Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/article/gettext/ru/openssh-key-management-p1.xml.po
diff options
context:
space:
mode:
Diffstat (limited to 'article/gettext/ru/openssh-key-management-p1.xml.po')
-rw-r--r--article/gettext/ru/openssh-key-management-p1.xml.po591
1 files changed, 591 insertions, 0 deletions
diff --git a/article/gettext/ru/openssh-key-management-p1.xml.po b/article/gettext/ru/openssh-key-management-p1.xml.po
new file mode 100644
index 0000000..58684b8
--- /dev/null
+++ b/article/gettext/ru/openssh-key-management-p1.xml.po
@@ -0,0 +1,591 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"POT-Creation-Date: 2010-10-22 00:23+0600\n"
+"PO-Revision-Date: 2009-10-12 06:16+0400\n"
+"Last-Translator: Automatically generated\n"
+"Language-Team: none\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):6
+msgid "OpenSSH key management, Part 1"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(author:title):7
+msgid "Author"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(mail:link):8
+msgid "drobbins"
+msgstr ""
+
+#. xmlified by Max Lorenz (anarchyisgoodforthee@gmail.com)
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(abstract):12
+msgid ""
+"In this series, you'll learn how RSA and DSA authentication work, and see "
+"how to set up passwordless authentication the right way. In the first "
+"article of the series, Daniel Robbins focuses on introducing the RSA and DSA "
+"authentication protocols and showing you how to get them working over the "
+"network."
+msgstr ""
+
+#. The original version of this article was first published on IBM
+#. developerWorks, and is property of Westtech Information Services. This
+#. document is an updated version of the original article, and contains
+#. various improvements made by the Gentoo Linux Documentation team
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(version):25
+msgid "1.2"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(date):26
+msgid "2005-10-09"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):29
+msgid "Understanding RSA/DSA authentication"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):33
+msgid ""
+"Many of us use the excellent OpenSSH (see <uri link=\"#resources"
+"\">Resources</uri> later in this article) as a secure, encrypted replacement "
+"for the venerable <c>telnet</c> and <c>rsh</c> commands. One of OpenSSH's "
+"more intriguing features is its ability to authenticate users using the RSA "
+"and DSA authentication protocols, which are based on a pair of complementary "
+"numerical keys. As one of its main appeals, RSA and DSA authentication "
+"promise the capability of establishing connections to remote systems "
+"<e>without supplying a password</e>. While this is appealing, new OpenSSH "
+"users often configure RSA/DSA the quick and dirty way, resulting in "
+"passwordless logins, but opening up a big security hole in the process."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):49
+msgid "What is RSA/DSA authentication?"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):52
+msgid ""
+"SSH, specifically OpenSSH (a completely free implementation of SSH), is an "
+"incredible tool. Like <c>telnet</c> or <c>rsh</c>, the ssh client can be "
+"used to log in to a remote machine. All that's required is for this remote "
+"machine to be running <c>sshd</c>, the <c>ssh</c> server process. However, "
+"unlike <c>telnet</c>, the ssh protocol is very secure. It uses special "
+"algorithms to encrypt the data stream, ensure data stream integrity and even "
+"perform authentication in a safe and secure way."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):62
+msgid ""
+"However, while <c>ssh</c> is really great, there is a certain component of "
+"<c>ssh</c> functionality that is often ignored, dangerously misused, or "
+"simply misunderstood. This component is OpenSSH's RSA/DSA key authentication "
+"system, an alternative to the standard secure password authentication system "
+"that OpenSSH uses by default."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):70
+msgid ""
+"OpenSSH's RSA and DSA authentication protocols are based on a pair of "
+"specially generated cryptographic keys, called the <e>private key</e> and "
+"the <e>public key</e>. The advantage of using these key-based authentication "
+"systems is that in many cases, it's possible to establish secure connections "
+"without having to manually type in a password."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):78
+msgid ""
+"While the key-based authentication protocols are relatively secure, problems "
+"arise when users take certain shortcuts in the name of convenience, without "
+"fully understanding their security implications. In this article, we'll take "
+"a good look at how to correctly use RSA and DSA authentication protocols "
+"without exposing ourselves to any unnecessary security risks. In my next "
+"article, I'll show you how to use <c>ssh-agent</c> to cache decrypted "
+"private keys, and introduce <c>keychain</c>, an <c>ssh-agent</c> front-end "
