From owner-FreeBSD-users-jp@jp.FreeBSD.org Thu Sep 11 16:00:00 2003
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id h8B700P40244;
	Thu, 11 Sep 2003 16:00:00 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from home.kawasaki3.org (home.kawasaki3.org [61.206.116.61])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with SMTP/inet id h8B6xxw40211
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Thu, 11 Sep 2003 15:59:59 +0900 (JST)
	(envelope-from kawasaki@kawasaki3.org)
Received: (qmail 96160 invoked from network); 11 Sep 2003 15:59:58 +0900
Received: from unknown (HELO localhost) (kawasaki@211.14.2.57)
  by home.kawasaki3.org with SMTP; 11 Sep 2003 15:59:58 +0900
Message-Id: <20030911.155955.74755462.kawasaki@kawasaki3.org>
To: FreeBSD-users-jp@jp.FreeBSD.org
From: moto kawasaki <kawasaki@kawasaki3.org>
In-Reply-To: <A25A63D0-E41E-11D7-A9B5-0050E43AA030@mac.com>
References: <52FB131E-E416-11D7-920E-00039369015E@jmail.plala.or.jp>
	<A25A63D0-E41E-11D7-A9B5-0050E43AA030@mac.com>
X-Face: )._4~w!_D$r6qNS0+;nS|]WNeI4f3o)QnH[ItB[esXuc$~hQ$.,?}$SnLe/[24Hao%^q/Is
 'SJtZe#21h;7z;q+iyj[^%7\46.Gg-t7.px<}L-f_:P+6i4-a{DIL[
X-Mailer: Mew version 4.0.58 on Emacs 21.2 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Multipart/Mixed;
 boundary="--Next_Part(Thu_Sep_11_15:59:55_2003_586)--"
Content-Transfer-Encoding: 7bit
X-Bogosity: No, tests=bogofilter, spamicity=0.000000, version=0.13.7.2
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Thu, 11 Sep 2003 15:59:55 +0900
X-Sequence: FreeBSD-users-jp 76203
Subject: [FreeBSD-users-jp 76203] Re: ssh =?ISO-2022-JP?B?GyRCJEcbKEI=?=
 root =?ISO-2022-JP?B?GyRCJEclbSUwJSQlcxsoQg==?= 
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: kawasaki@kawasaki3.org
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+030902

----Next_Part(Thu_Sep_11_15:59:55_2003_586)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit


$B;n$7$F$_$^$7$?!#(B


$B=)>l(B $B?-Fs(B <syng1@mac.com> wrote at Thu, 11 Sep 2003 15:10:25 +0900
    regarding [FreeBSD-users-jp 76202] Re: ssh $B$G(B root $B$G%m%0%$%s(B 

syng1> On 2003.9.11, at 02:10  PM, sigure@jmail.plala.or.jp wrote:
syng1> > 4.8$B$J$i$P@.8y$7$?$N$G$9$,$d$O$j(B5.1$B$G$O@.8y$7$^$;$s(B
syng1> > 4.8$B$G(Broot$B%m%0%$%s$G$-$?(Bsshd_config$B%U%!%$%k$rMQ$$$F$bBLL\$G$7$?(B

syng1> sshd_config$B$K$F(B
syng1> 	PermitRootLogin  yes
syng1> $B$H$7$F$_$?$i$I$&$J$j$^$9$+(B?  $B!J(BSIGHUP$B$r$*K:$l$J$/!#!K(B
syng1> $B$b$7!"$3$l$G(BOK$B$G$"$l$P!"(Bsshd$B$N(Bdefault$B$,JQ$o$C$?$N$G$7$g$&!#(B

$B<j85$N5!3#$O(B FreeBSD 5.1-RELEASE $B$G$9$,!"(B

    /usr/sbin/sshd -b 2048 -e -f /etc/ssh/sshd_config -g 120 -k 1200 -p 13220 \
                   -D -4

$B$GE:IU$N$h$&$J!J$H8@$C$F$b$[$H$s$I(B default $B$N$^$^$N$O$:$G$9$,!K(B
/etc/ssh/sshd_config $B$G;n$7$^$7$?!#(B

$BJL$N5!3#$+$i(B ssh -l root this.machine.example.com $B$H$9$k$H(B Password: $B$r?V$+$l!"(B
root $B$N%Q%9%o!<%I$rEjF~$7$F(B login $B$G$-$^$7$?!#(B

PermitRootLogin $B$r(B no $B$KJQ99$7$F!J(Bkill -hup $B$b!K;n$9$H!"(BPassword: $B$O?V$+$l$k$b(B
$B$N$N!"@5$7$$%Q%9%o!<%I$rEjF~$7$F$b(B Password: $B%W%m%s%W%H$,JV$j!"(B

$ ssh -l root this.machine.example.com
Password:
Password:
Password:
Received disconnect from 61.206.116.61: 2: Too many authentication failures for root

$B$H$J$j$^$7$?!#(B


moto kawasaki <kawasaki@kawasaki3.org>


----Next_Part(Thu_Sep_11_15:59:55_2003_586)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="sshd_config"

#	$OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $
#	$FreeBSD: src/crypto/openssh/sshd_config,v 1.32 2003/04/23 17:10:53 des Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

# Note that some of FreeBSD's defaults differ from OpenBSD's, and
# FreeBSD has a few additional options.

#VersionAddendum FreeBSD-20030423

#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 120
PermitRootLogin yes
#StrictModes yes

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile	.ssh/authorized_keys

# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable PAM authentication
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

#AFSTokenPassing no

# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no

#X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes

#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no

# override default of no subsystems
Subsystem	sftp	/usr/libexec/sftp-server

----Next_Part(Thu_Sep_11_15:59:55_2003_586)----
