diff options
Diffstat (limited to 'debian')
52 files changed, 13778 insertions, 0 deletions
diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 000000000..dfdd1a4a7 --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,36 @@ +strongswan (4.5.0-1) unstable; urgency=low + + Starting with strongswan 4.5.0 upstream, the IKEv2 protocol is now the + default. This can easily be changed using the keyexchange=ikev1 config + option (either in the respective "conn" section or by putting it in the + "default" section and therefore applying it to all existing connections). + + The IKEv2 protocol has less overhead, more features (e.g. NAT-Traversal by + default, MOBIKE, Mobile IPv6), and provides better error messages in case + the connection can not be established. It is therefore highly recommended + to use it when the other side also supports it. + + Addtionally, strongswan 4.5.0-1 now enables support for NAT Traversal in + combination with IPsec transport mode (the support for this has existed + for a long time, but was disabled due to security concerns). This is + required e.g. to let mobile phone clients (notably Android, iPhone) + connect to an L2TP/IPsec gateway using strongswan. The security + implications as described in the original README.NAT-Traversal file from + the openswan distribution are: + + * Transport Mode can't be used without NAT in the IPSec layer. Otherwise, + all packets for the NAT device (including all hosts behind it) would be + sent to the NAT-T Client. This would create a sort of blackhole between + the peer which is not behind NAT and the NAT device. + + * In Tunnel Mode with roadwarriors, we CAN'T accept any IP address, + otherwise, an evil roadwarrior could redirect all trafic for one host + (including a host on the private network) to himself. That's why, you have + to specify the private IP in the configuration file, use virtual IP + management, or DHCP-over-IPSec. + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 28 Nov 2010 13:16:00 +0200 + +Local variables: +mode: debian-changelog +End: diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 000000000..2dc3a5831 --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,124 @@ +strongswan for Debian +---------------------- + +1) General Remarks + +This package has been created from the openswan package, which was again +created from the freeswan package, which was created from scratch with some +ideas from the freeswan 1.3 package by Tommi Virtanen and the freeswan 1.5 +package by Aaron Johnson merged in. + +The differences between the strongSwan and the Openswan packages are +documented at http://www.strongswan.org/ . + +2) Kernel Support + +Note: This package can make use of the in-kernel IPSec stack, which is +available in the stock Debian kernel images (>=2.4.24 and 2.6.x). + +If you want to use the strongswan utilities, you will need the appropriate +kernel modules. The Debian default kernel native IPSec stack (which is +included in Linux 2.6 kernels and has been backported to Debian's 2.4 kernels) +can be used out-of-the-box with strongswan pluto, the key management daemon. +This native Linux IPSec stack is of high quality, has all of the features of +the latest Debian freeswan and openswan packages (i.e. support for other +ciphers like AES and NAT Traversal support) and is well integrated into the +kernel networking subsystem (which is not true for the freeswan kernel +modules). This is the recommended kernel support for strongswan. + +If you do not want to use the in-kernel IPSec stack of newer 2.6 kernels or +are building a custom 2.4 kernel, then the KLIPS kernel part can be used. +strongswan no longer ships this part, but is instead focussing on the newer +native IPSec stack. However, strongswan is interoperable with the KLIPS part +shipped with openswan, both for 2.4 and 2.6 series kernels. Please install +either the linux-patch-openswan or the openswan-modules-source packages and +follow their respective README.Debian files when you want to use KLIPS. + +3) Getting Started + +For connecting two Debian boxes using this strongswan package, the +simplest connection block on each side would look something like this: + +On host A, use + +conn to_hostb + left=%defaultroute + right=hostb.example.com + leftcert=hosta.pem + rightcert=hostb.pem + keyexchange=ikev2 + type=transport + auto=add + +On host B, use +conn to_hosta + left=%defaultroute + right=hosta.example.com + leftcert=hostb.pem + rightcert=hosta.pem + keyexchange=ikev2 + type=transport + auto=add + +This assumes that the respective hostnames hosta.example.com and +hostb.example.com can be resolved and that the internal hostnames are hosta +and hostb (and thus installing the strongswan package created the certificates +hosta.pem and hostb.pem, respectively). +Then the certificates (and not the private keys!) need to be exchanged between +the hosts, e.g. with + scp /etc/ipsec.d/certs/hosta.pem hostb.example.com:/etc/ipsec.d/certs/ + scp hostb.example.com:/etc/ipsec.d/certs/hostb.com /etc/ipsec.d/certs/ +from host A. The IPSec transport connection (that is, no subnets behind these +hosts that should be tunneled) can be started from either side using +"ipsec up to_hostb" (e.g. from host A). +Note that this example explicitly uses IKEv2 due to its nicer error messages. + +A more complicated example is to connect a "roadwarrior" (e.g. laptop) +to an internal network wbile it is behind another NAT. On the gateway +side, i.e. for the internal network the roadwarrior should connect to, +the configuration block could look something like this: + +conn roadwwarrior + left=%defaultroute + leftcert=gatewayCert.pem + rightcert=laptopCert.pem + rightrsasigkey=%cert + leftrsasigkey=%cert + auto=add + leftsubnet=10.0.0.0/24 + rightsubnetwithin=0.0.0.0/0 + right=%any + compress=yes + type=tunnel + dpddelay=30 + dpdtimeout=120 + dpdaction=clear + +On the laptop side, you could use something along the lines: + +conn %default + rightrsasigkey=%cert + leftrsasigkey=%cert + authby=rsasig + leftcert=laptopCert.pem + leftsendcert=always + leftsubnet= + dpddelay=30 + dpdtimeout=120 + dpdaction=clear + esp=aes128-sha1 + ike=aes128-sha1-modp2048 + +conn esys + left=%defaultroute + right=gateway.example.com + rightsubnet=10.0.0.0/24 + rightcert=gatewayCert.pem + auto=add + +Then load these new configuration blocks on both sides using "ipsec reload" +and, on the laptop, start the tunnel with "ipsec up mynetwork". +These configuration blocks assume host names "gateway" and "laptop" and an +inner subnet of 10.0.0.0/24. + +-- Rene Mayrhofer <rmayr@debian.org>, Sun, Jul 09 12:31:00 2006 diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 000000000..8b83f34e5 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,607 @@ +strongswan (4.5.0-1ubuntu1) maverick; urgency=low + + * New upstream version + + -- René Mayrhofer <rene@earth> Sat, 05 Mar 2011 09:27:49 +0100 + +strongswan (4.5.0-1) unstable; urgency=low + + * New upstream version 4.5.0 + * Enabled new configure options for additional libstrongswan plugins: + --enable-ctr --enable-ccm --enable-gcm --enable-addrblock --enable-led + --enable-pkcs11 --enable-eap-tls --enable-eap-ttls --enable-eap-tnc + * Enable NAT-Traversal with transport mode support so that strongswan + can be used for an L2TP/IPsec gateway (e.g. for Windows or mobile phone + clients). + * Special handling for strongswan-nm package during build time: only build + and install if headers are really available. This supports easier + backporting by simply ignoring build-deps and therefore to build all + packages except the strongswan-nm without any changes to the source + package. + * Install test-vectors and revocation plugins for libstrongswan. + Closes: #600996: strongswan-starter: plugin 'revocation' failed to load + * Acknowledge translations NMU. + Closes: #598925: Intent to NMU or help for an l10n upload of