From owner-FreeBSD-users-jp@jp.freebsd.org  Sat Apr  7 05:23:31 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id FAA28431;
	Sat, 7 Apr 2001 05:23:31 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from lily.finetune.co.jp (lily.finetune.co.jp [210.226.85.226])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id FAA28426
	for <FreeBSD-users-jp@jp.freebsd.org>; Sat, 7 Apr 2001 05:23:30 +0900 (JST)
	(envelope-from lyuka@finetune.co.jp)
Received: from sakura.finetune.co.jp (sakura.finetune.co.jp [192.168.72.34])
	by lily.finetune.co.jp (8.9.3/3.6W) with ESMTP id FAA98454
	for <FreeBSD-users-jp@jp.freebsd.org>; Sat, 7 Apr 2001 05:23:29 +0900 (JST)
Received: from finetune.co.jp by sakura.finetune.co.jp (8.9.3/3.6W-smtp) id FAA29325; Sat, 7 Apr 2001 05:23:27 +0900 (JST)
Message-ID: <3ACE25BE.AE4BFD41@finetune.co.jp>
Date: Sat, 07 Apr 2001 05:23:26 +0900
From: Takayuki Hosoda <lyuka@finetune.co.jp>
Organization: Finetune co., ltd.
X-Mailer: Mozilla 4.76C-ja  [ja] (X11; U; FreeBSD 4.2-RELEASE i386)
X-Accept-Language: ja
MIME-Version: 1.0
To: FreeBSD-users-jp@jp.freebsd.org
References: <4.3.2-J.20010406135032.032cfcc0@zenon.rite.or.jp>
Content-Type: text/plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 60636
Subject: [FreeBSD-users-jp 60636] Re: OpenSSH
 =?ISO-2022-JP?B?GyRCJEskRCQkJEYbKEI=?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: lyuka@sakura.finetune.co.jp

$B:YED(B@$B%U%!%$%s%A%e!<%s$G$9!#(B

>$B#2!%N>%^%7%s$G$H(Bssh-keygen -d$B$r;H$$!"(BDSA$B80$r:n@.$7$^$7$?!#(B
>$B#3!%(BA$B%^%7%s$N!"(B~/.ssh/authorized_keys2$B$K2<5-$N5-=R$r$7$^$7$?!#(B
>$B!!!!(Bkey$B!!(Bkey id_dsa.pub_B($B%^%7%s(BB$B$G:n$C$?(BDSA$B8x3+80(B)
>$B!!!!(Bkey$B!!(Bkey id_dsa.pub_A($B%^%7%s(BB$B$G:n$C$?(BDSA$B8x3+80(B)
>$B!!!!(BB$B%^%7%s$N!"(B~/.ssh/authorized_keys2$B$K2<5-$N5-=R$r$7$^$7$?!#(B
>$B!!!!(Bkey$B!!(Bkey id_dsa.pub_A($B%^%7%s(BA$B$G:n$C$?(BDSA$B8x3+80(B)
>$B!!!!(Bkey$B!!(Bkey id_dsa.pub_B($B%^%7%s(BB$B$G:n$C$?(BDSA$B8x3+80(B)

1)$B%^%7%s(BA$B$N(B $HOME/.ssh/authorized_keys2 $B$K(B
$B%^%7%s(BB$B$N(B $HOME/.ssh/id_dsa.pub $B$r$=$N$^$^DI2C$7$F$^$9$G$7$g$&$+!)(B
$HOME/.ssh/authorized_keys2 $B$NFbMF$O2<$N$h$&$K$J$j$^$9!#(B

  ssh-dss AABBBCC-$BCfN,(B-XXYYZZ= machine_b.foo.ne.jp

$B$3$3$G(B '=' $B$O%$%3!<%k$G$O$J$/%Q%G%#%s%05-9f(B
2)SSH1 $B%W%m%H%3%k$G@\B3$G$-$k$N$J$i$P%^%7%s(BA$B$G2<$N$h$&$K$9$k$N$,4JC1$G(B
$B$9!#(B

  ssh machine_b cat \~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys2

> $B#4!%(BA$B%^%7%s$N(B/usr/ssh/sshd_config$B$r2<5-$N$h$&$K@_Dj$7$^$7$?!#(B

3) /etc/ssh/sshd_config $B$G$7$g$&$+!)(B

> $B#6!%#A%^%7%s$N(Bssh_config$B$r2<5-$N$h$&$K@_Dj$7$^$7$?(B

4) $HOME/.ssh/config $B$G$7$g$&$+!)(B
5) /etc/ssh/ssh_config $B$G$7$g$&$+!)(B

> $B#8!%$3$N>uBV$G%^%7%s(BA$B$h$j(Bslogin$B!!%^%7%s(BB$B$H<B9T$9$k$H2<5-$N$h$&$J%(%i!<(B
> $B$,=PNO$5$l$^$9!#(B
> $B!!!!(BNo DSA host key is known for rite and you have requested strict
>  checking.

