From owner-FreeBSD-users-jp@jp.FreeBSD.org Tue Feb 11 02:03:32 2003
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id h1AH3Wx15006;
	Tue, 11 Feb 2003 02:03:32 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from dns1.netforce.ne.jp (dns1.netforce.ne.jp [218.222.227.18])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id h1AH3VJ14999
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Tue, 11 Feb 2003 02:03:31 +0900 (JST)
	(envelope-from ohba@netforce.ne.jp)
Received: from nt.priv.netforce.ne.jp (nt.priv.netforce.ne.jp [192.168.0.3])
	(authenticated bits=0)
	by dns1.netforce.ne.jp (8.12.6/8.12.6) with ESMTP id h1AH3T8E076683
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Tue, 11 Feb 2003 02:03:29 +0900 (JST)
Message-Id: <200302101703.AA02240@nt.priv.netforce.ne.jp>
From: Masashi Ohba <ohba@netforce.ne.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
In-Reply-To: <200302101601.h1AG1icV004643@neutron.pharm.tohoku.ac.jp>
References: <200302101601.h1AG1icV004643@neutron.pharm.tohoku.ac.jp>
MIME-Version: 1.0
X-Mailer: AL-Mail32 Version 1.13
Content-Type: text/plain; charset=iso-2022-jp
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Tue, 11 Feb 2003 02:03:28 +0900
X-Sequence: FreeBSD-users-jp 73388
Subject: [FreeBSD-users-jp 73388] Re: security setting SSH, netatalk
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: ohba@netforce.ne.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+030107

$BBg>l$G$9!#(B

$B!t@N$O$*@$OC$K$J$j$^$7$?(B($B>P(B)
$B!t$7$P$i$/9T$C$F$^$;$s$,(BIMR$B$N%9%?%C%U$b$+$J$jBX$o$C$?$_$?$$$G!D(B
$B!t:#G/G/CK$G$9$,!"$=$m$=$m@gBf$KLa$m$&$+$H!D(B

In message "[FreeBSD-users-jp 73386] security setting SSH, netatalk",Susumu Okubo wrote...

>1) ssh telnet $B$G%"%/%;%9$7$h$&$H$7$?$H$-$K!"F1$8%M%C%H%o!<%/%;%0%a%s%H$+$i$O(B
>$B%"%/%;%9$G$-$k$,!"JL$N%;%0%a%s%H$+$i$O%"%/%;%9$G$-$J$$!#(B

$BJL%;%0%a%s%H$NL>A02r7h$J$s$+$O(BOK$B$G$9$+!)(B
telnet$B$b(Bssh$B$b!"L>A02r7h$,$A$c$s$H=PMh$F$J$$$H(B
$B$D$J$2$J$$$h$&$J@_Dj$,%G%U%)%k%H$@$C$?$h$&$J!D(B
$B$=$l$HJL%;%0%a%s%H$OFbB&!)30B&!)(B


>2) Netatalk$B$r;H$C$F(Bmac$B$H$N%U%!%$%k6&M-$r$7$h$&$H$7$F$^$9$,!"(BEthertalk phase 2
>$B$G(BIP $B%"%I%l%9$r;XDj$7$F$d$l$P%"%/%;%9$G$-$k$H$3$m$,!"JL$N%M%C%H%o!<%/%;%0%a%s%H(B
>$B$+$i$O%"%/%;%9$G$-$J$$$N$G$9!#(B

$B$3$l$bJL%;%0%a%s%H$OFbB&!)30B&!)(B


>/etc/rc.config:
>defaultrouter="123.456.890.254"
>hostname="e3.lit.dokoka-u.ac.jp"
>ifconfig_rl0="inet 123.456.890..203  netmask 255.255.255.0"
>kern_securelevel_enable="NO"
>keyrate="fast"
>nfs_reserved_port_only="YES"
>sendmail_enable="YES"
>sshd_enable="YES"
># -- sysinstall generated deltas -- # Thu Jan 30 13:08:00 2003
>ifconfig_rl1="inet 10.0.1.210  netmask 255.255.255.0"
>defaultrouter="10.0.1.1"
>

$B$"$l!)(B
defaultrouter$B$,(B2$B$DM-$k$s$G$9$1$I!D(B
$B$3$&$$$&;~$C$F$I$C$AM-8z$J$s$@$m$&!)(B

$B>e=q$-$5$l$F8eJ}$,M-8z$@$C$?$j$9$k$H!"(B
$B%0%m!<%P%kB&$+$i%Q%1%C%H<u$1$F(B
$B%W%i%$%Y!<%HB&$K=P$F9T$C$?$j$7$^$;$s$+!)!d(B10.0.1.1


>$B$3$l$O(Behter 2$BKg:9$7$G(B firewall$B$NFbB&$H30B&$K(Bport$B$r;}$C$F$$$^$9!#(B
>IP$B$?$?$/;~$O!"(Bin house$B$+$i(Bfirewall$B$rDL$C$F%"%/%;%9$7$F$$$k$3$H$K$J$C$F$$$^$9!#(B

natd_enable="YES"
gateway_enable="YES"
$B$J$s$+$O$7$F$J$$$s$G$9$M!#(B
$B$3$l$@$H!"%G%e%"%k%[!<%`$K$O$J$C$F$k$1$I(B
$BFbB&$H30B&$GDL?.$G$-$J$$$h$&$J5$$,!D(B
$B$3$&$$$&@_Dj$G$$$$$G$9$+!)(B


>netatalk$B$N0N$$?M!"$$$i$C$7$c$$$^$7$?$i$h$m$7$/$*4j$$$$$?$7$^$9!#(B

$B$^$C$?$/0N$/$J$$$s$G$9$,2q<R$N%^%7%s$K$O%F%9%HMQ$K(B
$BF~$l$F$?$j$7$^$9$1$I!"(BMac$B$O$[$H$s$I?($j$^$;$s(B:)

--------------------------------------------------
Name  : $BBg>l@5;V(B(Masashi Ohba)
E-mail: ohba@netforce.ne.jp
url   : http://www.netforce.ne.jp/~ohba
        $B%3%,%M%a%-%7%3%$%s%3;t$C$F$^$9(B
Add   : Fukuoka-city, Japan