strongswan + to fix pending po-debconf l10n bugs + Closes: #598925 #599888 #600354 #600409 #602449 #603723 #603779 + * Update Brazilian Portugese debconf translation. + Closes: #607404: strongswan: [INTL:pt_BR] Brazilian Portuguese debconf + templates translation + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 28 Nov 2010 13:09:42 +0100 + +strongswan (4.4.1-5.1) unstable; urgency=low + + * Non-maintainer upload. + - Fix pending l10n issues. Debconf translations: + - Vietnamese (Clytie Siddall). Closes: #598925 + - Japanese (Hideki Yamane). Closes: #599888 + - Czech (Miroslav Kure). Closes: #600354 + - Spanish (Francisco Javier Cuadrado). Closes: #600409 + - Danish (Joe Hansen). Closes: #602449 + - Basque (Iñaki Larrañaga Murgoitio). Closes: #603723 + - Italian (Vincenzo Campanella). Closes: #603779 + + -- Christian Perrier <bubulle@debian.org> Wed, 17 Nov 2010 20:21:21 +0100 + +strongswan (4.4.1-5) unstable; urgency=medium + + * Fixed init script for restart to work when either pluto or charon + are not installed. + Closes: #598074: init script doesn't re-start the service on restart + * Enable built-in crypto test vectors. + Closes: #598136: strongswan: Please enable --enable-test-vectors + configure option + * Install libchecksum.so into correct directory (/usr/lib/ipsec instead of + /usr/lib). It still doesn't fix #598138 because of the size mismatch. + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 26 Sep 2010 13:48:00 +0200 + +strongswan (4.4.1-4) unstable; urgency=medium + + * dh_clean should not be called by the install target. This caused the + arch: all package strongswan to be built but not included in the changes + file. + Closes: #593768: strongswan: 4.4.1 unavailable in testing notwhistanding + a freeze-exception request + * Rewrote parts of the init.d script to make stop/restart more robust + when pluto or charon fail. + * Closes: #595885: strongswan: FTBFS in squeeze: No package 'libnm_glib_vpn' + found + This bug was actually closed in 4.4.0 with changed dependencies. + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 19 Sep 2010 13:08:36 +0200 + +strongswan (4.4.1-3) unstable; urgency=low + + * Change make clean to make distclean to make package building + idempotent. + Really closes: Bug#593313: strongswan: FTBFS because clean rule fails + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 22 Aug 2010 21:39:03 +0200 + +strongswan (4.4.1-2) unstable; urgency=low + + * Recompiled with dpkg-buildpackage instead of svn-buildpackage to + make the clean target work. I am still looking for the root cause of + this quilt 3.0 format and svn-buildpackage incompatibility. + Closes: Bug#593313: strongswan: FTBFS because clean rule fails + * Removed the --enable-socket-* configure options again. Having multiple + socket variants for charon would force to explicitly enable one (in case + of pluto co-existance the socket-raw) in strongswan.conf. Disabling the + other variants for now at build-time relieves us from changing the + default config file and might be more future-proof concerning future + upstream changes to configure options. + Really closes: #587583 + + -- Rene Mayrhofer <rmayr@debian.org> Sat, 21 Aug 2010 23:28:47 +0200 + +strongswan (4.4.1-1) unstable; urgency=low + + * New upstream release. + Closes: #587583: strongswan 4.4.0-2 does not work here: charon seems not + to ignore all incoming requests/answers + Closes: #506320: strongswan: include directives error and ikev2 + * Fix typo in debconf templates. + Closes: #587564: strongswan: Minor typos in Debconf template + * Updated debconf translations. + Closes: #587562: strongswan: [INTL:de] updated German debconf translation + Closes: #580954: [INTL:es] Spanish debconf template translation for + strongswan + + -- Rene Mayrhofer <rmayr@debian.org> Mon, 09 Aug 2010 11:37:25 +0200 + +strongswan (4.4.0-3) unstable; urgency=low + + * Updated debconf translations. + Closes: #587562: strongswan: [INTL:de] updated German debconf translation + + -- Rene Mayrhofer <rmayr@debian.org> Wed, 30 Jun 2010 09:50:31 +0200 + +strongswan (4.4.0-2) unstable; urgency=low + + * Force enable-socket-raw configure option and enable list-missing option + for dh_install to make sure that all required plugins get built and + installed. + Closes: #587282: plugins missing + * Updated debconf translations. + Closes: #587052: strongswan: [INTL:fr] French debconf templates + translation update + Closes: #587159: strongswan: [INTL:ru] Russian debconf templates + translation update + Closes: #587255: strongswan: [INTL:pt] Updated Portuguese + translation for debconf messages + Closes: #587241: [INTL:sv] po-debconf file for strongswan + * Disabled cisco-quirks configure option, as it causes pluto to emit a + bogus Cicso vendor ID attribute. Some Cicso VPN clients might not work + without this, but it is less confusing for standards-compliant remote + gateways. + * Removed leftover attribute plugin source caused by incomplete svn-upgrade + call. + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 24 Jun 2010 22:32:18 +0200 + +strongswan (4.4.0-1) unstable; urgency=HIGH + + * New upstream release, now with a high-availability plugin. + * Added patch to fix snprintf bug. + * Enable building of ha, dhcp, and farp plugins. + * Enable capability dropping (now depends on libcap). Switching + user to new system user strongswan (with nogroup) after startup + is still disabled until the iptables updown script can be made + to work. + + -- Rene Mayrhofer <rmayr@debian.org> Tue, 25 May 2010 21:03:52 +0200 + +strongswan (4.3.6-1) unstable; urgency=low + + * UNRELEASED + + * New upstream release, now build-depends on gperf. + Closes: #577855: New upstream release 4.3.6 + Closes: #569553: strongswan: Certificates CNs containing email address + OIDs are not correctly parsed + Closes: #557635: strongswan charon does not rekey forever + Closes: #569299: Please update configure check to use new nm-glib + pkgconfig file name + * Switch to dpkg-source 3.0 (quilt) format + * Synchronize debconf handling with current openswan 2.6.25 package to keep + X509 certificate handling etc. similar. Thanks to Harald Jenny for + implementing these changes in openswan, which I just converted to + strongswan. + * Now also build a strongswan-dbg package to ship debugging symbols. + * Include attr plugin in strongswan-ikev2 package. Thanks to Christoph Lukas + for pointing out that this was missing. + Closes: #569550: strongswan: Please include attr plugin + + -- Rene Mayrhofer <rmayr@debian.org> Tue, 23 Feb 2010 10:39:21 +0000 + +strongswan (4.3.4-1) unstable; urgency=low + + * New upstream release. + * This release supports integrity checking of libraries, which is + now enabled at build-time and can be enabled at run-time using + libstrongswan { + integrity_test = yes + } + in /etc/strongswan.conf. + * Don't disable internal crypto libraries for pluto. They might be + required when working with older ipsec.conf files. + * charon now supports "include" directives in ipsec.secrets for + compatibility with how the maintainer script includes RSA private keys. + * Patched starter to also look at routing table "default" when table + "main" doesn't have a default entry. This makes dealing with + "%defaulroute" in ipsec.conf more flexible. + Update: It seems Astaro was quicker then me sending a patch with + exactly that aim to upstream. Now applied this one, which will be + part of future upstream releases and uses netlink to read routing + tables. + + -- Rene Mayrhofer <rmayr@debian.org> Wed, 21 Oct 2009 11:14:56 +0000 + +strongswan (4.3.2-1) unstable; urgency=HIGH + + Urgency high because of security issue and FTBFS. + * New upstream release, fixes security bug. + * Fix padlock handling for i386 in debian/rules. + Closes: #525652 (FTBFS on i386) + * Acknowledge NMUs by security team. + Closes: #533837, #531612 + * Add "Conflicts: strongswan (< 4.2.12-1)" to libstrongswan, + strongswan-starter, strongswan-ikev1, and strongswan-ikev2 to force + update of the strongswan package on installation and avoid conflicts + caused by package restructuring. + Closes: #526037: strongswan-ikev2 and strongswan: error when trying to + install together + Closes: #526486: strongswan and libstrongswan: error when trying to + install together + Closes: #526487: strongswan-ikev1 and strongswan: error when trying to + install together + Closes: #526488: strongswan-starter and strongswan: error when trying to + install together + * Debconf templates and debian/control reviewed by the debian-l10n- + english team as part of the Smith review project. Closes: #528073 + * Debconf translation updates: + Closes: #525234: [INTL:ja] Update po-debconf template translation (ja.po) + Closes: #528323: [INTL:sv] po-debconf file for strongswan + Closes: #528370: [INTL:vi] Vietnamese debconf templates translation update + Closes: #529027: [INTL:pt] Updated Portuguese translation for debconf messages + Closes: #529071: [INTL:fr] French debconf templates translation update + Closes: #529592: nb translation of debconf PO for strongSWAN + Closes: #529638: [INTL:ru] Russian debconf templates translation + Closes: #529661: Updated Czech translation of strongswan debconf messages + Closes: #529742: [INTL:eu] strongswan debconf basque translation + Closes: #530273: [INTL:fi] Finnish translation of the debconf templates + Closes: #529063: [INTL:gl] strongswan 4.2.14-2 debconf translation update + + -- Rene Mayrhofer <rmayr@debian.org> Sat, 18 Apr 2009 20:28:51 +0200 + +strongswan (4.2.14-1.2) unstable; urgency=high + + * Non-maintainer upload. + * Fix build on i386 + Closes: #525652: FTBFS on i386: + libstrongswan-padlock.so*': No such file or directory + * Fix Two Denial of Service Vulnerabilities + Closes: #533837: strongSwan Two Denial of Service Vulnerabilities + + -- Ruben Puettmann <ruben@puettmann.net> Sun, 21 Jun 2009 17:50:02 +0200 + +strongswan (4.2.14-1.1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Fix two possible null pointer dereferences leading to denial + of service via crafted IKE_SA_INIT, CREATE_CHILD_SA or + IKE_AUTH request (CVE-2009-1957; CVE-2009-1958; Closes: #531612). + + -- Nico Golde <nion@debian.org> Mon, 15 Jun 2009 13:06:05 +0200 + +strongswan (4.2.14-1) unstable; urgency=low + + * New upstream release, which incorporates the fix. Removed dpatch for it. + Closes: #521950: CVE-2009-0790: DoS + * New support for EAP RADIUS authentication, enabled for this package. + + -- Rene Mayrhofer <rmayr@debian.org> Wed, 01 Apr 2009 22:17:52 +0200 + +strongswan (4.2.13-2) unstable; urgency=low + + * Fix DoS issue via malicious Dead Peer Detection packet. Thanks to the + security team for providing the patch. + Closes: #521950: CVE-2009-0790: DoS + Gerd v. Egidy discovered that the Pluto IKE daemon in openswan is prone + to a denial of service attack via a malicious packet. + + -- Rene Mayrhofer <rmayr@debian.org> Tue, 31 Mar 2009 12:00:51 +0200 + +strongswan (4.2.13-1) unstable; urgency=low + + * New upstream release. This is now compatible with network-manager 0.7 + in Debian, so start building the strongswan-side support. The actual + plugin will need to be another source package. + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 22 Mar 2009 10:59:31 +0100 + +strongswan (4.2.12-1) unstable; urgency=low + + * New upstream release. Starting with this version, the strongswan + packages is modularized and includes support for plugins like the + NetworkManager plugin. Many details were adopted from Martin Willi's + packages. + * Dropping support for raw RSA public/private keypairs, as charon does + not support it. + * Explicitly remove directories /etc/ipsec.d and /var/run/pluto on purge. + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 01 Mar 2009 10:46:08 +0000 + +strongswan (4.2.9-1) unstable; urgency=low + + * New upstream release, fixes a MOBIKE issue. + Closes: #507542: strongswan: endless loop + * Explicitly enable compilation with libcurl for CRL fetching + Closes: #497756: strongswan: not compiled with curl support; crl + fetching not available + * Enable compilation with SSH agent support. + + -- Rene Mayrhofer <rmayr@debian.org> Fri, 05 Dec 2008 17:21:42 +0100 + +strongswan (4.2.4-5) unstable; urgency=high + + Reason for urgency high: this is potentially security relevant. + * Patch backported from 4.2.7 to fix a potential DoS issue. + Thanks to Thomas Kallenberg for the patch. + + -- Rene Mayrhofer <rmayr@debian.org> Mon, 29 Sep 2008 10:35:30 +0200 + +strongswan (4.2.4-4) unstable; urgency=low + + * Tweaked configure options for lenny to remove somewhat experimental, + incomplete, or unnecessary features. Removed --enable-xml, + --enable-padlock, and --enable-manager and added --disable-aes, + --disable-des, --disable-fips-prf, --disable-gmp, --disable-md5, + --disable-sha1, and --disable-sha2 because openssl already + contains this code, we depend on it and thus don't need it twice. + Padlock support does not do much, because the bulk encryption uses + it anyway (being done internally in the kernel) and using padlock + for IKEv2 key agreement adds complexity for little gain. + Thanks to Thomas Kallenberg of strongswan upstream team for + suggesting these changes. The package is now noticable smaller. + * Also remove dbus dependency, which is no longer necessary. + + -- Rene Mayrhofer <rmayr@debian.org> Mon, 01 Sep 2008 08:59:10 +0200 + +strongswan (4.2.4-3) unstable; urgency=low + + * Changed configure option to build peer-to-peer service again. + Closes: #494678: strongswan: configure option --enable-p2p changed to + --enable-mediation + + -- Rene Mayrhofer <rmayr@debian.org> Tue, 12 Aug 2008 20:08:26 +0200 + +strongswan (4.2.4-2) unstable; urgency=medium + + Urgency medium because this fixes an FTFBS bug on non-i386. + * Only compile padlock crypto acceleration support for i386. Thanks for + the patch! + Closes: #492455: strongswan: FTBFS: Uses i386 assembler on non-i386 + arches. + * Updated Swedish debconf translation. + Closes: #492902: [INTL:sv] po-debconf file for strongswan + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 07 Aug 2008 13:02:54 +0200 + +strongswan (4.2.4-1) unstable; urgency=medium + + Urgency medium because this new upstream versions no longer uses + dbus and thus fixed the grave bug from the last Debian package. This + version should transit to testing. + * New upstream release. Starting with version 4.2.0, crypto algorithms have + beeen modularized with existing code ported over. Among other improvments, + this version now supports AES-CCM (e.g. with esp=aes128ccm12) and AES-GCM + (e.g. with esp=aes256gcm16) starting with kernel 2.6.25 and enables dead + peer detection by default. + Note that charon (IKEv2) now uses the new /etc/strongswan.conf. + * Enabled building of VIA Padlock and openssl crypto plugins. + * Drop patch to rename AES_cbc_encrypt so as not to conflict with an + openssl method of the same name. This has been applied upstream. + * This new upstream version no longer uses dbus. + Closes: #475098: charon needs dbus but strongswan does not depend on dbus + Closes: #475099: charon does not work any more + * This new upstream version no longer prints error messages in its + init script. + Closes: #465718: strongswan: startup on booting returns error messages + * Apply patch to ipsec init script to fix bashism. + Closes: #473703: strongswan: bashism in /bin/sh script + * Updated Czech debconf translation. + Closes: #480928: [l10n] Updated Czech translation of strongswan debconf + messages + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 10 Jul 2008 14:40:43 +0200 + +strongswan (4.1.11-1) unstable; urgency=low + + * New upstream release. + * DBUS support now interacts with network-manager, so need to build-depend + on network-manager-dev. + * The