From owner-FreeBSD-users-jp@jp.freebsd.org  Tue Apr 20 14:58:11 1999
Received: by jaz.jp.freebsd.org (8.9.2+3.1W/8.7.3) id OAA07339;
	Tue, 20 Apr 1999 14:58:11 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from nirvana.ntt-itn.co.jp (nirvana.ntt-itn.co.jp [192.47.161.25])
	by jaz.jp.freebsd.org (8.9.2+3.1W/8.7.3) with ESMTP id OAA07333
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 20 Apr 1999 14:58:08 +0900 (JST)
	(envelope-from akira@nirvana.ntt-itn.co.jp)
Received: from ken.ntt-itn.co.jp (june.ntt-itn.co.jp [192.47.161.3])
	by nirvana.ntt-itn.co.jp (8.9.3+3.2W/3.7W-99030210) with ESMTP id OAA01906
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 20 Apr 1999 14:58:05 +0900 (JST)
Received: from localhost (localhost.ntt-itn.co.jp [127.0.0.1])
	by ken.ntt-itn.co.jp (8.9.3+3.2W/3.7W-1999040110) with ESMTP id OAA01408
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 20 Apr 1999 14:57:34 +0900 (JST)
To: FreeBSD-users-jp@jp.freebsd.org
In-Reply-To: <19990420144116.A22480@amalthea.phys.s.u-tokyo.ac.jp>
References: <17509.924584091@hyperion.st.ryukoku.ac.jp>
	<19990420141358M.takano@crayfish.co.jp>
	<19990420144116.A22480@amalthea.phys.s.u-tokyo.ac.jp>
X-Mailer: Mew version 1.94b23 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19990420145734F.akira@nirvana.ntt-itn.co.jp>
Date: Tue, 20 Apr 1999 14:57:34 +0900
From: FUSEGAWA Akira <akira@nirvana.ntt-itn.co.jp>
X-Dispatcher: imput version 990405(IM114)
Lines: 24
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990405
X-Sequence: FreeBSD-users-jp 41441
Subject: [FreeBSD-users-jp 41441] Re: ssh-1.2.26 security
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: akira@nirvana.ntt-itn.co.jp

$B$U$;$,$o!w(BNTT-itn$B$H?=$7$^$9!#(B
$B$3$&$$$&9M$($b$b$7$+$7$?$i$"$k$N$+$J!"$H;W$C$FEj9F$7$F$_$^$9!#(B

| $BAmEv$?$j967b$H$$$&$N$O<B:]$K(B telnet/ssh $B$r$+$1$F(B
| $B9T$&$N$G$O$J$/$F!"(Blocal $B$K(B $B$?$H$($P(B/etc/passwd $B$N(B password field $B$r(B
| $B;}$C$F$-$F!"(BDES $B$N%k!<%A%s$r%V%s$^$o$7$F9T$$$^$9!#(B
| rc5-64 cracking contest $B8+$F$_$^$7$g$&!#(B
| $B%M%C%H%o!<%/7PM3$G!"K\J*$NAj<j$G$$$A$$$A(B session $BD%$C$F$$$?$i(B
| 56bit DES $B$G$b;v<B>eIT2DG=$G$9(B(solaris $B$N(B telnet session $B$@$H(B
| $B$5$i$K(B password $B4V0c$($k$4$H$K?tICL2$j$^$9$M(B)$B!#(B

$B$?$+$N$5$s$NJ}K!$G!"(Broot$B$N(Bpassword$B$,9g$C$F$$$k!?$$$J$$$K$+$+$o$i$:(B
$BF1$8%a%C%;!<%8$rI=<($7$F$7$^$&$h$&$K$9$k$H!"$+$($C$F(Bpassword$B$r$h$/(B
$B3P$($F$$$J$$>l9g(B(^^;)$B$G!"$5$i$K(Bremote$B$+$i$N(Broot login$B$r5v2D$7$F$$$k$+(B
$B$I$&$+$b2x$7$$>l9g$J$I$K!"K\Ev$K(Btype$B$7$F$$$k(Bpassword$B$,9g$C$F$$$k$N$+(B
$B$I$&$+$o$+$i$J$/$J$C$F$7$^$&$h$&$J5$$,$9$k$N$G$9$,!D!#(B

$B<B:]$K$OAmEv$?$j967b$O;v<B>eIT2DG=$@$H;W$&$N$G!"$o$?$7$O$=$l$>$l$G0c$&(B
$B%a%C%;!<%8$rI=<($7$F$/$l$?$[$&$,$h$$$H;W$&$N$G$9$,!"$I$&$J$N$G$7$g$&$+!)(B

# root$B$N(Bpassword$B$,$"$d$U$d!"$C$F$$$&E@$K4{$KLdBj$,$"$j$^$9$1$I(B(^^;
--
FUSEGAWA Akira ($BI[;\@n(B $BL@(B)
akira@nirvana.ntt-itn.co.jp
