[Ttssh2-commit] [4598] 英訳を追加。

svnno****@sourc***** svnno****@sourc*****
2011年 8月 24日 (水) 20:44:42 JST

Revision: 4598
Author:   yutakapon
Date:     2011-08-24 20:44:42 +0900 (Wed, 24 Aug 2011)

Log Message:

Modified Paths:

-------------- next part --------------
Modified: trunk/doc/en/html/usage/ssh.html
--- trunk/doc/en/html/usage/ssh.html	2011-08-24 10:43:12 UTC (rev 4597)
+++ trunk/doc/en/html/usage/ssh.html	2011-08-24 11:44:42 UTC (rev 4598)
@@ -63,26 +63,23 @@
       <li>Matching the host key found in ssh_known_hosts(not warning).</li>
-    <p>Œx‚ª•\Ž¦‚³‚ꂽê‡‚ɂ́AˆÓ}‚µ‚È‚¢ƒT[ƒo‚ɐڑ±‚µ‚Ä‚¢‚é‚©’†ŠÔŽÒUŒ‚‚É‘˜‚Á‚Ä‚¢‚é‰Â”\«‚ª‚ ‚è‚Ü‚·B<br />
-       ‚µ‚©‚µAŽn‚߂ăT[ƒo‚ɐڑ±‚·‚é‚Æ‚«‚âAƒT[ƒo‚̍ăCƒ“ƒXƒg[ƒ‹‚È‚Ç‚É‚æ‚è SSH ƒT[ƒo‚̃zƒXƒgŒ®‚ª•ÏX‚³‚ꂽê‡‚É‚à‚±‚ÌŒx‚ª•\Ž¦‚³‚ê‚Ü‚·BuŒxƒ_ƒCƒAƒƒO‚É•\Ž¦‚³‚ê‚Ä‚¢‚éAÚ‘±’†‚Ì SSH ƒT[ƒo‚̃zƒXƒgŒ®‚ÌŽw–äv‚ƁuÚ‘±‚µ‚悤‚Æ‚µ‚Ä‚¢‚é SSH ƒT[ƒo‚̃zƒXƒgŒ®‚̐³Šm‚ÈŽw–äv‚ð”äŠr‚µ‚Ä‚­‚¾‚³‚¢B</p>
+    <p>When the security warning message is shown, a user will receive a network attack known as spoofing secretly redirecting the user's connection to a different server. <br />
+       However, this message will be shown when a user connects to a server for the first time and the server's host key is newly updated by reinstalling the server computer. If a user will see this warning, please compare a fingerprint on the warning dialog to the trusted fingerprint. </p>
-    <p>OpenSSH ‚̏ꍇAƒT[ƒoŠÇ—ŽÒ‚͈ȉº‚̂悤‚ȃRƒ}ƒ“ƒh‚ŃT[ƒo‚̃zƒXƒgŒ®‚ÌŽw–ä‚ðŽæ“¾‚Å‚«‚Ü‚·B</p>
+    <p>OpenSSH: The server administrator can get the fingerprint(hash) of the server's host key by using below command.</p>
     <pre>ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub</pre>
     <h3><a name="SSHFP">SSHFP RR</a></h3>
-    <p>SSH Ú‘±Žž‚ɁARFC 4255 ‚É‹K’肳‚ê‚Ä‚¢‚é SSHFP RR (Secure SHell FingerPrint Resource Record) ‚É‚æ‚錟Ø‚ª‰Â”\‚Å‚·‚ªAŒ»Ý‚ÌTera Term‚Å‚Í DNSSEC ”FØ‚ª‚Å‚«‚È‚¢‚Ì‚ÅŽQl’ö“x‚̈ʒu‚¯‚Æ‚È‚è‚Ü‚·B</p>
+    <p>When a user is using SSH to connect to a server, the user can use SSHFP RR (Secure SHell FingerPrint Resource Record) defined in RFC 4255. However, this feature is experimentally implemented because the current Tera Term can not do the DNSSEC authentication.</p>
-    <p>ƒhƒƒCƒ“‚̏Š—LŽÒ‚Å‚ ‚ê‚Î DNS ‚Ì SSHFP ƒŒƒR[ƒh‚É SSH ƒT[ƒoƒzƒXƒgŒ®‚̏–¼‚ð“o˜^‚·‚邱‚Æ‚ª‰Â”\‚Å‚·BƒNƒ‰ƒCƒAƒ“ƒg(Tera Term)‚Í SSHFP ƒŒƒR[ƒh‚ðŽæ“¾‚µAÚ‘±’†‚̃T[ƒoƒzƒXƒgŒ®‚Æ”äŠr‚·‚邱‚Æ‚ÅŒŸØ‚ª‰Â”\‚Å‚·B<br />
-       ‚±‚Ì‹@”\‚Í Windows ƒŠƒ]ƒ‹ƒo‚̐§ŒÀ‚É‚æ‚è Windows 2000 ˆÈ~‚Å‚Ì‚Ý—LŒø‚Å‚·B</p>
+    <p>A domain owner can regist the SSHFP record into the DNS zone. The client software(Tera Term) can get the SSHFP record on connection and verify the record with the server's host key. <br />
+       However, this feature can be used on Windows 2000 or later by the limitation of the Windows resolver.</p>
-    <p>SSHFP ‚ÉŠÖ‚µ‚Ä‹K’肵‚Ä‚¢‚é RFC 4255 ‚ɂ́uDNSSEC ”FØ‚³‚ê‚Ä‚¢‚È‚¢ SSHFP RR ‚ðM—Š‚µ‚Ä‚Í‚È‚ç‚È‚¢v‚Æ‚ ‚è‚Ü‚·B<br />
-       Tera Term‚ª—˜—p‚µ‚Ä‚¢‚éWindows ƒŠƒ]ƒ‹ƒo‚Í DNSSEC ‚̏–¼‚ªŒŸØ‚ª‚Å‚«‚È‚¢‚½‚߁Aí‚É DNSSEC ”FØ‚ÉŽ¸”s‚µ‚Ü‚·B</p>
+    <p>Please refer to below one sentence in RFC 4255. <br />
+       <i>A public key verified using this method MUST NOT be trusted if the SSHFP resource record (RR) used for verification was not authenticated by a trusted SIG RR.</i><br />
+      The DNSSEC authentication always fails because the Windows resolver used by Tera Term can not verify the DNSSEC signature. </p>
     <h2><a name="generate">Generating Key</a></h2>

Ttssh2-commit メーリングリストの案内