the network. +Description-fr: Attention: le paquet telnetd est installé --- ce n'est probablement pas une bonne idée + Je vous conseillerais de, soit enlever le paquet telnetd (si ce service + n'est pas nécessaire), soit de le remplacer par le paquet telnetd-ssl + pour qu'il y ait au moins une chance que les sessions telnet soient + encryptées et que les mot de passes et logins ne passent pas en clair sur + le réseau. + +Template: ssh/encrypted_host_key_but_no_keygen +Type: note +Description: Warning: you must create a new host key + There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. + OpenSSH can not handle this host key file, and I can't find the + ssh-keygen utility from the old (non-free) SSH installation. + . + You will need to generate a new host key. +Description-fr: Attention: vous devez créer une nouvelle clé d'hôte + Il existe un vieux /etc/ssh/ssh_host_key qui est encrypté avec IDEA. + OpenSSH ne peut utiliser ce fichier de clé, et je ne peux trouver + l'utilitaire ssh-keygen de l'installation précédente (non libre) de SSH. + +Template: ssh/SUID_client +Type: boolean +Default: true +Description: Do you want /usr/lib/ssh-keysign to be installed SUID root? + You have the option of installing the ssh-keysign helper with the SUID + bit set. + . + If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 + host-based authentication. + . + If in doubt, I suggest you install it with SUID. If it causes + problems you can change your mind later by running: dpkg-reconfigure ssh +Description-fr: Souhaitez-vous que /usr/lib/ssh-keysign soit installé avec le bit SETUID root d'activé ? + Vous avez la possibilité d'installer ssh-keysign avec le bit SETIUD + d'activé. + . + Si vous mettez sshèkeysign avec le bit SETUID, vous permettrez + l'authentification basé sur les hôtes de la version 2 du protocole ssh. + . + Dans le doute, je vous suggère de l'installer avec le bit SETUID + d'activé. Si cela vous cause des problèmes vous pourrez revenir sur + votre désicion: dpkg-reconfigure ssh + +Template: ssh/run_sshd +Type: boolean +Default: true +Description: Do you want to run the sshd server ? + This package contains both the ssh client, and the sshd server. + . + Normally the sshd Secure Shell Server will be run to allow remote + logins via ssh. + . + If you are only interested in using the ssh client for outbound + connections on this machine, and don't want to log into it at all + using ssh, then you can disable sshd here. +Description-fr: Voulez vous utiliser le serveur sshd ? + Ce paquet contient a la fois le client ssh et le serveur sshd. + . + Normalement le serveur sshd sera lancé pour permettre les logins distants + via ssh. + . + Si vous désirez seulement utiliser le client ssh pour vous connecter a + distance sur d'autres machines a partir de celle-ci, et que vous ne + voulez pas vous logguer sur cette machine a distance via ssh, alors vous + pouvez désactiver sshd maintenant. diff --git a/debian/templates.ja b/debian/templates.ja new file mode 100644 index 000000000..cdcc829cc --- /dev/null +++ b/debian/templates.ja @@ -0,0 +1,205 @@ +Template: ssh/new_config +Type: boolean +Default: true +Description: Generate new configuration file + This version of OpenSSH has a considerably changed configuration file from + the version shipped in Debian 'Potato', which you appear to be upgrading from. + I can now generate you a new configuration file (/etc/ssh/sshd.config), which + will work with the new server version, but will not contain any customisations + you made with the old version. + . + Please note that this new configuration file will set the value of + 'PermitRootLogin' to yes (meaning that anyone knowing the root password can + ssh directly in as root). It is the opinion of the maintainer that this is + the correct default (see README.Debian for more details), but you can always + edit sshd_config and set it to no if you wish. + . + It is strongly recommended that you let me generate a new configuration file + for you +Description-ja: ¿·¤·¤¤ÀßÄê¥Õ¥¡¥¤¥ë¤òºî¤ê¤Þ¤¹ + OpenSSH ¤Î¤³¤Î¥Ð¡¼¥¸¥ç¥ó¤Ï¡¢Debian 