+"that offers a number of convenience advantages without sacrificing security. "
+"If you've always wanted to get the hang of the more advanced authentication "
+"features of OpenSSH, then read on."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):94
+msgid "How RSA/DSA keys work"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):97
+msgid ""
+"Here's a quick general overview of how RSA/DSA keys work. Let's start with a "
+"hypothetical scenario where we'd like to use RSA authentication to allow a "
+"local Linux workstation (named <e>localbox</e>) to open a remote shell on "
+"<e>remotebox</e>, a machine at our ISP. Right now, when we try to connect to "
+"<e>remotebox</e> using the <c>ssh</c> client, we get the following prompt:"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre:caption):105
+msgid "Connecting to remotebox"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre):105
+#, no-wrap
+msgid ""
+"\n"
+"$ <i>ssh drobbins@remotebox</i>\n"
+"drobbins@remotebox's password:\n"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):110
+msgid ""
+"Here we see an example of the <c>ssh</c><e>default</e> way of handling "
+"authentication. Namely, it asks for the password of the <e>drobbins</e> "
+"account on <e>remotebox</e>. If we type in our password for <e>remotebox</"
+"e>, <c>ssh</c> uses its secure password authentication protocol, "
+"transmitting our password over to <e>remotebox</e> for verification. "
+"However, unlike what <c>telnet</c> does, here our password is encrypted so "
+"that it can not be intercepted by anyone sniffing our data connection. Once "
+"<e>remotebox</e> authenticates our supplied password against its password "
+"database, if successful, we're allowed to log on and are greeted with a "
+"<e>remotebox</e> shell prompt. While the <c>ssh</c> default authentication "
+"method is quite secure, RSA and DSA authentication open up some new "
+"possibilities."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):124
+msgid ""
+"However, unlike the <c>ssh</c> secure password authentication, RSA "
+"authentication requires some initial configuration. We need to perform these "
+"initial configuration steps only once. After that, RSA authentication "
+"between <e>localbox</e> and <e>remotebox</e> will be totally painless. To "
+"set up RSA authentication, we first need to generate a pair of keys, one "
+"private and one public. These two keys have some very interesting "
+"properties. The public key can be used to encrypt a message, and only the "
+"holder of the private key can decrypt it. The public key can only be used "
+"for <e>encryption</e>, and the private key can only be used for "
+"<e>decryption</e> of a message encoded by the matching public key. The RSA "
+"(and DSA) authentication protocols use the special properties of key pairs "
+"to perform secure authentication, without needing to transmit any "
+"confidential information over the network."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):139
+msgid ""
+"To get RSA or DSA authentication working, we perform a single one-time "
+"configuration step. We copy our <e>public key</e> over to <e>remotebox</e>. "
+"The public key is called \"public\" for a reason. Since it can only be used "
+"to <e>encrypt</e> messages for us, we don't need to be too concerned about "
+"it falling into the wrong hands. Once our public key has been copied over to "
+"<e>remotebox</e> and placed in a special file (<path>~/.ssh/authorized_keys</"
+"path>) so that <e>remotebox</e>'s <c>sshd</c> can locate it, we're ready to "
+"use RSA authentication to log onto <e>remotebox</e>."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):151
+msgid ""
+"To do this, we simply type <c>ssh drobbins@remotebox</c> at <e>localbox</"
+"e>'s console, as we always have. However, this time, <c>ssh</c> lets "
+"<e>remotebox</e>'s <c>sshd</c> know that it would like to use the RSA "
+"authentication protocol. What happens next is rather interesting. "
+"<e>Remotebox</e>'s <c>sshd</c> generates a random number, and encrypts it "
+"using our public key that we copied over earlier. Then, it sends this "
+"encrypted random number back to the <c>ssh</c> running on <e>localbox</e>. "
+"In turn, our <c>ssh</c> uses our <e>private key</e> to decrypt this random "
+"number, and then sends it back to <e>remotebox</e>, saying in effect \"See, "
+"I really <e>do</e> hold the matching private key; I was able to successfully "
+"decrypt your message!\" Finally, <c>sshd</c> concludes that we should be "
+"allowed to log in, since we hold a matching private key. Thus, the fact that "
+"we hold a matching private key grants us access to <e>remotebox</e>."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):170
+msgid "Two observations"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):173
+msgid ""
+"There are two important observations about the RSA and DSA authentication. "
+"The first is that we really only need to generate one pair of keys. We can "