strict checking $B$r;XDj$7$F$$$k$K$b4X$i$:(B DSA host key $B$,CN$i$l$F$$$J$$$H(B
$B$N(B
$B$3$H$G$9$N$G!"(B

6) $HOME/.ssh/known_host2 $B$,B8:_$7(B
7) $HOME/.ssh/known_host2 $B$N%Q!<%_%C%7%g%s$,(B 644 $B$K$J$C$F$$$F(B
8) $HOME/.ssh/known_host2 $B$NCf$K(B host-B $B$N%(%s%H%j!<$,B8:_$9$k(B

$B$3$H$r3NG'$7$F$_$F$/$@$5$$!#(B

9) $HOME/.ssh/config $B$,$"$k$N$J$i$P(B

  Host machine_a
  HostName machine_a.foo.or.jp

$B$N5-=R$,$"$l$P@5$7$$$+$I$&$+3NG'$7$F$_$F$/$@$5$$!#(B
10)$B$?$H$($P$3$l$,(B

  Host machine_a
  HostName machine_c.foo.or.jp

$B$N$h$&$KB8:_$9$kB>$N%^%7%s$K$J$C$F$$$k$H!"(B

ssh machine_b $B$r<B9T$7$?$H$-$K(B

  No DSA host key is known for machine_a.foo.or.jp and you have
  requested strict checking.

$B$N$h$&$J%(%i!<%a%C%;!<%8$,=P$F$O$^$k$3$H$,$"$j$^$9!#(B

> $B#9!%%^%7%s#A$h$j!"(Bslogin$B!!(B-v$B!!%^%7%s(BB$B$r<B9T$7$F$H$3$m!"0J2<$N$h$&$J7k(B
> $B2L$G$7$?!#(B

> $B!!!!(BNo DSA host key is known for rite and you have requested strict
>  checking.

> $B#1#0!%$3$N>uBV$G%^%7%s(BB$B$h$j(Bslogin$B!!%^%7%s(BA$B$H<B9T$9$k$H2<5-$N$h$&$J%(%i(B
> $B!<$,=PNO$5$l$^$9!#(B
> $B!!!!(Bssh_exchange_identification: Connection closed by remote host
> $B#1#1!%%^%7%s(BB$B$h$j!"(Bslogin$B!!(B-v$B!!%^%7%s(BB$B$r<B9T$7$F$H$3$m!"0J2<$N$h$&$J7k(B
> $B2L$G$7$?!#(B

> $B!!!!(Bdebug1: unknown identity file /export/home/tetuya/.ssh/identity
> $B!!!!(Bdebug1: identity file /export/home/tetuya/.ssh/identity type -1
> $B!!!!(Bdebug1: unknown identity file /export/home/tetuya/.ssh/id_dsa
> $B!!!!(Bdebug1: identity file /export/home/tetuya/.ssh/id_dsa type -1
> $B!!!!(Bdebug1: ssh_exchange_identification: You are not welcome to use
> sshd from rite.

$B:G=i$K(B 1) $B$G=q$$$?$3$H$,5$$K$J$j$^$9!#(B

11) $BB>$K!"(B/etc/ssh/, $HOME/.ssh/ $B$N2<$N%U%!%$%k$,(B others write,
group write $B$J$I$N%Q!<%_%C%7%g%s$,$D$$$F$J$$$+$b%A%'%C%/$7$F$_$F$/$@$5(B
$B$$!#(B

/etc/ssh/ $B$N2<$N(B ssh_host_dsa_key, ssh_host_key, 
$HOME/.ssh/ $B$N2<$N(B identity, id_dsa
$B$N%Q!<%_%C%7%g%s$O(B 400 $B$^$?$O(B 600 $B$K$J$C$F$^$9$G$7$g$&$+!)(B
($BDL>o$O4m81$J%Q!<%_%C%7%g%s$,@_Dj$5$l$F$$$k$HF0:n$7$J$$(B)

$B$$$m$$$m30$7$F$k$+$b$7$l$^$;$s$,!"$4;29M$K$J$l$P$H;W$$$^$9!#(B

---------------------------------
$B:YED(B $BN4G7(B lyuka@finetune.co.jp
http://www.finetune.co.jp/~lyuka/
