I'm afraid this is the first I've heard of a "html を記載しました。" flavoured Blosxom. Try dropping the "/+html を記載しました。" bit from the end of the URL.
˴ĤΥǥǼ夲ƤƤꡢ桼֤ǤˤʤäƤ뤳Ǥʤ褦դɬפĤޤʲͤ˸Ƥʤɤǧꤤפޤ
A: ǰʤ餽ǤϤޤ
Ϸ٤С OpenSSL ѥåȤä줿ȼǤȤȤˤޤ㤨бѤƤ륵Ф Red Hat Enterprise Linux äȤơ桼 ~/.ssh/authorized_keys ˳η٤֤Ǻ줿ϿƤ顢 Red Hat Enterprise Linux ʥưפʾ֤ˤ뤳Ȥˤʤޤ˾夲 Red Hat Enterprise Linux CentOS Ǥ Fedora Ǥ FreeBSD Ǥ¾ΤΤǤ֤ƹͤƤˡ
A: ǰʤ餽ǤϤޤ
㤨СȼΤС OpenSSL ޤĶǥ桼 SSH Ƥơ authorized_keys ϿƤĤ Sarge ѤƤۥȤؤοưפʾ֤ȤʤäƤޤEtch Ǥй줿 openssh-server ȴΤȼʸꥹȤǤ openssh-blacklist ˤäƤͤʸȤä³ݤޤSarge ϥƥݡȤλƤ뤿ˤͤʴʾ֤ݸޤ
A: Debian Project Ƥ Debian OpenSSL Weak Key Detector (dowkd) ѤƤ
perl ǽ줿ץȤǡperl ƳƤĶǤ OS / ǥȥӥ塼鷺˼¹ԤǤޤ (Debian Ǥ 5.8.8 ڤ 5.10 ˤưǧƤޤ)¹Υեγǧˤ OpenPGP ̾ǧƤʤΥץȤϿƤޤΤǡŬåƤ
桼ʬ authrized_keys ȼʸޤޤƤʤå
user@localhost:~$ perl dowkd.pl file ~/.ssh/authorized_keys /home/user/.ssh/authorized_keys:1: weak key summary: keys found: 1, weak keys: 1
SSH ФȼʥۥȸѤƤʤ⡼Ȥå
user@localhost:~$ perl dowkd.pl host 192.168.100.100 # 192.168.100.100 SSH-2.0-OpenSSH_4.3p2 Debian-9 # 192.168.100.100 SSH-2.0-OpenSSH_4.3p2 Debian-9 192.168.100.100: weak key 192.168.100.100: weak key
ʲͤˤơγǧǽǤĶȤ PGP 뤤 GPG ѲǽǤ뤳ȤɬפȤʤޤ (ͤȤơʲκȤ Debian sid ĶdzǧԤäƤޤ)
(1) ޤΥƥΥ (DSA-1571)˥Ƥ̾ǧޤ
ƥή debian-security-announce@lists.debian.org PGP ̾줿Υɥ쥹ΤƲǽʥꥹȤǤΤǡFlorian Weimer ΥåϤޤʤΤǤȽǤǤޤμ¤ˤ줬 Florian Weimer ΤǤ롢Ȥǧ뤿ΥեȤ¸ưʲγǧޤ
$ gpg --verify \[SECURITY\]_\[DSA_1571-1\]_New_openssl_packages_fix_predictable_random_number_generator.txt gpg: Signature made 2008ǯ0513 2103ʬ24 JST using RSA key ID 02D524BE gpg: Can't check signature: public key not found
(2) ƥ 02D524BE Ȥ ID θǽ̾ƤǧǤޤΤǡθƤΤïʤΤФ鸡ޤ
$ gpg --keyserver pgp.nic.ad.jp --search-keys 02D524BE gpg: searching for "02D524BE" from hkp server pgp.nic.ad.jp (1) Florian Weimer (HIGH SECURITY KEY) <fw@deneb.enyo.de> Florian Weimer (HIGH SECURITY KEY) <Weimer@CERT.Uni-Stuttgart.DE> Florian Weimer (HIGH SECURITY KEY) <Florian.Weimer@RUS.Uni-Stuttgart.D Florian Weimer (HIGH SECURITY KEY) <fw@deneb.enyo.de> Florian Weimer (HIGH SECURITY KEY) <Weimer@CERT.Uni-Stuttgart.DE> Florian Weimer (HIGH SECURITY KEY) <Florian.Weimer@RUS.Uni-Stuttgart.D 2048 bit RSA key 02D524BE, created: 2002-03-19 Enter number(s), N)ext, or Q)uit > Q
嵭ͤ Florian Weimer
(3) ̾γǧǤΤǡFlorian Weimer θ (02D524BE) Фޤ
$ gpg --keyserver pgp.nic.ad.jp --recv-keys 02D524BE gpg: requesting key 02D524BE from hkp server pgp.nic.ad.jp gpg: key 02D524BE: duplicated user ID detected - merged gpg: key 02D524BE: public key "Florian Weimer (HIGH SECURITY KEY)" imported gpg: 3 marginal(s) needed, 1 complete(s) needed, classic trust model gpg: depth: 0 valid: 1 signed: 11 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: depth: 1 valid: 11 signed: 12 trust: 2-, 0q, 0n, 5m, 4f, 0u gpg: depth: 2 valid: 10 signed: 5 trust: 10-, 0q, 0n, 0m, 0f, 0u gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1)
(4) dowkd.pl dowkd.plˤĤƽ̾줿եޤ
$ wget http://security.debian.org/project/extra/dowkd/dowkd.pl.gz $ wget http://security.debian.org/project/extra/dowkd/dowkd.pl.gz.asc
(5) ۤɥեǥ쥯ȥ dowkd.pl ˤĤƤν̾ǧޤ
$ gpg --verify dowkd.pl.gz.asc gpg: Signature made 2008ǯ0523 0539ʬ49 JST using RSA key ID 02D524BE gpg: Good signature from "Florian Weimer (HIGH SECURITY KEY)" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: C8D3 D9CF FA9E 7056 3F32 FA54 BF7B FF04 02D5 24BE
Good signature from "Florian Weimer (HIGH SECURITY KEY) <fw@deneb.enyo.de>" ȤΤǡOpenSSL Υƥή Florian Weimer dowkd.pl ˤĤƤ̾ȤǧǤޤ
ʤξ硡WARNING ФƤΤϡȤͭƤǡǤϡֿѤ(web of trust)פ˴ޤޤƤʤǤ뤳Ȥ̣Ƥޤθ Florian Weimer ΤΤǤ뤳ȤѤ뤫ˤĤƤϡʤɤ»ܤƤθ˽̾Ƥ¾οͤΥꥹʤɤӳǧ
A: ⡢Debian OpenSSL Weak Key Detector (dowkd) ѤƤPEM եΥåԤޤ
A: ǰʤ OpenSSL ѥå˳ȼä֤˺줿Τϡٿʤɤƺľɬפˤʤޤ
٥ˤäƤϺξˤĤ SSLоλ¸̵֤ȯԤͰǤбԤʤɤȤƤȤޤΤǡܤϳƥ٥бˤĤ䤤碌Ƥʤ⤷ޤɵȻפޤΤǡ