+"then copy our public key to the remote machines that we'd like to access and "
+"they will all happily authenticate against our single private key. In other "
+"words, we don't need a key pair for <e>every</e> system we'd like to access. "
+"Just one pair will suffice."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):182
+msgid ""
+"The other observation is that our <e>private key should not fall into the "
+"wrong hands</e>. The private key is the one thing that grants us access to "
+"our remote systems, and anyone that possesses our private key is granted "
+"exactly the same privileges that we are. Just as we wouldn't want strangers "
+"to have keys to our house, we should protect our private key from "
+"unauthorized use. In the world of bits and bytes, this means that no one "
+"should be able to read or copy our private key."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):192
+msgid ""
+"Of course, the <c>ssh</c> developers are aware of the private keys' "
+"importance, and have built a few safeguards into <c>ssh</c> and <c>ssh-"
+"keygen</c> so that our private key is not abused. First, <c>ssh</c> is "
+"configured to print out a big warning message if our key has file "
+"permissions that would allow it to be read by anyone but us. Secondly, when "
+"we create our public/private key pair using <c>ssh-keygen</c>, <c>ssh-"
+"keygen</c> will ask us to enter a passphrase. If we do, our private key will "
+"be encrypted using this passphrase, so that even if it is stolen, it will be "
+"useless to anyone who doesn't happen to know the passphrase. Armed with that "
+"knowledge, let's take a look at how to configure <c>ssh</c> to use the RSA "
+"and DSA authentication protocols."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):208
+msgid "ssh-keygen up close"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):211
+msgid ""
+"The first step in setting up RSA authentication begins with generating a "
+"public/private key pair. RSA authentication is the original form of <c>ssh</"
+"c> key authentication, so RSA should work with any version of OpenSSH, "
+"although I recommend that you install the most recent version available, "
+"which was openssh-2.9_p2 at the time this article was written. Generate a "
+"pair of RSA keys as follows:"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre:caption):220
+msgid "Using ssh-keygen"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre):220
+#, no-wrap
+msgid ""
+"\n"
+"$ <i>ssh-keygen</i>\n"
+"Generating public/private rsa1 key pair.\n"
+"Enter file in which to save the key (/home/drobbins/.ssh/identity): <comment>(hit enter)</comment>\n"
+"Enter passphrase (empty for no passphrase): <comment>(enter a passphrase)</comment>\n"
+"Enter same passphrase again: <comment>(enter it again)</comment>\n"
+"Your identification has been saved in /home/drobbins/.ssh/identity.\n"
+"Your public key has been saved in /home/drobbins/.ssh/identity.pub.\n"
+"The key fingerprint is:\n"
+"a4:e7:f2:39:a7:eb:fd:f8:39:f1:f1:7b:fe:48:a1:09 drobbins@localbox\n"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):232
+msgid ""
+"When <c>ssh-keygen</c> asks for a default location for the key, we hit enter "
+"to accept the default of <path>/home/drobbins/.ssh/identity</path>. <c>ssh-"
+"keygen</c> will store the private key at the above path, and the <e>public</"
+"e> key will be stored right next to it, in a file called identity.pub."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):240
+msgid ""
+"Also note that <c>ssh-keygen</c> prompted us to enter a passphrase. When "
+"prompted, we entered a good passphrase (seven or more hard-to-predict "
+"characters). <c>ssh-keygen</c> then encrypted our private key (<path>~/.ssh/"
+"identity</path>) using this passphrase so that our private key will be "
+"useless to anyone who does not know it."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):251
+msgid "The quick compromise"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):254
+msgid ""
+"When we specify a passphrase, it allows <c>ssh-keygen</c> to secure our "
+"private key against misuse, but it also creates a minor inconvenience. Now, "
+"every time we try to connect to our <e>drobbins@remotebox</e> account using "
+"<c>ssh</c>, <c>ssh</c> will prompt us to enter the passphrase so that it can "
+"decrypt our private key and use it for RSA authentication. Again, we won't "
+"be typing in our password for the <e>drobbins</e> account on <e>remotebox</"
+"e>, we'll be typing in the passphrase needed to locally decrypt our private "
+"key. Once our private key is decrypted, our <c>ssh</c> client will take care "
+"of the rest. While the mechanics of using our remote password and the RSA "
+"passphrase are completely different, in practice we're still prompted to "
+"type a \"secret phrase\" into <c>ssh</c>."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre:caption):268
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre:caption):285