web interface has been improved and now requires libfcgi-dev and + clearsilver-dev to compile, so build-depend on them. Also build-depend + on libxml2-dev, libdbus-1-dev, libtool, and libsqlite3-dev (which were + all build-deps before but were not listed explicitly so far - fix that). + * Add patch to rename internal AES_cbc_encrypt function and thus avoid + conflict with the openssl function. + Closes: #470721: pluto segfaults when using pkcs11 library linked with + OpenSSL + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 30 Mar 2008 10:35:16 +0200 + +strongswan (4.1.10-2) unstable; urgency=low + + * Enable new configure options: dbus, xml, nonblocking, thread, peer- + to-peer NAT-traversal and the manager interface support. + * Also set the default path to the opensc-pkcs11 engine explicitly. + + -- Rene Mayrhofer <rmayr@debian.org> Fri, 15 Feb 2008 10:25:49 +0100 + +strongswan (4.1.10-1) unstable; urgency=low + + * New upstream release. + Closes: #455711: New upstream version 4.1.9 + * Updated Japanese debconf translation. + Closes: #463321: strongswan: [INTL:ja] Update po-debconf template + translation (ja.po) + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 07 Feb 2008 15:15:14 +0100 + +strongswan (4.1.8-3) unstable; urgency=low + + * Force use of hardening-wrapper when building the package by setting + a Build-Dep to it and setting export DEB_BUILD_HARDENING=1 in + debian/rules. + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 07 Feb 2008 14:14:48 +0100 + +strongswan (4.1.8-2) unstable; urgency=medium + + * Ship our own init script, since upstream no longer does. This is still + installed as /etc/init.d/ipsec (and not /etc/init.d/strongswan) to be + backwards compatible. + Really closes: #442880: strongswan: postinst failure (missing + /etc/init.d/ipsec) + * Actually, need to be smarter with ipsec.conf and ipsec.secrets. Not + marking them as conffiles isn't the right thing either. Instead, now + use the includes feature to pull in config snippets that are + modified by debconf. It's not perfect, though, as the IKEv1/IKEv2 + protocols can't be enabled/disabled with includes. Therefore don't + support this option in debconf for the time being, but default to + enabled for both IKE versions. The files edited with debconf are kept + under /var/lib/strongswan. + * Cleanup debian/rules: no longer need to remove leftover files from + patching, as currently there are no Debian-specific patches (fortunately). + * More cleanup: drop debconf translations hack for woody compatibility, + depend on build-stamp instead of build in the install-strongswan target, + and remove the now unnecessary dh_clean -k call in install-strongswan so + that configure shouldn't run twice during building the package. + * Update French debconf translation. + Closes: #448327: strongswan: [INTL:fr] French debconf templates + translation update + + -- Rene Mayrhofer <rmayr@debian.org> Fri, 02 Nov 2007 21:55:29 +0100 + +strongswan (4.1.8-1) unstable; urgency=low + + The "I'm back from my long semi-vacation, and strongswan is now bug-free + again" release. + * New upstream release. + Closes: #442880: strongswan: postinst failure (missing /etc/init.d/ipsec) + Closes: #431874: strongswan - FTBFS: cannot create regular file + `/etc/ipsec.conf': Permission denied + * Explicitly use debhalper compatbility version 5m now using debian/compat + instead of DH_COMPAT. + * Since there's no configurability in dh_installdeb's mania to flag + everything below /etc as a conffile, now hack DEBIAN/conffiles directly + to remove ipsec.conf and ipsec.secrets. + Closes: #442929: strongswan: Maintainer script modifies conffiles + * Add/update debconf translations. + Closes: #432189: strongswan: [INTL:de] updated German debconf translation + Closes: #432212: [l10n] Updated Czech translation of strongswan debconf + messages + Closes: #432642: strongswan: [INTL:fr] French debconf templates + translation update + Closes: #444710: strongswan: [INTL:pt] Updated Portuguese translation for + debconf messages + + -- Rene Mayrhofer <rmayr@debian.org> Fri, 26 Oct 2007 16:16:51 +0200 + +strongswan (4.1.4-1) unstable; urgency=low + + * New upstream release. + * Fixed debconf descriptions. + Closes: #431157: strongswan: Minor errors in Debconf template + * Include Portugese and + Closes: #415178: strongswan: [INTL:pt] Portuguese translation for debconf + messages + Closes: #431154: strongswan: [INTL:de] initial German debconf translation + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 05 Jul 2007 00:53:01 +0100 + +strongswan (4.1.3-1) unreleased; urgency=low + + * New upstream release. + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 03 Jun 2007 18:39:11 +0100 + +strongswan (4.1.1-1) unreleased; urgency=low + + Major new upstream release: + * IKEv2 support with the new "charon" daemon in addition to the old "pluto" + which is still used for IKEv1. + * Switches to auto* tools build system. + * The postinst script is still not quite as complete in updating the 2.8.x + config automatically to a new 4.x config, but I don't want to wait any + longer with the upload. It can be improved later on. + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 12 Apr 2007 21:33:56 +0100 + +strongswan (2.8.3-1) unstable; urgency=low + + * New upstream release with fixes for the SHA-512-HMAC function and + added SHA-384 and SHA-2 implementations. + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 22 Feb 2007 20:19:45 +0000 + +strongswan (2.8.2-1) unstable; urgency=low + + * New upstream release with interoperability fixes for some VPN + clients. + + -- Rene Mayrhofer <rmayr@debian.org> Tue, 30 Jan 2007 12:21:20 +0000 + +strongswan (2.8.1+dfsg-1) unstable; urgency=low + + * New upstream release, now with XAUTH support. + * Explicitly enable smartcard and vendorid options as well as a + few more in debian/rules. + Closes: #407449: strongswan: smartcard support is disabled + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 28 Jan 2007 21:06:25 +0000 + +strongswan (2.8.1-1) UNRELEASED; urgency=low + + * New upstream release. + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 28 Jan 2007 20:59:11 +0000 + +strongswan (2.8.0+dfsg-1) unstable; urgency=low + + * New upstream release. + * Update debconf templates. + Closes: #388672: strongswan: [INTL:fr] French debconf templates + translation update + Closes: #389253: [l10n] Updated Czech translation of strongswan + debconf messages + Closes: #391457: [INTL:nl] Updated dutch po-debconf translation + Closes: #396179: strongswan: [INTL:ja] Updated Japanese po-debconf + template translation (ja.po) + * Fix broken reference to a now non-existing config file. no_oe.conf + has been replaced by oe.conf, with the opposite meaning. Changed + postinst to deal with it correctly now, and also try to convert + older config file lines to newer (e.g. when updating from openswan + to strongswan). + Closes: #391565: fails to start : /etc/ipsec.conf:46: include + files found no matches + [/etc/ipsec.d/examples/no_oe.conf] + + -- Rene Mayrhofer <rmayr@debian.org> Mon, 6 Nov 2006 19:01:58 +0000 + +strongswan (2.7.3+dfsg-1) unstable; urgency=low + + * New upstream release. Another try on getting it into unstable. + Closes: #372267: ITP: strongswan -- second fork of freeswan. + * Call debian-updatepo in the clean target, in line with the openswan + change for its version 2.4.6+dfsg-1. + * Remove man2html, htmldoc, and lynx from the Build-Deps because we no + longer rebuild the documentation tree. + * Starting shipping a lintian overrides file to finally silence the + warnings about non-standard-(file|dir)-perms (they are intentional). + * Clean up /usr/lib/ipsec somehow, again owing to lintian warnings. + * Add po-debconf to build dependencies. + + -- Rene Mayrhofer <rmayr@debian.org> Wed, 23 Aug 2006 21:23:36 +0100 + +strongswan (2.7.2+dfsg-1) unstable; urgency=low + + * First upload to the main Debian archive. This does no longer build + the linux-patch-strongswan and strongswan-modules-source packages, + as KLIPS will be removed from the strongswan upstream source anyway + for the next major release. However, the openswan KLIPS could should + be interoperable with strongswan user space. + Closes: #372267: ITP: strongswan -- second fork of freeswan. + * This upload removes the draft RFCs, as they are not considered free under + the DFSG. + + -- Rene Mayrhofer <rmayr@debian.org> Sun, 9 Jul 2006 12:40:34 +0100 + +strongswan (2.7.2-1) unstable; urgency=low + + * New upstream release. This release fixes a potential DoS problem. + + -- Rene Mayrhofer <rmayr@debian.org> Mon, 26 Jun 2006 12:34:43 +0100 + +strongswan (2.7.0-1) unstable; urgency=low + + * Initial Debian packaging of strongswan. This is directly based on my + Debian package of openswan 2.4.5-3. + * Do not compile and ship fswcert right now, because it is not included + in strongswan upstream. If it turns out to be necessary for supporting + easy-to-use OE in the future (i.e. for generating the DNS format for the + public keys from generated X.509 certificates), I will re-add it to the + Debian package. + * Also disabled my patches to use /etc/default instead of /etc/sysconfig for + now. Something like that will be necessary in the future, but those parts + of strongswan differ significanty from openswan. + + -- Rene Mayrhofer <rmayr@debian.org> Mon, 22 May 2006 07:37:00 +0100 + +Local variables: +mode: debian-changelog +End: diff --git a/debian/compat b/debian/compat new file mode 100644 index 000000000..7f8f011eb --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +7 diff --git a/debian/control b/debian/control new file mode 100644 index 000000000..dff3d1b61 --- /dev/null +++ b/debian/control @@ -0,0 +1,121 @@ +Source: strongswan +Section: net +Priority: optional +Maintainer: Rene Mayrhofer <rmayr@debian.org> +Standards-Version: 3.9.1 +Vcs-Browser: http://wiki.strongswan.org/repositories/show/strongswan +Vcs-Git: http://wiki.strongswan.org/repositories/show/strongswan +Build-Depends: debhelper (>= 7.1), libtool, libgmp3-dev, + libssl-dev (>= 0.9.8), libcurl4-openssl-dev | libcurl3-dev | libcurl2-dev, + libopensc2-dev | libopensc1-dev | libopensc0-dev, libldap2-dev, + libpam0g-dev, libkrb5-dev, bison, flex, bzip2, po-debconf, + hardening-wrapper, network-manager-dev, libfcgi-dev, clearsilver-dev, + libxml2-dev, libsqlite3-dev, network-manager-dev (>= 0.7), + libnm-glib-vpn-dev (>= 0.7), libnm-util-dev (>= 0.7), + gperf, libcap-dev +Homepage: http://www.strongswan.org + +Package: strongswan +Architecture: all +Depends: ${misc:Depends}, strongswan-ikev1, strongswan-ikev2 +Suggests: network-manager-strongswan +Description: IPsec VPN solution metapackage + The strongSwan VPN suite is based on the IPsec stack in standard Linux 2.6 + kernels. It supports both the IKEv1 and IKEv2 protocols. + . + StrongSwan is one of the two remaining forks of the original FreeS/WAN + project and focuses on IKEv2 support, X.509 authentication and complete PKI + support. For a focus on Opportunistic Encryption (OE) and interoperability + with non-standard IPsec features, see Openswan. + . + This metapackage installs the packages required to maintain IKEv1 and IKEv2 + connections via ipsec.conf or ipsec.secrets. + +Package: libstrongswan +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, openssl +Conflicts: strongswan (<< 4.2.12-1) +Description: strongSwan utility and crypto library + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + This package provides the underlying library of charon and other strongSwan + components. It is built in a modular way and is extendable through various + plugins. + +Package: strongswan-dbg +Architecture: any +Section: debug +Priority: extra +Depends: ${misc:Depends}, strongswan, libstrongswan +Description: strongSwan library and binaries - debugging symbols + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + This package provides the symbols needed for debugging of strongswan. + +Package: strongswan-starter +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan, strongswan-ikev1 | strongswan-ikev2 +Conflicts: strongswan (<< 4.2.12-1) +Description: strongSwan daemon starter and configuration file parser + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + The starter and the associated "ipsec" script control both pluto and charon + from the command line. It parses ipsec.conf and loads the configurations to + the daemons. While the IKEv2 daemon can use other configuration backends, the + IKEv1 daemon is limited to configurations from ipsec.conf. + +Package: strongswan-ikev1 +Architecture: any +Pre-Depends: debconf | debconf-2.0 +Depends: ${shlibs:Depends}, ${misc:Depends}, strongswan-starter, bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute +Suggests: curl +Provides: ike-server +Conflicts: freeswan (<< 2.04-12), openswan, strongswan (<< 4.2.12-1) +Replaces: openswan +Description: strongSwan Internet Key Exchange (v1) daemon + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + Pluto is an IPsec IKEv1 daemon. It was inherited from the FreeS/WAN + project, but provides improved X.509 certificate support and other features. + . + Pluto can run in parallel with charon, the newer IKEv2 daemon. + +Package: strongswan-ikev2 +Architecture: any +Pre-Depends: debconf | debconf-2.0 +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan, strongswan-starter | strongswan-nm, bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute +Suggests: curl +Provides: ike-server +Conflicts: freeswan (<< 2.04-12), openswan, strongswan (<< 4.2.12-1) +Description: strongSwan Internet Key Exchange (v2) daemon + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + Charon is an IPsec IKEv2 daemon. It is + written from scratch using a fully multi-threaded design and a modular + architecture. Various plugins provide additional functionality. + . + This build of charon can run in parallel with pluto, the IKEv1 daemon. + +Package: strongswan-nm +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, strongswan-ikev2 +Recommends: network-manager-strongswan +Description: strongSwan plugin to interact with NetworkManager + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + This plugin provides an interface which allows NetworkManager to configure + and control the IKEv2 daemon directly through D-Bus. It is designed to work + in conjunction with the network-manager-strongswan package, providing + a simple graphical frontend to configure IPsec based VPNs. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 000000000..d0bd31ab9 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,418 @@ +This package was debianized by Rene Mayrhofer <rene.mayrhofer@gibraltar.at> on +Thu, 10 Aug 2000 10:50:33 +0200. + +The Debian package was created from scratch with some hints taken from +previous freeswan packages by Tommi Virtanen and Aaron Johnson. +The upstream software was downloaded from http://www.freeswan.org/ + +After the FreeS/WAN folks decided to cease development, we used the forked +code base at http://www.strongswan.org/. + +This project has multiple authors, please see the file CREDITS for details. +However, all of the code is DFSG-free and, since 2002-09-16, +the LICENSE file in the upstream distribution includes a special GPL addition +to allow linking with libdes (which contains an advertising clause). +This LICENSE file was added to the Debian package of freeswan version 1.98b +by me, but has been authorized by Michael Richardson of freeswan upstream +(who sent the file to a mailing list). + +The contents of this LICENSE file are: +------------------------------------------------------------------------------ +Except for the DES library, this software is under the GNU Public License, +see the file COPYING. + +The DES library is under a BSD style license, see + linux/crypto/ciphers/des/COPYRIGHT. +Note that this software has a advertising clause in it. + +In addition to the terms set out under the GPL, permission is granted to +link the software against the libdes library just mentioned. +------------------------------------------------------------------------------ +A copy of this COPYRIGHT file can be found below, starting with the copyright +by Eric Young. + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + +Rene Mayrhofer, 2006-08-25 + + + +These are various licenses from the code: + +--8<-- + * Copyright (C) 1996, 1997 John Ioannidis. + * Copyright (C) 1998, 1999 Richard Guy Briggs. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. +--8<-- + +The source tarball also includes several miscellanous libraries. + + + +An MD5 implementation: + +--8<-- +The MD5 implementation is from RSADSI, so this package must include the +following phrase: "derived from the RSA Data Security, Inc. MD5 +Message-Digest Algorithm". It is not under the GPL; see details in +klips/net/ipsec/ipsec_md5c.c. +--8<-- + +--8<-- +/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm + */ + +/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All +rights reserved. + +License to copy and use this software is granted provided that it +is identified as the "RSA Data Security, Inc. MD5 Message-Digest +Algorithm" in all material mentioning or referencing this software +or this function. + +License is also granted to make and use derivative works provided +that such works are identified as "derived from the RSA Data +Security, Inc. MD5 Message-Digest Algorithm" in all material +mentioning or referencing the derived work. + +RSA Data Security, Inc. makes no representations concerning either +the merchantability of this software or the suitability of this +software for any particular purpose. It is provided "as is" +without express or implied warranty of any kind. + +These notices must be retained in any copies of any part of this +documentation and/or software. + */ +--8<-- + + + +An implementation of DES: + +--8<-- +The LIBDES library by Eric Young is used. It is not under the GPL -- see +details in libdes/COPYRIGHT -- although he has graciously waived the +advertising clause for FreeS/WAN use of LIBDES. +--8<-- + +--8<-- +Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +All rights reserved. + +This package is an DES implementation written by Eric Young (eay@cryptsoft.com). +The implementation was written so as to conform with MIT's libdes. + +This library is free for commercial and non-commercial use as long as +the following conditions are aheared to. The following conditions +apply to all code found in this distribution. + +Copyright remains Eric Young's, and as such any Copyright notices in +the code are not to be removed. +If this package is used in a product, Eric Young should be given attribution +as the author of that the SSL library. This can be in the form of a textual +message at program startup or in documentation (online or textual) provided +with the package. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by Eric Young (eay@cryptsoft.com) + +THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +The license and distribution terms for any publically available version or +derivative of this code cannot be changed. i.e. this code cannot simply be +copied and put under another distrubution license +[including the GNU Public License.] + +The reason behind this being stated in this direct manner is past +experience in code simply being copied and the attribution removed +from it and then being distributed as part of other packages. This +implementation was a non-trivial and unpaid effort. +--8<-- + +--8<-- +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +--8<-- + +An implementation of SHA-1: + +--8<-- +The SHA-1 code is derived from Steve Reid's; it is public domain. +--8<-- + +--8<-- +/* + * The rest of the code is derived from sha1.c by Steve Reid, which is + * public domain. + * Minor cosmetic changes to accommodate it in the Linux kernel by ji. + */ +--8<-- + + + +Portions of Linux kernel source code: + +--8<-- +Some bits of Linux code, notably drivers/net/new_tunnel.c and net/ipv4/ipip.c, +are used in heavily modified forms. +--8<-- + +The Linux kernel is licensed under the Gnu General Public License. + + + +Radix-tree library: + +--8<-- +The radix-tree code from 4.4BSD is used in a modified form. It is not +under the GPL; see details in klips/net/ipsec/radij.c. +--8<-- + +--8<-- +/* + * Copyright (c) 1988, 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)radix.c 8.2 (Berkeley) 1/4/94 + */ +--8<-- + + +The license from the OpenSSL code that is included in the extension algorithm +patch (the kernel-patch-freeswan-ext package): + +--8<-- + The OpenSSL toolkit stays under a dual license, i.e. both the conditions of + the OpenSSL License and the original SSLeay license apply to the toolkit. + See below for the actual license texts. Actually both licenses are BSD-style + Open Source licenses. In case of any license issues related to OpenSSL + please contact openssl-core@openssl.org. + + OpenSSL License + --------------- + +/* ==================================================================== + * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + Original SSLeay License + ----------------------- + +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +--8<-- diff --git a/debian/info b/debian/info new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/debian/info diff --git a/debian/ipsec.secrets.proto b/debian/ipsec.secrets.proto new file mode 100644 index 000000000..0fe54b65d --- /dev/null +++ b/debian/ipsec.secrets.proto @@ -0,0 +1,11 @@ +# This file holds shared secrets or RSA private keys for inter-Pluto +# authentication. See ipsec_pluto(8) manpage, and HTML documentation. + +# RSA private key for this host, authenticating it to any other host +# which knows the public part. Suitable public keys, for ipsec.conf, DNS, +# or configuration of other implementations, can be extracted conveniently +# with "ipsec showhostkey". + +# this file is managed with debconf and will contain the automatically created private key +include /var/lib/strongswan/ipsec.secrets.inc + diff --git a/debian/libstrongswan.dirs b/debian/libstrongswan.dirs new file mode 100644 index 000000000..0a2e0a6f0 --- /dev/null +++ b/debian/libstrongswan.dirs @@ -0,0 +1,5 @@ +/etc/logcheck/ignore.d.paranoid +/etc/logcheck/ignore.d.server +/etc/logcheck/ignore.d.workstation +/etc/logcheck/violations.ignore.d +/usr/share/lintian/overrides diff --git a/debian/libstrongswan.install b/debian/libstrongswan.install new file mode 100644 index 000000000..9b6a10b3e --- /dev/null +++ b/debian/libstrongswan.install @@ -0,0 +1,31 @@ +usr/lib/libstrongswan.so* usr/lib/ +usr/lib/libhydra.so* usr/lib/ +usr/lib/libfast.so* usr/lib/ +usr/lib/ipsec/libchecksum.so* usr/lib/ipsec/ +usr/lib/ipsec/plugins/libstrongswan-gmp.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-openssl.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-x509.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-pgp.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-pem.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-pkcs1.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-pubkey.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-hmac.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-xcbc.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-random.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-aes.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-des.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-xcbc.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-md5.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-sha1.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-sha2.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-dhcp.