'Potato' ¤Ë´Þ¤Þ¤ì¤Æ¤¤¤ë¥Ð¡¼¥¸¥ç¥ó + (¤¤¤Þ¡¢¤½¤Î¥Ð¡¼¥¸¥ç¥ó¤«¤é¤Î¥Ð¡¼¥¸¥ç¥ó¥¢¥Ã¥×¤ò»î¤ß¤Æ¤¤¤ë¤È¤³¤í) ¤«¤é¡¢ + ÀßÄê¥Õ¥¡¥¤¥ë¤¬ÂçÉý¤ËÊѲ½¤·¤Æ¤¤¤Þ¤¹¡£¤¤¤Þ¡¢¿·¤·¤¤¥Ð¡¼¥¸¥ç¥ó¤Î¥µ¡¼¥Ð¤Ç + »È¤¦¤³¤È¤¬¤Ç¤­¤ë¿·¤·¤¤ÀßÄê¥Õ¥¡¥¤¥ë (/etc/ssh/sshd/config) ¤ò¼«Æ°À¸À® + ¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¤¬¡¢¤½¤Î¥Õ¥¡¥¤¥ë¤Ï¡¢¸Å¤¤¥Ð¡¼¥¸¥ç¥ó¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ë + ´Þ¤Þ¤ì¤ë¤¢¤Ê¤¿¤ÎÀßÄ꤬Á´¤¯´Þ¤Þ¤ì¤Þ¤»¤ó¡£ + . + ¤³¤Î¿·¤·¤¤ÀßÄê¥Õ¥¡¥¤¥ë¤Ï¡¢¡ÖPermitRootLogin¡×¤ò¡Öyes¡×¤ËÀßÄꤷ¤Þ¤¹¡£ + (¤Ä¤Þ¤ê¡¢root ¤Î¥Ñ¥¹¥ï¡¼¥É¤òÃΤäƤ¤¤ë¿Í¤Ê¤éï¤Ç¤âľÀÜ¥í¥°¥¤¥ó¤Ç¤­¤Þ + ¤¹)¡£¤³¤ì¤Ç¤è¤¤¡¢¤È¤¤¤¦¤Î¤¬¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤Î¥á¥ó¥Æ¥Ê¤Î°Õ¸«¤Ç¤¹¤¬ (¾Ü¤· + ¤¯¤Ï README.Debian ¤òÆɤó¤Ç²¼¤µ¤¤)¡¢sshd_config ¤òÊÔ½¸¤·¤Æ¡Öno¡×¤ËÀß + Äꤹ¤ë¤³¤È¤â¤Ç¤­¤Þ¤¹¡£ + . + ¿·¤·¤¤ÀßÄê¥Õ¥¡¥¤¥ë¤ò¼«Æ°À¸À®¤¹¤ë¤³¤È¤ò¶¯¤¯¤ª´«¤á¤·¤Þ¤¹¡£ + +Template: ssh/protocol2_only +Type: boolean +Default: true +Description: Allow SSH protocol 2 only + This version of OpenSSH supports version 2 of the ssh protocol, which + is much more secure. Disabling ssh 1 is encouraged, however this + will slow things down on low end machines and might prevent older + clients from connecting (the ssh client shipped with "potato" is affected). + . + Also please note that keys used for protocol 1 are different so you will + not be able to use them if you only allow protocol 2 connections. + . + If you later change your mind about this setting, README.Debian has + instructions on what to do to your sshd_config file. +Description-ja: SSH ¥×¥í¥È¥³¥ë 2 ¤Î¤ß¤òµö²Ä¤·¤Þ¤¹ + OpenSSH ¤Î¤³¤Î¥Ð¡¼¥¸¥ç¥ó¤Ï¡¢¤º¤Ã¤È°ÂÁ´¤Ê¡¢ssh ¥×¥í¥È¥³¥ë¤Î¥Ð¡¼¥¸¥ç¥ó + 2 ¤ò¥µ¥Ý¡¼¥È¤·¤Æ¤¤¤Þ¤¹¡£ssh 1 ¤ò¶Ø»ß¤¹¤ë¤³¤È¤ò¤ª´«¤á¤·¤Þ¤¹¤¬¡¢ÃÙ¤¤¥Þ + ¥·¥ó¤Ç¤ÏÆ°ºî¤¬ÃÙ¤¯¤Ê¤Ã¤¿¤ê¡¢¸Å¤¤¥¯¥é¥¤¥¢¥ó¥È¤«¤éÀܳ¤Ç¤­¤Ê¤¯¤Ê¤Ã¤¿¤ê + ¤·¤Þ¤¹ ("potato" ¤Î ssh ¥¯¥é¥¤¥¢¥ó¥È¤âÀܳ¤Ç¤­¤Ê¤¯¤Ê¤ê¤Þ¤¹)¡£ + . + ¤Þ¤¿¡¢¥×¥í¥È¥³¥ë 1 ¤Ç»È¤¦¥­¡¼¤Ï°Û¤Ê¤ë¤¿¤á¡¢¥×¥í¥È¥³¥ë 2 ¤òÍ­¸ú¤Ë¤·¤¿ + ¤À¤±¤Ç¤Ï¤½¤Î¥­¡¼¤ò»È¤¦¤³¤È¤¬¤Ç¤­¤Þ¤»¤ó¡£ + . + ¤â¤·º£¸å¤¢¤Ê¤¿¤¬¹Í¤¨¤òÊѤ¨¤¿¤é¡¢README.Debian ¤òÆɤà¤È sshd_config ¤ò + ¤É¤Î¤è¤¦¤ËÊѹ¹¤·¤¿¤é¤è¤¤¤«¤¬Ê¬¤«¤ê¤Þ¤¹¡£ + +Template: ssh/ssh2_keys_merged +Type: note +Description: ssh2 keys merged in configuration files + As of version 3 OpenSSH no longer uses separate files for ssh1 and + ssh2 keys. This means the authorized_keys2 and known_hosts2 files + are no longer needed. They will still be read in order to maintain + backwards compatibility +Description-ja: ssh2 ¥­¡¼¤ÏÀßÄê¥Õ¥¡¥¤¥ë¤ËÅý¹ç¤µ¤ì¤Þ¤¹ + OpenSSH ¤Î¥Ð¡¼¥¸¥ç¥ó 3 ¤Ï¡¢ssh1 ¤È ssh2 ¤Î¥­¡¼¤Ë¸ÄÊ̤Υե¡¥¤¥ë¤ò»È¤¤ + ¤Þ¤»¤ó¡£¤Ä¤Þ¤ê¡¢authorized_keys2 ¥Õ¥¡¥¤¥ë¤È known_hosts2 ¥Õ¥¡¥¤¥ë¤Ï¤â + ¤Ï¤äÉÔÍפȤʤê¤Þ¤·¤¿¡£¸åÊý¸ß´¹À­¤òÊݤĤ¿¤á¤Ë¤Ï¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë¤¬É¬Í× + ¤Ç¤¹¡£ + +Template: ssh/use_old_init_script +Type: boolean +Default: false +Description: Do you want to continue (and risk killing active ssh sessions) ? + The version of /etc/init.d/ssh that you have installed, is likely to kill + all running sshd instances. If you are doing this upgrade via an ssh + session, that would be a Bad Thing(tm). + . + You can fix this by adding "--pidfile /var/run/sshd.pid" to the + start-stop-daemon line in the stop section of the file. +Description-ja: ³¤±¤Æ¤¤¤¤¤Ç¤¹¤« (ÀܳÃæ¤Î ssh ¥»¥Ã¥·¥ç¥ó¤¬ÀÚ¤ì¤ë¤«¤â¤·¤ì¤Þ¤»¤ó) + ¤¤¤Þ¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿ /etc/init.d/ssh ¤Ï¡¢¤ª¤½¤é¤¯¼Â¹ÔÃæ¤Î sshd ¤òÁ´¤Æ + Ää»ß¤µ¤»¤Þ¤¹¡£¤³¤Î¥Ð¡¼¥¸¥ç¥ó¥¢¥Ã¥×¤ò ssh ¥»¥Ã¥·¥ç¥ó¤òÍѤ¤¤Æ¹Ô¤¦¤Î¤Ï´Ö + °ã¤Ã¤¿¤ä¤ê¤«¤¿¤Ç¤¹¡£ + . + ¤³¤Î¾õ¶·¤ò½¤Àµ¤¹¤ë¤Ë¤Ï¡¢/etc/init.d/ssh ¤Î stop ¥»¥¯¥·¥ç¥ó¤Î + start-stop-daemon ¤Î¹Ô¤Ë¡Ö--pidfile /var/run/sshd.pid¡×¤ÈÄɲä·¤Þ¤¹¡£ + +Template: ssh/forward_warning +Type: note +Description: NOTE: Forwarding of X11 and Authorization disabled by default. + For security reasons, the Debian version of ssh has ForwardX11 and + ForwardAgent set to ``off'' by default. + . + You can enable it for servers you trust, either + in one of the configuration files, or with the -X command line option. + . + More details can be found in /usr/share/doc/ssh/README.Debian +Description-ja: Ãí°Õ: X11 ¤Èǧ¾Ú¤Î¥Õ¥©¥ï¡¼¥Ç¥£¥ó¥°¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¶Ø»ß¤µ¤ì¤Þ¤¹ + ¥»¥­¥å¥ê¥Æ¥£¾å¤ÎÍýͳ¤«¤é¡¢Debian ¤Î ssh ¤Ç¤Ï ForwardX11 ¤È + ForwardAgent ¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡Öoff¡×¤ËÀßÄꤵ¤ì¤Þ¤¹¡£ + . + ÀßÄê¥Õ¥¡¥¤¥ë¤ò»È¤Ã¤¿¤ê¡¢-X ¥³¥Þ¥ó¥É¥é¥¤¥ó¥ª¥×¥·¥ç¥ó¤ò»È¤Ã¤¿¤ê¤¹¤ë + ¤³¤È¤Ç¡¢¿®ÍѤǤ­¤ë¥µ¡¼¥Ð¤ËÂФ·¤Æµö²Ä¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£ + . + ¾ÜºÙ¤Ï /usr/share/doc/ssh/README.Debian ¤òÆɤó¤Ç²¼¤µ¤¤¡£ + +Template: ssh/insecure_rshd +Type: note +Description: Warning: rsh-server is installed --- probably not a good idea + having rsh-server installed undermines the security that you were probably + wanting to obtain by installing ssh. I'd advise you to remove that package. +Description-ja: ·Ù¹ð: rsh-server ¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¤¿¤Ö¤óÎɤ¤¹Í¤¨¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó + rsh-server ¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë¤È¡¢¤¢¤Ê¤¿¤¬ ssh ¤Ë¤è¤Ã¤ÆÆÀ¤¿¤¤¤È + »×¤Ã¤Æ¤¤¤ë¤Ç¤¢¤í¤¦¥»¥­¥å¥ê¥Æ¥£¤¬Â»¤Ê¤ï¤ì¤Þ¤¹¡£¤½¤Î¥Ñ¥Ã¥±¡¼¥¸¤ò¥¢¥ó¥¤ + ¥ó¥¹¥È¡¼¥ë¤¹¤ë¤³¤È¤ò¤ª´«¤á¤·¤Þ¤¹¡£ + +Template: ssh/insecure_telnetd +Type: note +Description: Warning: telnetd is installed --- probably not a good idea + I'd advise you to either remove the telnetd package (if you don't actually + need to offer telnet access) or install telnetd-ssl so that there is at + least some chance that telnet sessions will not be sending unencrypted + login/password and session information over the network. +Description-ja: ·Ù¹ð: telnetd ¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¤¿¤Ö¤óÎɤ¤¹Í¤¨¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó + (¤â¤· telnet ¥¢¥¯¥»¥¹¤òÄ󶡤·¤¿¤¤¤È»×¤Ã¤Æ¤¤¤Ê¤¤¤Î¤Ç¤·¤¿¤é) telnetd + ¥Ñ¥Ã¥±¡¼¥¸¤ò¥¢¥ó¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤«¡¢¤Þ¤¿¤Ï¡¢telnetd-ssh ¥Ñ¥Ã¥±¡¼¥¸¤ò + ¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¾¯¤Ê¤¯¤È¤â¥Í¥Ã¥È¥ï¡¼¥¯¾å¤ò°Å¹æ²½¤µ¤ì¤Æ¤¤¤Ê¤¤¥æ¡¼¥¶Ì¾ + ¤ä¥Ñ¥¹¥ï¡¼¥É¤ä¥»¥Ã¥·¥ç¥ó¾ðÊó¤¬Î®¤ì¤Ê¤¤¤è¤¦¤Ë¤¹¤ë¤³¤È¤ò¤ª´«¤á¤·¤Þ¤¹¡£ + +Template: ssh/encrypted_host_key_but_no_keygen +Type: note +Description: Warning: you must create a new host key + There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. + OpenSSH can not handle this host key file, and I can't find the + ssh-keygen utility from the old (non-free) SSH installation. + . + You will need to generate a new host key. +Description-ja: ·Ù¹ð: ¿·¤·¤¤¥Û¥¹¥È¥­¡¼¤òºî¤é¤Ê¤¤¤È¤¤¤±¤Þ¤»¤ó + IDEA ¤Ç°Å¹æ²½¤µ¤ì¤¿¸Å¤¤¥­¡¼¤¬ /etc/ssh/ssh_host_key ¤Ë¤¢¤ê¤Þ¤¹¡£ + OpenSSH ¤Ï¤³¤Î¥Û¥¹¥È¥­¡¼¥Õ¥¡¥¤¥ë¤ò°·¤¨¤Þ¤»¤ó¡£¤Þ¤¿¡¢º£¥¤¥ó¥¹¥È¡¼¥ë + ¤µ¤ì¤Æ¤¤¤ë¸Å¤¤ (¥Õ¥ê¡¼¤Ç¤Ï¤Ê¤¤) SSH ¤Ë¤Ï ssh-keygen ¥æ¡¼¥Æ¥£¥ê¥Æ¥£ + ¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤»¤ó¡£ + . + ¿·¤·¤¤¥Û¥¹¥È¥­¡¼¤òºî¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£ + +Template: ssh/SUID_client +Type: boolean +Default: true +Description: Do you want /usr/bin/ssh to be installed SUID root? + You have the option of installing the ssh client with the SUID bit set. + . + If you make ssh SUID, you will be able to use Rhosts/RhostsRSA + authentication, but will not be able to use socks via the LD_PRELOAD + trick. This is the traditional approach. + . + If you do not make ssh SUID, you will be able to use socks, but + Rhosts/RhostsRSA authentication will stop working, which may stop you + logging in to remote systems. It will also mean that the source + port will be above 1024, which may confound firewall rules you've set up. + . + If in doubt, I suggest you install it with SUID. If it causes + problems you can change your mind later by running: dpkg-reconfigure ssh +Description-ja: /usr/bin/ssh ¤ò SUID root ¤Ç¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¤«? + ssh ¥¯¥é¥¤¥¢¥ó¥È¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ëºÝ¡¢SUID ¥Ó¥Ã¥È¤òÀßÄꤹ¤ë¤«¤·¤Ê¤¤¤« + ¤òÁª¤Ö¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£ + . + SUID ¤òÀßÄꤹ¤ì¤Ð¡¢Rhosts/RhostsRSA ǧ¾Ú¤ò»È¤¦¤³¤È¤¬¤Ç¤­¤Þ¤¹¤¬¡¢ + LD_PRELOAD ¥È¥ê¥Ã¥¯¤òÍѤ¤¤Æ socks ¤ò»È¤¦¤³¤È¤¬¤Ç¤­¤Ê¤¯¤Ê¤ê¤Þ¤¹¡£¤³¤ì + ¤ÏÅÁÅýŪ¤Ê¤ä¤ê¤«¤¿¤Ç¤¹¡£ + . + SUID ¤òÀßÄꤷ¤Ê¤±¤ì¤Ð¡¢socks ¤ò»È¤¦¤³¤È¤¬¤Ç¤­¤Þ¤¹¤¬¡¢Rhosts/RhostRSA + ǧ¾Ú¤¬Æ¯¤«¤Ê¤¯¤Ê¤ê¡¢¥ê¥â¡¼¥È¥·¥¹¥Æ¥à¤Ø¤Î¥í¥°¥¤¥ó¤¬¤Ç¤­¤Ê¤¯¤Ê¤ë¤«¤â¤· + ¤ì¤Þ¤»¤ó¡£¤Þ¤¿¡¢¥½¡¼¥¹¥Ý¡¼¥È¤¬ 1024 °Ê¾å¤È¤Ê¤ê¡¢¤¢¤Ê¤¿¤¬ÀßÄꤷ¤¿¥Õ¥¡ + ¥¤¥¢¥¦¥©¡¼¥ë¤Î¥ë¡¼¥ë¤òº®Í𤵤»¤ë¤«¤â¤·¤ì¤Þ¤»¤ó¡£ + . + ¤â¤·Ê¬¤«¤é¤Ê¤±¤ì¤Ð¡¢SUID ¤òÀßÄꤷ¤¿¾õÂ֤ǥ¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤³¤È¤ò¤ª´«¤á + ¤·¤Þ¤¹¡£¤½¤ì¤Ç¤â¤·²¿¤«ÌäÂ꤬¤¢¤ì¤Ð¡¢dpkg-reconfigure ssh ¤ò¼Â¹Ô¤¹¤ë¤³ + ¤È¤ÇÀßÄê¤òÊѹ¹¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£ + +Template: ssh/run_sshd +Type: boolean +Default: true +Description: Do you want to run the sshd server ? + This package contains both the ssh client, and the sshd server. + . + Normally the sshd Secure Shell Server will be run to allow remote + logins via ssh. + . + If you are only interested in using the ssh client for outbound + connections on this machine, and don't want to log into it at all + using ssh, then you can disable sshd here. +Description-ja: sshd ¥µ¡¼¥Ð¤ò¼Â¹Ô¤·¤Þ¤¹¤«? + ¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤Ï¡¢ssh ¥¯¥é¥¤¥¢¥ó¥È¤È sshd ¥µ¡¼¥Ð¤ÎξÊý¤ò´Þ¤ó¤Ç¤¤¤Þ¤¹¡£ + . + Ä̾sshd ¥»¥­¥å¥¢¥·¥§¥ë¥µ¡¼¥Ð¤Ï¡¢ssh ¤òÍѤ¤¤¿¥ê¥â¡¼¥È¤«¤é¤Î¥í¥°¥¤¥ó + ¤ò²Äǽ¤Ë¤¹¤ë¤¿¤á¤Ë¼Â¹Ô¤·¤Þ¤¹¡£ + . + ¤â¤· ssh ¥¯¥é¥¤¥¢¥ó¥È¤ò»È¤Ã¤Æ¤³¤Î¥Þ¥·¥ó¤«¤é¾¥Þ¥·¥ó¤Ø¤ÈÀܳ¤¹¤ë¤À¤±¤Ç + ¤Ç¡¢¤³¤Î¥Þ¥·¥ó¤Ø¤È ssh ¤ò»È¤Ã¤Æ¥í¥°¥¤¥ó¤·¤Ê¤¤¤Î¤Ç¤·¤¿¤é¡¢¤³¤³¤Ç sshd + ¤ò¼Â¹Ô¤·¤Ê¤¤¤Ç¤ª¤­¤Þ¤¹¡£ + diff --git a/debian/templates.pt_BR b/debian/templates.pt_BR new file mode 100644 index 000000000..2d0b3e1e7 --- /dev/null +++ b/debian/templates.pt_BR @@ -0,0 +1,181 @@ +Template: ssh/upgrade_to_openssh +Type: boolean +Description: Are you sure you want to upgrade to OpenSSH? + This version of ssh (a.k.a. OpenSSH) is supposed to be a 100% compatible + drop in replacement for the original (non-free) implemetation. + . + If you find that it is not, please report the problem as a bug. + . + You can still find the old version of ssh in the ssh-nonfree package + (although the only reason you are likely to want that is if you also + want to install the ssh2 package). + . + NOTE: If you're upgrading a machine remotely, via ssh, make sure you have at + least one other ssh session running as root, and once this is installed, + check that you can still log in (with a third session), before logging out. +Description-pt_BR: Você tem certeza que quer atualizar para o OpenSSH ? + Esta versão do ssh (também conhecida como OpenSSH) é supostamente um + substituto 100% compatível para a implementação original (non-free). + . + Caso você ache que não é, por favor reporte o problema como um bug. + . + Você continuará a encontrar a versão antiga do ssh no pacote ssh-nonfree + (embora a única razão pela qual você queira isso é se você também quer + instalar o pacote ssh2). + . + NOTA: Se você está atualizando uma máquina remotamente, via ssh, + certifique-se que você possui pelo menos outra sessão ssh executando como + root e, uma vez que o pacote esteja instalado, verifique se você continua + podendo se logar (com uma terceira sessão) antes de se desconectar + (logging out). + +Template: ssh/ancient_version +Type: note +Description: You are trying to upgrade from an ancient version of non-free ssh + This is bound to be using IDEA encryption for your identity files. + You should upgrade to a vaguely contemporary (1.2.15 or later) version of + non-free ssh, and then upgrade all your key files using ssh-keygen -u + before attempting to migrate to OpenSSH. + . + Alternatively, you could just forget about that, and generate new keys. +Description-pt_BR: Você está tentando atualizar a partir de uma versão antiga do ssh non-free + Isto está ligado a estar usando encriptação IDEA para seus arquivos de + identidade. Você deverá atualizar para uma versão vagamente contemporânea + (1.2.15 ou superior) do ssh non-free, e então atualizar todos seus + arquivos de chaves usando ssh-keygen -u antes de tentar migrar para + OpenSSH. + . + Alternativamente, você poderia somente esquecer tudo isso e gerar + novas chaves. + +Template: ssh/use_old_init_script +Type: boolean +Description: Do you want to continue (and risk killing active ssh sessions) ? + The version of /etc/init.d/ssh