+msgid "Logging in with passphrase"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre):268
+#, no-wrap
+msgid ""
+"\n"
+"$ <i>ssh drobbins@remotebox</i>\n"
+"Enter passphrase for key '/home/drobbins/.ssh/identity': <comment>(enter passphrase)</comment>\n"
+"Last login: Thu Jun 28 20:28:47 2001 from localbox.gentoo.org \n"
+"\n"
+"Welcome to remotebox!\n"
+"\n"
+"$\n"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):278
+msgid ""
+"Here's where people are often mislead into a quick compromise. A lot of the "
+"time, people will create unencrypted private keys just so that they don't "
+"need to type in a password. That way, they simply type in the ssh command, "
+"and they're immediately authenticated via RSA (or DSA) and logged in."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre):285
+#, no-wrap
+msgid ""
+"\n"
+"$ <i>ssh drobbins@remotebox</i>\n"
+"Last login: Thu Jun 28 20:28:47 2001 from localbox.gentoo.org \n"
+"\n"
+"Welcome to remotebox!\n"
+"\n"
+"$\n"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):294
+msgid ""
+"However, while this is convenient, you shouldn't use this approach without "
+"fully understanding its security impact. With an unencrypted private key, if "
+"anyone ever hacks into <e>localbox</e>, they'll also get automatic access to "
+"<e>remotebox</e> and any other systems that have been configured with the "
+"public key."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):302
+msgid ""
+"I know what you're thinking. Passwordless authentication, despite being a "
+"bit risky does seem really appealing. I totally agree. But <e>there is a "
+"better way!</e> Stick with me, and I'll show you how to gain the benefits of "
+"passwordless authentication without compromising your private key security. "
+"I'll show you how to masterfully use <c>ssh-agent</c> (the thing that makes "
+"<e>secure</e> passwordless authentication possible in the first place) in my "
+"next article. Now, let's get ready to use <c>ssh-agent</c> by setting up RSA "
+"and DSA authentication. Here step-by-step directions."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):316
+msgid "RSA key pair generation"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):319
+msgid ""
+"To set up RSA authentication, we'll need to perform the one-time step of "
+"generating a public/private key pair. We do this by typing:"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre:caption):324
+msgid "Generating keys..."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre):324
+#, no-wrap
+msgid ""
+"\n"
+"$ <i>ssh-keygen</i>\n"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):328
+msgid ""
+"Accept the default key location when prompted (typically <path>~/.ssh/"
+"identity</path> and <path>~/.ssh/identity.pub</path> for the public key), "
+"and provide <c>ssh-keygen</c> with a secure passphrase. Once <c>ssh-keygen</"
+"c> completes, you'll have a public key as well as a passphrase-encrypted "
+"private key."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):339
+msgid "RSA public key install"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):342
+msgid ""
+"Next, we'll need to configure remote systems running <c>sshd</c> to use our "
+"<e>public</e> RSA key for authentication. Typically, this is done by copying "
+"the public key to the remote system as follows:"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre:caption):348
+msgid "Copying the public key"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre):348
+#, no-wrap
+msgid ""
+"\n"
+"$ <i>scp ~/.ssh/identity.pub drobbins@remotebox:</i>\n"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):352
+msgid ""
+"Since RSA authentication isn't fully set up yet, we'll be prompted to enter "
+"our password on <e>remotebox</e>. Do so. Then, log in to <e>remotebox</e> "
+"and append the public key to the <path>~/.ssh/authorized_keys</path> file "
+"like so:"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre:caption):358
+msgid "Installing the public key"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre):358
+#, no-wrap
+msgid ""
+"\n"
+"$ <i>ssh drobbins@remotebox</i>\n"
+"drobbins@remotebox's password: <comment>(enter password)</comment>\n"
+"Last login: Thu Jun 28 20:28:47 2001 from localbox.gentoo.org \n"
+"\n"
+"Welcome to remotebox!\n"
+"\n"
+"$ <i>cat identity.pub &gt;&gt; ~/.ssh/authorized_keys</i>\n"
+"$ <i>exit</i>\n"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):369
+msgid ""
+"Now, with RSA authentication configured, we should be prompted to enter our "
+"RSA <e>passphrase</e> (rather than our <e>password</e>) when we try to "
+"connect to <e>remotebox</e> using <c>ssh</c>."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre:caption):375
+msgid "Logging in with pubkey authentication"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre):375
+#, no-wrap
+msgid ""
+"\n"
+"$ <i>ssh drobbins@remotebox</i>\n"
+"Enter passphrase for key '/home/drobbins/.ssh/identity': \n"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):380
+msgid ""