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-dnskey.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-farp.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-fips-prf.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-resolve.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-sql.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-ha.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-xauth.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-revocation.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-test-vectors.so* usr/lib/ipsec/plugins/ +etc/strongswan.conf etc/ diff --git a/debian/libstrongswan.lintian-overrides b/debian/libstrongswan.lintian-overrides new file mode 100644 index 000000000..eec04b42c --- /dev/null +++ b/debian/libstrongswan.lintian-overrides @@ -0,0 +1,2 @@ +libstrongswan: package-name-doesnt-match-sonames libchecksum libfast0 libhydra0 libstrongswan0 +libstrongswan: possible-gpl-code-linked-with-openssl diff --git a/debian/logcheck.ignore.paranoid b/debian/logcheck.ignore.paranoid new file mode 100644 index 000000000..ca6c97dde --- /dev/null +++ b/debian/logcheck.ignore.paranoid @@ -0,0 +1,20 @@ +ipsec_setup: KLIPS debug \`none\' +ipsec_setup: Stopping FreeS/WAN IPsec\.\.\. +ipsec_setup: stop ordered +ipsec_setup: doing cleanup anywan... +ipsec_setup: \.\.\.FreeS/WAN IPsec stopped +ipsec_setup: Starting FreeS/WAN IPsec +ipsec_setup: \.\.\.FreeS/WAN IPsec started +ipsec_plutorun: .*: initiate +pluto.*: deleting state +pluto.*: forgetting secrets +pluto.*: shutting down +pluto.*: \| +pluto.*: .* bytes loaded +pluto.*: including X\.509 patch +pluto.*: Loading my X\.509 certificate +pluto.*: Starting pluto +pluto.*: adding interface +pluto.*: listening for IKE messages +pluto.*: loading secrets +pluto.*: regenerating DH private secret diff --git a/debian/logcheck.ignore.server b/debian/logcheck.ignore.server new file mode 100644 index 000000000..7ab04c524 --- /dev/null +++ b/debian/logcheck.ignore.server @@ -0,0 +1,25 @@ +ipsec_setup: KLIPS debug \`none\' +ipsec_setup: Stopping FreeS/WAN IPsec\.\.\. +ipsec_setup: stop ordered +ipsec_setup: doing cleanup anywan... +ipsec_setup: \.\.\.FreeS/WAN IPsec stopped +ipsec_setup: Starting FreeS/WAN IPsec +ipsec_setup: \.\.\.FreeS/WAN IPsec started +ipsec_plutorun: .*: initiate +pluto.*: deleting state +pluto.*: forgetting secrets +pluto.*: shutting down +pluto.*: \| +pluto.*: .* bytes loaded +pluto.*: including X\.509 patch +pluto.*: Loading my X\.509 certificate +pluto.*: Starting pluto +pluto.*: added connection description +pluto.*: adding interface +pluto.*: listening for IKE messages +pluto.*: loading secrets +pluto.*: .* SA established +pluto.*: .* SA expired +pluto.*: replacing stale .* SA +pluto.*: initiating Quick Mode +pluto.*: regenerating DH private secret diff --git a/debian/logcheck.violations.ignore b/debian/logcheck.violations.ignore new file mode 100644 index 000000000..1a190fc28 --- /dev/null +++ b/debian/logcheck.violations.ignore @@ -0,0 +1 @@ +ipsec_setup: KLIPS debug `none' diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/debian/patches/series diff --git a/debian/po/POTFILES.in b/debian/po/POTFILES.in new file mode 100644 index 000000000..d98f2ea90 --- /dev/null +++ b/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] strongswan-starter.templates diff --git a/debian/po/cs.po b/debian/po/cs.po new file mode 100644 index 000000000..abaab5d9a --- /dev/null +++ b/debian/po/cs.po @@ -0,0 +1,830 @@ +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: 2010-10-16 13:09+0200\n" +"Last-Translator: Miroslav Kure <kurem@debian.cz>\n" +"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n" +"Language: cs\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Stará správa běhových úrovní je překonána." + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Dřívější verze balíku strongSwan dávaly na výběr mezi třemi různými Start/" +"Stop úrovněmi. Díky změnám ve způsobu zavádění systému to již není nutné a " +"ani užitečné. Novým i stávajícím instalacím používajícím některou ze tří " +"předefinovaných úrovní budou nyní automaticky nastaveny rozumné výchozí " +"úrovně. Přecházíte-li z dřívější verze strongSwanu, u které jste si " +"upravovali startovací parametry, podívejte se prosím do souboru NEWS.Debian, " +"kde naleznete pokyny, jak si příslušně upravit nastavení." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Restartovat nyní strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" +"Restartování strongSwan je dobrý nápad, protože v případě, že aktualizace " +"obsahuje bezpečnostní záplatu, nebude tato funkční, dokud se démon " +"nerestartuje. Většina lidí s restartem daemona počítá, nicméně je možné, že " +"tím budou existující spojení ukončena a následně znovu nahozena. Pokud tuto " +"aktualizaci provádíte přes takovýto strongSwan tunel, restart nedoporučujeme." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Spustit strongSwan daemon IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pro podporu 1. verze protokolu Internet Key Exchange musí běžet daemon pluto." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Spustit strongSwan daemon IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pro podporu 2. verze protokolu Internet Key Exchange musí běžet daemon " +"charon." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Použít pro tento počítač certifikát X.509?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Pro tento počítač můžete automaticky vytvořit nebo importovat certifikát " +"X.509. Certifikát může být využit k autentizaci IPsec spojení na další " +"počítače a je upřednostňovaným způsobem pro sestavování bezpečných IPsec " +"spojení. Další možností autentizace je využití sdílených tajemství (hesel, " +"která jsou stejná na obou stranách tunelu), ale pro větší počet spojení je " +"RSA autentizace snazší na správu a mnohem bezpečnější." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Alternativně můžete tuto nabídku zamítnout a později se k ní vrátit příkazem " +"„dpkg-reconfigure strongswan“." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "vytvořit" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "importovat" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "Získání certifikátu X.509 pro autentizaci tohoto počítače:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"Pro autentizaci IPsec spojení můžete buď vytvořit nový certifikát X.509 na " +"základě zadaných parametrů, nebo můžete naimportovat veřejný/soukromý pár " +"klíčů uložený v PEM souboru." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Rozhodnete-li se pro vytvoření nového certifikátu X.509, budete nejprve " +"dotázáni na řadu otázek. Pokud chcete podepsat veřejný klíč stávající " +"certifikační autoritou, nesmíte zvolit certifikát podepsaný sám sebou a také " +"zadané odpovědi musí splňovat požadavky dané certifikační autority. " +"Nesplnění požadavků může vést k zamítnutí požadavku na certifikát." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Zvolíte-li import stávajícího veřejného/soukromého páru klíčů, budete " +"dotázáni na názvy souborů, ve kterých se klíče nachází (může se také jednat " +"o jediný soubor, protože obě části mohou ležet v jednom souboru). Volitelně " +"můžete také zadat jméno souboru s veřejným klíčem certifikační autority, ale " +"zde to již musí být jiný soubor. Mějte prosím na paměti, že certifikát X.509 " +"musí být ve formátu PEM a že soukromý klíč nesmí být zašifrován, jinak " +"import selže." