From owner-FreeBSD-users-jp@jp.FreeBSD.org Tue Feb 11 01:01:46 2003
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id h1AG1k958085;
	Tue, 11 Feb 2003 01:01:46 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from neutron.pharm.tohoku.ac.jp (neutron.pharm.tohoku.ac.jp [130.34.222.180])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id h1AG1kJ58080
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 11 Feb 2003 01:01:46 +0900 (JST)
	(envelope-from okubo@neutron.pharm.tohoku.ac.jp)
Received: from [10.0.1.13] ([133.30.103.209])
	by neutron.pharm.tohoku.ac.jp (8.12.6/8.12.6/T.Hoshi_021211) with SMTP id h1AG1icV004643
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 11 Feb 2003 01:01:45 +0900 (JST)
Message-Id: <200302101601.h1AG1icV004643@neutron.pharm.tohoku.ac.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
From: okubo@neutron.pharm.tohoku.ac.jp (Susumu Okubo)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
X-Mailer: Eudora-J(1.3.8.8r6-J16)
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Tue, 11 Feb 2003 01:01:45 +0900
X-Sequence: FreeBSD-users-jp 73386
Subject: [FreeBSD-users-jp 73386] security setting SSH, netatalk
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: okubo@neutron.pharm.tohoku.ac.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+030107

$B$3$s$P$s$O!"(BFreeBSD$B$N%G%U%)%k%H%$%s%9%H!<%k$G;H$C$F$$$F(B
$B0J2<$N$h$&$J>I>u$GG:$s$G$$$^$9!#(B


1) ssh telnet $B$G%"%/%;%9$7$h$&$H$7$?$H$-$K!"F1$8%M%C%H%o!<%/%;%0%a%s%H$+$i$O(B
$B%"%/%;%9$G$-$k$,!"JL$N%;%0%a%s%H$+$i$O%"%/%;%9$G$-$J$$!#(B

2) Netatalk$B$r;H$C$F(Bmac$B$H$N%U%!%$%k6&M-$r$7$h$&$H$7$F$^$9$,!"(BEthertalk phase 2
$B$G(BIP $B%"%I%l%9$r;XDj$7$F$d$l$P%"%/%;%9$G$-$k$H$3$m$,!"JL$N%M%C%H%o!<%/%;%0%a%s%H(B
$B$+$i$O%"%/%;%9$G$-$J$$$N$G$9!#(B

/etc/rc.config:
defaultrouter="123.456.890.254"
hostname="e3.lit.dokoka-u.ac.jp"
ifconfig_rl0="inet 123.456.890..203  netmask 255.255.255.0"
kern_securelevel_enable="NO"
keyrate="fast"
nfs_reserved_port_only="YES"
sendmail_enable="YES"
sshd_enable="YES"
# -- sysinstall generated deltas -- # Thu Jan 30 13:08:00 2003
ifconfig_rl1="inet 10.0.1.210  netmask 255.255.255.0"
defaultrouter="10.0.1.1"

$B$3$l$O(Behter 2$BKg:9$7$G(B firewall$B$NFbB&$H30B&$K(Bport$B$r;}$C$F$$$^$9!#(B
IP$B$?$?$/;~$O!"(Bin house$B$+$i(Bfirewall$B$rDL$C$F%"%/%;%9$7$F$$$k$3$H$K$J$C$F$$$^$9!#(B


/usr/local/etc/atalkd.conf:
rl1 -phase 2 -net 0-65534 -addr 65280.251

in house$BB&$@$1!"%;%l%/%?!<$G8+$($k$h$&$K$7$F$$$^$9!#(BIP$B$+$i$N%"%/%;%9$O30B&(B
$B$+$i$N%"%/%;%9$H$J$j$^$9!#(B

$B:G=i(Btcp wrapper$B$N$;$$$+$J!)$H;W$C$?$N$G$9$,!"(B

/etc/hosts.allow
/etc/hosts.equiv

$B$O!"%G%U%)%k%H$N$^$^$J$N$G!"$I$3$+$i%"%/%;%9=PMh$k$O$:$J$N$G$9$,!#!#!#(B
$B$=$l$H(Bnetatalk$B$NJ}$G$9$,!"(Blog$B$G$J$K$+$o$+$i$s$+$J!)$H;W$C$?$N$G$9$,!"(B
$BA4$/(Blog$B$r$O$$$F$/$l$J$$$7!"(Blog$B$N@_Dj$,ITL@$J$N$G;j$C$F$*$j$^$;$s!#(B

netatalk$B$N0N$$?M!"$$$i$C$7$c$$$^$7$?$i$h$m$7$/$*4j$$$$$?$7$^$9!#(B



#  Susumu Okubo          /co Dr. Hoshi Dept. Pharm. Tohoku Univ.            #
#  Molecular Photoscience Research Center and Department of Physics         #
#  Kobe Univ., 1-1 Rokkodai, Nada, Kobe 657-8501, JAPAN                     #