+"Hurray, RSA authentication configuration complete! If you weren't prompted "
+"for a passphrase, here are a few things to try. First, try logging in by "
+"typing <c>ssh -1 drobbins@remotebox</c>. This will tell ssh to only use "
+"version 1 of the ssh protocol, and may be required if for some reason the "
+"remote system is defaulting to DSA authentication. If that doesn't work, "
+"make sure that you don't have a line that reads <c>RSAAuthentication no</c> "
+"in your <path>/etc/ssh/ssh_config</path>. If you do, comment it out by pre-"
+"pending it with a \"#\". Otherwise, try contacting the <e>remotebox</e> "
+"system administrator and verifying that they have enabled RSA authentication "
+"on their end and have the appropriate settings in <path>/etc/ssh/"
+"sshd_config</path>."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):396
+msgid "DSA key generation"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):399
+msgid ""
+"While RSA keys are used by version 1 of the <c>ssh</c> protocol, DSA keys "
+"are used for protocol level 2, an updated version of the <c>ssh</c> "
+"protocol. Any modern version of OpenSSH should be able to use both RSA and "
+"DSA keys. Generating DSA keys using OpenSSH's <c>ssh-keygen</c> can be done "
+"similarly to RSA in the following manner:"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre:caption):407
+msgid "Generating a DSA key pair"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(pre):407
+#, no-wrap
+msgid ""
+"\n"
+"$ <i>ssh-keygen -t dsa</i>\n"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):411
+msgid ""
+"Again, we'll be prompted for a passphrase. Enter a secure one. We'll also be "
+"prompted for a location to save our DSA keys. The default, normally <path>~/."
+"ssh/id_dsa</path> and <path>~/.ssh/id_dsa.pub</path>, should be fine. After "
+"our one-time DSA key generation is complete, it's time to install our DSA "
+"public key to remote systems."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):422
+msgid "DSA public key install"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):425
+msgid ""
+"Again, DSA public key installation is almost identical to RSA. For DSA, "
+"we'll want to copy our <path>~/.ssh/id_dsa.pub</path> file to <e>remotebox</"
+"e>, and then append it to the <path>~/.ssh/authorized_keys2</path> on "
+"<e>remotebox</e>. Note that this file has a different name than the RSA "
+"<path>authorized_keys</path> file. Once configured, we should be able to log "
+"in to <e>remotebox</e> by typing in our DSA private key passphrase rather "
+"than typing in our actual <e>remotebox</e> password."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(note):435
+msgid ""
+"Nowadays you should only use version 2 of the ssh protocol, as version 1 has "
+"weaknesses."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):443
+msgid "Next time"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(p):446
+msgid ""
+"Right now, you should have RSA or DSA authentication working, but you still "
+"need to type in your passphrase for every new connection. In my next "
+"article, we'll see how to use <c>ssh-agent</c>, a really nice system that "
+"allows us to establish connections <e>without</e> supplying a password, but "
+"also allows us to keep our private keys encrypted on disk. I'll also "
+"introduce <c>keychain</c>, a very handy <c>ssh-agent</c> front-end that "
+"makes <c>ssh-agent</c> even more secure, convenient, and fun to use. Until "
+"then, check out the handy resources below to keep yourself on track."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(title):461
+msgid "Resources"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(li):466
+msgid ""
+"Read Daniel's other two articles in this series, <uri link=\"/doc/en/"
+"articles/openssh-key-management-p2.xml\">OpenSSH key management, Part 2</"
+"uri> and <uri link=\"/doc/en/articles/openssh-key-management-p3.xml"
+"\">OpenSSH key management, Part 3</uri>"
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(li):473
+msgid ""
+"Be sure to visit the home of <uri link=\"http://www.openssh.com\">OpenSSH</"
+"uri> development."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(li):477
+msgid ""
+"Check out the <uri link=\"http://www.openssh.com/faq.html\">OpenSSH FAQ</"
+"uri>."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(li):481
+msgid ""
+"<uri link=\"http://www.chiark.greenend.org.uk/~sgtatham/putty/\">PuTTY</uri> "
+"is an excellent <c>ssh</c> client for Windows machines."
+msgstr ""
+
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(li):485
+msgid ""
+"You may find O'Reilly's <e>SSH, The Secure Shell: The Definitive Guide</e> "
+"to be helpful. The <uri link=\"http://www.snailbook.com/\">authors' site</"
+"uri> contains information about the book, a FAQ, news, and updates."
+msgstr ""
+
+#. Place here names of translator, one per line. Format should be NAME; ROLE; E-MAIL
+#: ../../gentoo/xml/htdocs/doc/en/articles/openssh-key-management-p1.xml(None):0
+msgid "translator-credits"
+msgstr ""