that you have installed, is likely to kill + all running sshd instances. If you are doing this upgrade via an ssh + session, that would be a Bad Thing(tm). + . + You can fix this by adding "--pidfile /var/run/sshd.pid" to the + start-stop-daemon line in the stop section of the file. +Description-pt_BR: Você quer continuar (e arriscar matar sessões ssh ativas) ? + A versão de /etc/init.d/ssh que você possui instalada está prestes a + matar todas as instâncias sshd sendo executadas. Se você está fazendo + esta atualização através de uma sessão ssh, isto seria uma Coisa + Ruim(tm). + . + Você pode corrigir isto adicionando "--pidfile /var/run/sshd.pid" na + linha start-stop-daemon na seção stop deste arquivo. + +Template: ssh/forward_warning +Type: note +Description: NOTE: Forwarding of X11 and Authorization disabled by default. + For security reasons, the Debian version of ssh has ForwardX11 and + ForwardAgent set to ``off'' by default. + . + You can enable it for servers you trust, either + in one of the configuration files, or with the -X command line option. + . + More details can be found in /usr/share/doc/ssh/README.Debian +Description-pt_BR: NOTA: Forwarding de X11 e Authorization desabilitados por padrão. + Por razôes de segurança, a versão Debian do ssh tem as opções ForwardX11 + e ForwardAgent definidas como ``off'' por padrão. + . + Você pode habilitar isso para servidores que você confia, ou em um dos + arquivos de configuração, ou com a opção de linha de comando -X. + . + Maiores detalhes podem ser encontrados em + /usr/share/doc/ssh/README.Debian. + +Template: ssh/insecure_rshd +Type: note +Description: Warning: rsh-server is installed --- probably not a good idea + having rsh-server installed undermines the security that you were probably + wanting to obtain by installing ssh. I'd advise you to remove that package. +Description-pt_BR: Aviso: rsh-server está instalado --- provavelmente não é uma boa idéia + Possuir o rsh-server instalado minará a segurança que você estava + provavelmente querendo obter instalando o ssh. Eu recomendaria a você + remover este pacote. + +Template: ssh/insecure_telnetd +Type: note +Description: Warning: telnetd is installed --- probably not a good idea + I'd advise you to either remove the telnetd package (if you don't actually + need to offer telnet access) or install telnetd-ssl so that there is at + least some chance that telnet sessions will not be sending unencrypted + login/password and session information over the network. +Description-pt_BR: Aviso: telnetd está instalado --- provavelmente não é uma boa idéia + Eu recomendaria a você ou remover o pacote telnetd (se você atualmente + não precisa oferecer acesso telnet) ou instalar telnetd-ssl. Assim existe + pelo menos uma chance das sessões telnet não enviarem login/senha não + encriptados e informações de sessão através da rede. + +Template: ssh/encrypted_host_key_but_no_keygen +Type: note +Description: Warning: you must create a new host key + There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. + OpenSSH can not handle this host key file, and I can't find the + ssh-keygen utility from the old (non-free) SSH installation. + . + You will need to generate a new host key. +Description-pt_BR: Aviso: você deve criar uma nova host key + Existe uma antiga /etc/ssh/ssh_host_key, a qual é encriptada usando IDEA. + O OpenSSH não pode gerenciar este arquivo host key e eu não consigo + encontrar o utilitário ssh-keygen da antiga (non-free) instalação SSH. + . + Você precisará gerar uma nova host key. + +Template: ssh/SUID_client +Type: boolean +Default: false +Description: Do you want /usr/bin/ssh to be installed SUID root? + You have the option of installing the ssh client with the SUID bit set. + . + If you make ssh SUID, you will be able to use Rhosts/RhostsRSA + authentication, but will not be able to use socks via the LD_PRELOAD + trick. This is the traditional approach. + . + If you do not make ssh SUID, you will be able to use socks, but + Rhosts/RhostsRSA authentication will stop working, which may stop you + logging in to remote systems. It will also mean that the source + port will be above 1024, which may confound firewall rules you've set up. + . + If in doubt, I suggest you install it without SUID. If it causes + problems you can change your mind later by running: dpkg-reconfigure ssh +Description-pt_BR: Você quer que /usr/bin/ssh seja instalado SUID root ? + Você tem a opção de instalar o cliente ssh com o bit SUID setado. + . + Se você fizer o ssh SUID, você conseguirá usar autenticação + Rhosts/RhostsRSA, mas não será capaz de usar socks através do truque + LD_PRELOAD. Isto é o tradicional. + . + Se você não fizer o ssh SUID, você poderá usar socks, mas a autenticação + Rhosts/RhostsRSA irá parar de funcionar, o que poderá lhe impedir de + logar em sistemas remotos. Isto significará também que a porta fonte + estará acima de 1024, o que poderá confundir regras de firewall que você + tenha definido. + . + Caso esteja em dúvida, eu sugiro a você instalar sem SUID. Se isso causar + problemas você pode mudar sua escolha posteriormente executando: + dpkg-reconfigure ssh. + +Template: ssh/run_sshd +Type: boolean +Default: true +Description: Do you want to run the sshd server ? + This package contains both the ssh client, and the sshd server. + . + Normally the sshd Secure Shell Server will be run to allow remote + logins via ssh. + . + If you are only interested in using the ssh client for outbound + connections on this machine, and don't want to log into it at all + using ssh, then you can disable sshd here. +Description-pt_BR: Você quer executar o servidor sshd ? + Este pacote contém ambos o cliente ssh e o servidor sshd. + . + Normalmente o sshd Secure Shell Server será executado para permitir + logins remotos via ssh. + . + Se você está interessado somente em usar o cliente ssh para conexões + para fora desta máquina, e não quer logar na mesma usando ssh, então você + pode desabilitar o sshd aqui. diff --git a/debian/templates.ru b/debian/templates.ru new file mode 100644 index 000000000..39038ff22 --- /dev/null +++ b/debian/templates.ru @@ -0,0 +1,207 @@ +Template: ssh/upgrade_to_openssh +Type: boolean +Description: Are you sure you want to upgrade to OpenSSH? + This version of ssh (a.k.a. OpenSSH) is supposed to be a 100% compatible + drop in replacement for the original (non-free) implemetation. + . + If you find that it is not, please report the problem as a bug. + . + You can still find the old version of ssh in the ssh-nonfree package + (although the only reason you are likely to want that is if you also + want to install the ssh2 package). + . + NOTE: If you're upgrading a machine remotely, via ssh, make sure you have at + least one other ssh session running as root, and once this is installed, + check that you can still log in (with a third session), before logging out. +Description-ru: ÷Ù Õ×ÅÒÅÎÙ, ÞÔÏ ÈÏÔÉÔÅ ÏÂÎÏ×ÉÔØ OpenSSH? + üÔÁ ×ÅÒÓÉÑ ssh(ÏÎ ÖÅ OpenSSH) Ñ×ÌÑÅÔÓÑ 100%-ÓÏ×ÍÅÓÔÉÍÏÊ Ó ÏÒÉÇÉÎÁÌØÎÏÊ + (ÎÅÓ×ÏÂÏÄÎÏÊ) ÒÅÁÌÉÚÁÃÉÅÊ. + . + åÓÌÉ ×Ù ÏÂÎÁÒÕÖÉÌÉ ÒÁÚÌÉÞÉÅ, ÔÏ, ÐÏÖÁÌÕÊÓÔÁ, ÓÏÏÂÝÉÔÅ Ï ÜÔÏÊ ÏÛÉÂËÅ. + . + ÷Ù ÍÏÖÅÔÅ ÐÏ ÐÒÅÖÎÅÍÕ ÎÁÊÔÉ ÓÔÁÒÕÀ ×ÅÒÓÉÀ ssh × ÐÁËÅÔÅ ssh-nonfree + (ÈÏÔÑ ÄÅÊÓÔ×ÉÔÅÌØÎÏ ÎÅÏÂÈÏÄÉÍÏ ÅÇÏ ÉÓÐÏÌØÚÏ×ÁÔØ ÔÏÌØËÏ, ÅÓÌÉ ×Ù ÈÏÔÉÔÅ + ÕÓÔÁÎÏ×ÉÔØ ÅÝÅ É ÐÁËÅÔ ssh2). + . + ðÒÉÍÅÞÁÎÉÅ: åÓÌÉ ×Ù ÕÄÁÌÅÎÎÏ ÏÂÎÏ×ÌÑÅÔÅ ÍÁÛÉÎÕ ÞÅÒÅÚ ssh, ÔÏ ÕÂÅÄÉÔÅÓØ + ÞÔÏ ËÁË ÍÉÎÉÍÕÍ ÅÝÅ ÏÄÎÁ ÓÅÓÓÉÑ ssh ÚÁÐÕÝÅÎÁ ÏÔ root, É ËÁË ÔÏÌØËÏ + ÐÒÏÃÅÓÓ ÏÂÎÏ×ÌÅÎÉÑ ÚÁËÏÎÞÉÔÓÑ, ÕÂÅÄÉÔÅÓØ, ÞÔÏ ×Ù ÓÍÏÖÅÔÅ ×ÏÊÔÉ × + ÓÉÓÔÅÍÕ (ÕÓÔÁÎÏ×É× ÔÒÅÔØÀ ÓÅÓÓÉÀ), ÐÅÒÅÄ ÔÅÍ ËÁË ÏÔÓÏÅÄÉÎÑÔØÓÑ. + +Template: ssh/protocol2_default +Type: note +Description: SSH uses protocol 2 by default. + This version of SSH (unlike previous ones) uses ssh + protocol version 2 by default. The key file formats have changed + between the protocol versions, so your old key files will not be + useful. You may either pass the '-1' option to ssh to force it to use + the older protocol (and your old keys), or generate new keys. Protocol + version 2 is thought to be more secure, so this is the preferred + course of action. See README.Debian for a little more information + . + Also, due to problems with IPv4 and IPv6 interoperation, IPv4 is now + the default (this is a change from previous versions). Passing ssh the + -6 flag will cause IPv6 addresses to be used. Once the current issues + with using IPv6 on machines with IPv4 addresses have been solved, the + previous default will be restored +Description-ru: SSH ÉÓÐÏÌØÚÕÅÔ ÐÏ ÕÍÏÌÞÁÎÉÀ ÐÒÏÔÏËÏÌ ×ÅÒÓÉÉ 2. + üÔÁ ×ÅÒÓÉÑ SSH (× ÏÔÌÉÞÉÉ ÏÔ ÐÒÅÄÙÄÕÝÉÈ) ÉÓÐÏÌØÚÕÅÔ ÐÏ ÕÍÏÌÞÁÎÉÀ + ÐÒÏÔÏËÏÌ ×ÅÒÓÉÉ 2. ÷ ÜÔÏÊ ×ÅÒÓÉÉ ÐÒÏÔÏËÏÌÁ ÉÚÍÅÎÅÎ ÆÏÒÍÁÔ ÆÁÊÌÏ× + ËÌÀÞÅÊ, ÔÁË ÞÔÏ ×ÁÛÉ ÓÔÁÒÙÅ ËÌÀÞÉ ÓÔÁÎÕÔ ÂÅÓÐÏÌÅÚÎÙÍÉ. ÷Ù ÍÏÖÅÔÅ ÌÉÂÏ + ÕËÁÚÙ×ÁÔØ ÏÐÃÉÀ '-1' ÄÌÑ ssh, ÞÔÏÂÙ ÐÒÉÎÕÄÉÔÅÌØÎÏ ÉÓÐÏÌØÚÏ×ÁÔØ ÂÏÌÅÅ + ÓÔÁÒÕÀ ×ÅÒÓÉÀ ÐÒÏÔÏËÏÌÁ, ÌÉÂÏ ÓÇÅÎÅÒÉÒÕÊÔÅ ÎÏ×ÙÊ ËÌÀÞÉ. ðÒÏÔÏËÏÌ + ×ÅÒÓÉÉ 2 ÂÏÌÅÅ ÚÁÝÉÝÅÎÎÙÊ, É ÐÏÜÔÏÍÕ ÐÒÅÄÏÐÒÅÄÅÌÅÎ ÐÏ ÕÍÏÌÞÁÎÉÀ. óÍ. + ÐÏÄÒÏÂÎÏÓÔÉ × ÆÁÊÌÅ README.Debian. + . + ôÁËÖÅ ÉÚ-ÚÁ ÐÒÏÂÌÅÍ ×ÚÁÉÍÏÓÏÏÔ×ÅÔÓÔ×ÉÑ IPv4 É IPv6, ÓÅÊÞÁÓ ÐÏ + ÕÍÏÌÞÁÎÉÀ ÐÏ ÕÍÏÌÞÁÎÉÀ ÉÓÐÏÌØÚÕÅÔÓÑ IPv4 (× ÏÔÌÉÞÉÉ ÏÔ ÐÒÅÄÙÄÕÝÉÈ + ×ÅÒÓÉÊ). þÔÏÂÙ ÉÓÐÏÌØÚÏ×ÁÔØ IPv6, ÎÁÄÏ ÚÁÄÁÔØ ÆÌÁÇ -6. ëÁË ÔÏÌØËÏ ×ÓÅ + ÓÌÏÖÎÏÓÔÉ Ó ÉÓÐÏÌØÚÏ×ÁÎÉÅÍ IPv6 ÎÁ ÍÁÛÉÎÁÈ Ó ÁÄÒÅÓÁÍÉ IPv4 ÂÕÄÕÔ + ÒÅÛÅÎÙ, ÔÏ ÐÒÅÖÎÅÅ ÐÏ×ÅÄÅÎÉÅ ÐÏ ÕÍÏÌÞÁÎÉÀ ÂÕÄÅÔ ×ÏÓÓÔÁÎÏ×ÌÅÎÏ. + +Template: ssh/ancient_version +Type: note +Description: You are trying to upgrade from an ancient version of non-free ssh + This is bound to be using IDEA encryption for your identity files. + You should upgrade to a vaguely contemporary (1.2.15 or later) version of + non-free ssh, and then upgrade all your key files using ssh-keygen -u + before attempting to migrate to OpenSSH. + . + Alternatively, you could just forget about that, and generate new keys. +Description-ru: ÷Ù ÐÙÔÁÅÔÅÓØ ÏÂÎÏ×ÉÔØ ÄÒÅ×ÎÀÀ ×ÅÒÓÉÀ ËÏÍÍÅÒÞÅÓËÏÇÏ ssh + ïÎÁ ÏÇÒÁÎÉÞÅÎÁ ÉÓÐÏÌØÚÏ×ÁÎÉÅÍ ÛÉÆÒÏ×ÁÎÉÑ IDEA ÄÌÑ ×ÁÛÉÈ ÆÁÊÌÏ× + ÉÄÅÎÔÉÆÉËÁÃÉÉ. òÅËÏÍÅÎÄÕÅÔÓÑ ÏÂÎÏ×ÉÔØ ÂÏÌÅÅ ÓÏ×ÒÅÍÅÎÎÙÅ ×ÅÒÓÉÉ (1.2.15 + ÉÌÉ ÂÏÌÅÅ ÐÏÚÄÎÉÅ) ËÏÍÍÅÒÞÅÓËÏÇÏ ssh, É ÐÏÔÏÍ ÏÂÎÏ×ÉÔØ ×ÁÛÉ ËÌÀÞÅ×ÙÅ + ÆÁÊÌÙ ËÏÍÁÎÄÏÊ `ssh-keygen -u` ÐÅÒÅÄ ÐÏÐÙÔËÏÊ ÐÅÒÅÊÔÉ ÎÁ OpenSSH. + . + ëÁË ×ÁÒÉÁÎÔ, ÍÏÖÅÔÅ ÚÁÂÙÔØ ÏÂÏ ×ÓÅÍ ÜÔÏÍ É ÓÇÅÎÅÒÉÒÏ×ÁÔØ ÎÏ×ÙÅ ËÌÀÞÉ. + +Template: ssh/use_old_init_script +Type: boolean +Description: Do you want to continue (and risk killing active ssh sessions) ? + The version of /etc/init.d/ssh that you have installed, is likely to kill + all running sshd instances. If you are doing this upgrade via an ssh + session, that would be a Bad Thing(tm). + . + You can fix this by adding "--pidfile /var/run/sshd.pid" to the + start-stop-daemon line in the stop section of the file. +Description-ru: ÷Ù ÈÏÔÉÔÅ ÐÒÏÄÏÌÖÉÔØ (ÒÉÓËÕÑ ÐÏÔÅÒÑÔØ ÁËÔÉ×ÎÙÅ ssh-ÓÏÅÄÉÎÅÎÉÑ)? + ÷ÅÒÓÉÑ /etc/init.d/ssh, ËÏÔÏÒÕÀ ×Ù ÕÓÔÁÎÁ×ÌÉ×ÁÅÔÅ, ÍÏÖÅÔ ÕÂÉÔØ ×ÓÅ + ÚÁÐÕÝÅÎÎÙÅ ÐÒÏÃÅÓÓÙ ssh. åÓÌÉ ×Ù ÏÓÕÝÅÓÔ×ÌÑÅÔÅ ÜÔÏ ÏÂÎÏ×ÌÅÎÉÅ ÞÅÒÅÚ + ssh ÓÅÓÓÉÀ, ÔÏ ÜÔÏ ðÌÏÈÁÑ ÷ÅÝØ (tm). + . + üÔÏ ÍÏÖÎÏ ÉÓÐÒÁ×ÉÔØ ÄÏÂÁ×ÌÅÎÉÅÍ "--pidfile /var/run/sshd.pid" × ÓÔÒÏËÅ + start-stop-daemon × ÒÁÚÄÅÌÅ stop ÜÔÏÇÏ ÆÁÊÌÁ. + +Template: ssh/forward_warning +Type: note +Description: NOTE: Forwarding of X11 and Authorization disabled by default. + For security reasons, the Debian version of ssh has ForwardX11 and + ForwardAgent set to ``off'' by default. + . + You can enable it for servers you trust, either + in one of the configuration files, or with the -X command line option. + . + More details can be found in /usr/share/doc/ssh/README.Debian +Description-ru: ðòéíåþáîéå: æÏÒ×ÁÒÄÉÎÇ X11 É Authorization ÚÁÐÒÅÝÅÎ ÐÏ ÕÍÏÌÞÁÎÉÀ. + ðÏ ÐÒÉÞÉÎÁÍ ÂÅÚÏÐÁÓÎÏÓÔÉ, × ×ÅÒÓÉÉ ÄÌÑ Debian ssh ÉÍÅÅÔ ForwardX11 É + ForwardAgent ÕÓÔÁÎÏ×ÌÅÎÎÙÍÉ × ``off'' ÐÏ ÕÍÏÌÞÁÎÉÀ. + . + ÷Ù ÍÏÖÅÔÅ ÒÁÚÒÅÛÉÔØ ÉÈ ÄÌÑ ÓÅÒ×ÅÒÏ×, ËÏÔÏÒÙÍ ÄÏ×ÅÒÑÅÔÅ ÌÉÂÏ × ÏÄÎÏÍ ÉÚ + ÎÁÓÔÒÏÅÞÎÙÈ ÆÁÊÌÏ×, ÉÌÉ ÐÁÒÁÍÅÔÒÏÍ ËÏÍÁÎÄÎÏÊ ÓÔÒÏËÉ -X. + . + äÏÐÏÌÎÉÔÅÌØÕÀ ÉÎÆÏÒÍÁÃÉÀ ÍÏÖÎÏ ÎÁÊÔÉ × /usr/share/doc/ssh/README.Debian + +Template: ssh/insecure_rshd +Type: note +Description: Warning: rsh-server is installed --- probably not a good idea + having rsh-server installed undermines the security that you were probably + wanting to obtain by installing ssh. I'd advise you to remove that package. +Description-ru: ðÒÅÄÕÐÒÅÖÄÅÎÉÅ: ÕÓÔÁÎÏ×ÌÅÎ rsh-server --- ×ÉÄÉÍÏ, ÎÅ ÏÞÅÎØ ÈÏÒÏÛÏ + õÓÔÁÎÏ×ÌÅÎÎÙÊ rsh-server ÓÎÉÖÁÅÔ ÂÅÚÏÐÁÓÎÏÓÔØ, ËÏÔÏÒÕÀ ×Ù ×ÅÒÏÑÔÎÏ + ÈÏÔÉÔÅ ÐÏ×ÙÓÉÔØ ÕÓÔÁÎÁ×ÌÉ×ÁÑ ssh. òÅËÏÍÅÎÄÕÅÔÓÑ ÕÄÁÌÉÔØ ÜÔÏÔ ÐÁËÅÔ. + +Template: ssh/insecure_telnetd +Type: note +Description: Warning: telnetd is installed --- probably not a good idea + I'd advise you to either remove the telnetd package (if you don't actually + need to offer telnet access) or install telnetd-ssl so that there is at + least some chance that telnet sessions will not be sending unencrypted + login/password and session information over the network. +Description-ru: ðÒÅÄÕÐÒÅÖÄÅÎÉÅ: ÕÓÔÁÎÏ×ÌÅÎ telnetd --- ×ÉÄÉÍÏ, ÎÅ ÏÞÅÎØ ÈÏÒÏÛÏ + ñ ÒÅËÏÍÅÎÄÏ×ÁÌ ÂÙ ×ÁÍ ÕÄÁÌÉÔØ ÐÁËÅÔ telnetd (ÅÓÌÉ ×ÁÍ ÄÅÊÓÔ×ÉÔÅÌØÎÏ ÎÅ + ÎÕÖÅÎ ÄÏÓÔÕÐ telnet) ÉÌÉ ÕÓÔÁÎÏ×ÉÔØ telnet-ssl, ÞÔÏÂÙ ÉÍÅÔØ ÈÏÔÑ ÂÙ + ×ÏÚÍÏÖÎÏÓÔØ ÎÅ ÐÅÒÅÄÁ×ÁÔØ ÐÏ ÓÅÔÉ ÎÅÚÁÛÉÆÒÏ×ÁÎÎÙÅ ÉÍÅÎÁ É ÐÁÒÏÌÉ + ÐÏÌØÚÏ×ÁÔÅÌÅÊ É ÐÒÏÞÕÀ ÉÎÆÏÒÍÁÃÉÀ × telnet-ÓÅÓÓÉÑÈ. + +Template: ssh/encrypted_host_key_but_no_keygen +Type: note +Description: Warning: you must create a new host key + There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. + OpenSSH can not handle this host key file, and I can't find the + ssh-keygen utility from the old (non-free) SSH installation. + . + You will need to generate a new host key. +Description-ru: ðÒÅÄÕÐÒÅÖÄÅÎÉÅ: ×Ù ÄÏÌÖÎÙ ÓÏÚÄÁÔØ ÎÏ×ÙÊ ËÌÀÞ ÍÁÛÉÎÙ. + åÓÔØ ÓÔÁÒÙÊ /etc/ssh/ssh_host_key, ËÏÔÏÒÙÊ ÚÁÛÉÆÒÏ×ÁÎ IDEA. OpenSSH ÎÅ + ÍÏÖÅÔ ÒÁÂÏÔÁÔØ Ó ÜÔÉÍ ËÌÀÞÏÍ ÍÁÛÉÎÙ, É Ñ ÎÅ ÍÏÇÕ ÎÁÊÔÉ ÕÔÉÌÉÔÕ + ssh-keygen ÏÔ ÓÔÁÒÏÊ (ÎÅÓ×ÏÂÏÄÎÏÊ) ÉÎÓÔÁÌÌÑÃÉÉ SSH. + . + ÷ÁÍ ÎÁÄÏ ÂÕÄÅÔ ÓÇÅÎÅÒÉÒÏ×ÁÔØ ÎÏ×ÙÊ ËÌÀÞ ÈÏÓÔÁ. + +Template: ssh/SUID_client +Type: boolean +Default: true +Description: Do you want /usr/bin/ssh to be installed SUID root? + You have the option of installing the ssh client with the SUID bit set. + . + If you make ssh SUID, you will be able to use Rhosts/RhostsRSA + authentication, but will not be able to use socks via the LD_PRELOAD + trick. This is the traditional approach. + . + If you do not make ssh SUID, you will be able to use socks, but + Rhosts/RhostsRSA authentication will stop working, which may stop you + logging in to remote systems. It will also mean that the source + port will be above 1024, which may confound firewall rules you've set up. + . + If in doubt, I suggest you install it with SUID. If it causes + problems you can change your mind later by running: dpkg-reconfigure ssh +Description-ru: èÏÔÉÔÅ ÕÓÔÁÎÏ×ÉÔØ /usr/bin/ssh ËÁË SUID root? + ÷Ù ÉÍÅÅÔÅ ×ÏÚÍÏÖÎÏÓÔØ ÕÓÔÁÎÏ×ÉÔØ /usr/bin/ssh Ó ÕÓÔÁÎÏ×ÌÅÎÎÙÍ ÂÉÔÏÍ + SUID. + . + åÓÌÉ ×Ù ÄÅÌÁÅÔÅ ssh SUID, ÔÏ ×Ù ÓÍÏÖÅÔÅ ÉÓÐÏÌØÚÏ×ÁÔØ ÁÕÔÅÎÔÉÆÉËÁÃÉÀ + Rhosts/RhostsRSA, ÎÏ ÎÅ ÓÍÏÖÅÔÅ ÉÓÐÏÌØÚÏ×ÁÔØ socks ÞÅÒÅÚ LD_PRELOAD. + üÔÏ ÔÒÁÄÉÃÉÏÎÎÏÅ ÐÏ×ÅÄÅÎÉÅ. + . + åÓÌÉ ×Ù ÓÄÅÌÁÅÔÅ ssh SUID, ÔÏ ×Ù ÓÍÏÖÅÔÅ ÉÓÐÏÌØÚÏ×ÁÔØ socks, ÎÏ ÚÁÔÏ + ÁÕÔÅÎÔÉÆÉËÁÃÉÑ Rhosts/RhostsRSA ÎÅ ÂÕÄÅÔ ÒÁÂÏÔÁÔØ, ÞÔÏ ÍÏÖÅÔ ÓÄÅÌÁÔØ + ÎÅ×ÏÚÍÏÖÎÙÍ ×ÁÛÕ ÒÅÇÉÓÔÒÁÃÉÀ ÎÁ ÕÄÁÌÅÎÎÙÈ ÓÉÓÔÅÍÁÈ. ôÁËÖÅ ÜÔÏ ÏÚÎÁÞÁÅÔ + ÞÔÏ ÎÏÍÅÒ ÉÓÔÏÞÎÉËÏ×ÏÇÏ ÐÏÒÔÁ ÂÕÄÅÔ ÂÏÌØÛÅ 1024, ÞÔÏ ÍÏÖÅÔ ÎÅ ÎÁÒÕÛÉÔØ + ÒÁÂÏÔÕ ÕÓÔÁÎÏ×ÌÅÎÎÙÈ ×ÁÍÉ ÐÒÁ×ÉÌ ÆÁÊÒ×ÏÌÁ. + . + åÓÌÉ ×Ù ÎÅ ÚÎÁÅÔÅ, ÞÔÏ ÒÅÛÉÔØ, ÔÏ ÒÅËÏÍÅÎÄÕÅÔÓÑ ÕÓÔÁÎÏ×ÉÔØ ÅÇÏ Ó ÂÉÔÏÍ + SUID. åÓÌÉ ×Ù ÐÏÔÏÍ ÐÅÒÅÄÕÍÁÅÔÅ, ÔÏ ÜÔÕ ÕÓÔÁÎÏ×ËÕ ÍÏÖÎÏ ÂÕÄÅÔ ÉÚÍÅÎÉÔØ + ËÏÍÁÎÄÏÊ: "dpkg-reconfigure ssh". + +Template: ssh/run_sshd +Type: boolean +Default: true +Description: Do you want to run the sshd server ? + This package contains both the ssh client, and the sshd server. + . + Normally the sshd Secure Shell Server will be run to allow remote + logins via ssh. + . + If you are only interested in using the ssh client for outbound + connections on this machine, and don't want to log into it at all + using ssh, then you can disable sshd here. +Description-ru: èÏÔÉÔÅ ÚÁÐÕÓÔÉÔØ ÓÅÒ×ÅÒ sshd? + üÔÏÔ ÐÁËÅÔ ÓÏÄÅÒÖÉÔ É ssh-ËÌÉÅÎÔ, É ssh-ÓÅÒ×ÅÒ. + . + ïÂÙÞÎÏ sshd Secure Shell Server ÚÁÐÕÓËÁÅÔÓÑ ÄÌÑ ÕÄÁÌÅÎÎÏÇÏ ×ÈÏÄÁ × + ÒÅÇÉÓÔÒÁÃÉÉ × ÓÉÓÔÅÍÅ ÞÅÒÅÚ ssh. + . + åÓÌÉ ×ÁÓ ÉÎÔÅÒÅÓÕÅÔ ÔÏÌØËÏ ÉÓÐÏÌØÚÏ×ÁÎÉÅ ssh-ËÌÉÅÎÔÁ ÄÌÑ ÉÓÈÏÄÑÝÉÈ + ÓÏÅÄÉÎÅÎÉÊ Ó ÜÔÏÊ ÍÁÛÉÎÙ, É ×Ù ÎÅ ÈÏÔÉÔÅ ×ÈÏÄÉÔØ × ÅÅ ÓÉÓÔÅÍÕ ÞÅÒÅÚ + ssh, ÔÏ ×Ù ÍÏÖÅÔÅ ÓÅÊÞÁÓ ÚÁÐÒÅÔÉÔØ sshd. -- cgit v1.2.3