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Jméno souboru s certifikátem X.509 ve formátu PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Zadejte cestu k souboru obsahujícímu váš certifikát X.509 ve formátu PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Jméno souboru se soukromým klíčem X.509 ve formátu PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Zadejte cestu k souboru obsahujícímu soukromý RSA klíč odpovídající vašemu " +"certifikátu X.509 ve formátu PEM. Může to být stejný soubor jako ten, ve " +"kterém se nachází certifikát X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Jméno souboru s kořenovou certifikační autoritou X.509 ve formátu PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Nyní můžete zadat cestu k souboru obsahujícímu certifikační autoritu X.509, " +"kterou používáte pro podpis svých certifikátů ve formátu PEM. Pokud takovou " +"certifikační autoritu nemáte, nebo ji nechcete použít, ponechte prázdné. " +"Kořenovou certifikační autoritu nelze uchovávat ve stejném souboru se " +"soukromým klíčem nebo certifikátem X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Zadejte délku vytvářeného RSA klíče:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Zadejte délku vytvářeného RSA klíče. Kvůli bezpečnosti by neměla být menší " +"než 1024 bitů a pravděpodobně nepotřebujete víc než 4096 bitů, protože to " +"již jen zpomaluje proces autentizace." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Vytvořit certifikát X.509 podepsaný sám sebou?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Tento instalátor může automaticky vytvořit pouze certifikát X509 podepsaný " +"sám sebou, jelikož v opačném případě je k podpisu certifikátu potřeba " +"certifikační autorita. Tento certifikát můžete ihned použít k připojení na " +"další počítače s IPsec, které podporují autentizaci pomocí certifikátu X509. " +"Nicméně chcete-li využít PKI možností strongSwanu, budete k vytvoření " +"důvěryhodných cest potřebovat podepsat všechny certifikáty X509 jedinou " +"certifikační autoritou." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Jestliže nechcete vytvořit certifikát podepsaný sebou samým, vytvoří se " +"pouze soukromý RSA klíč a požadavek na certifikát. Vy potom musíte podepsat " +"požadavek svou certifikační autoritou." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Kód státu pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Zadejte dvojpísmenný kód státu, ve kterém se server nachází (například „CZ“ " +"pro Českou republiku)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"Nezadáte-li platný kód země dle ISO-3166, OpenSSL odmítne certifikát " +"vygenerovat. Prázdné pole je dovoleno ve všech ostatních polích certifikátu " +"X.509 kromě tohoto." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Jméno země nebo oblasti pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Zadejte celé jméno země nebo oblasti, ve které se server nachází (například " +"„Morava“)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Jméno lokality pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Zadejte jméno lokality, ve které se server nachází (často město, například " +"„Olomouc“)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Název organizace pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "Zadejte název organizace, které server patří (například „Debian“)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Název organizační jednotky pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Zadejte název organizační jednotky, které server patří (například „oddělení " +"pro odhalování daňových úniků“)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Obecné jméno pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Zadejte obecné jméno (CN) tohoto počítače (například „cloud.example.org“)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "Emailová adresa pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Zadejte emailovou adresu osoby nebo organizace zodpovědné za certifikát " +"X.509." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Povolit oportunistické šifrování?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Tato verze strongSwan podporuje oportunistické šifrování (OE), které " +"uchovává autentizační informace IPsecu (např. veřejné RSA klíče) v DNS " +"záznamech. Dokud nebude tato schopnost více rozšířena, způsobí její aktivace " +"výrazné zpomalení každého nového odchozího spojení." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Oportunistické šifrování byste měli povolit pouze v případě, že ho opravdu " +"chcete. Při startu daemona pluto je možné, že se vaše probíhající spojení do " +"Internetu přeruší (přesněji přestane fungovat výchozí cesta)." + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Přejete si restartovat strongSwan?" + +#~ msgid "Please enter the location of your X509 certificate in PEM format:" +#~ msgstr "" +#~ "Zadejte cestu k souboru obsahujícímu váš certifikát X.509 ve formátu PEM." + +#~ msgid "Please enter the location of your X509 private key in PEM format:" +#~ msgstr "" +#~ "Zadejte cestu k souboru obsahujícímu váš certifikát X.509 ve formátu PEM." + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "You may now enter the location of your X509 RootCA in PEM format:" +#~ msgstr "" +#~ "Zadejte celou cestu k souboru obsahujícímu váš certifikát X.509 ve " +#~ "formátu PEM." + +#~ msgid "" +#~ "Please enter the 2 letter country code for your country. This code will " +#~ "be placed in the certificate request." +#~ msgstr "" +#~ "Zadejte dvoumístný ISO3166 kód své země. Tento kód bude umístěn do " +#~ "požadavku na certifikát." + +#~ msgid "Example: AT" +#~ msgstr "Příklad: CZ" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Příklad: Morava" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the locality (e.g. city) where you live. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Zadejte prosím organizaci pro kterou je certifikát vytvářen. Toto jméno " +#~ "bude umístěno do požadavku na certifikát." + +#~ msgid "Example: Vienna" +#~ msgstr "Příklad: Olomouc" + +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Zadejte prosím organizaci pro kterou je certifikát vytvářen. Toto jméno " +#~ "bude umístěno do požadavku na certifikát." + +#~ msgid "Example: Debian" +#~ msgstr "Příklad: Debian" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organizational unit (e.g. section) that the X509 " +#~ "certificate should be created for. This name will be placed in the " +#~ "certificate request." +#~ msgstr "" +#~ "Zadejte prosím organizaci pro kterou je certifikát vytvářen. Toto jméno " +#~ "bude umístěno do požadavku na certifikát." + +#~ msgid "Example: security group" +#~ msgstr "Příklad: bezpečnostní oddělení" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Příklad: gateway.debian.org" + +#~ msgid "earliest" +#~ msgstr "co nejdříve" + +#~ msgid "after NFS" +#~ msgstr "po NFS" + +#~ msgid "after PCMCIA" +#~ msgstr "po PCMCIA" + +#~ msgid "When to start strongSwan:" +#~ msgstr "Kdy spustit strongSwan:" + +#~ msgid "" +#~ "StrongSwan starts during system startup so that it can protect " +#~ "filesystems that are automatically mounted." +#~ msgstr "" +#~ "strongSwan se spouští při zavádění systému, takže může chránit " +#~ "automaticky připojované souborové systémy." + +#~ msgid "" +#~ " * earliest: if /usr is not mounted through NFS and you don't use a\n" +#~ " PCMCIA network card, it is best to start strongSwan as soon as\n" +#~ " possible, so that NFS mounts can be secured by IPSec;\n" +#~ " * after NFS: recommended when /usr is mounted through NFS and no\n" +#~ " PCMCIA network card is used;\n" +#~ " * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +#~ " network card or if it needs keys to be fetched from a locally running " +#~ "DNS\n" +#~ " server with DNSSec support." +#~ msgstr "" +#~ " * co nejdříve: pokud není /usr připojeno přes NFS a nepoužíváte\n" +#~ " síťovou kartu PCMCIA, je lepší spustit strongSwan co nejdříve,\n" +#~ " aby bylo NFS chráněno pomocí IPSec;\n" +#~ " * po NFS: doporučeno, pokud je /usr připojeno přes NFS a pokud\n" +#~ " nepoužíváte síťovou kartu PCMCIA;\n" +#~ " * po PCMCIA: doporučeno pokud IPSec spojení používá síťovou kartu\n" +#~ " PCMCIA, nebo pokud vyžaduje stažení klíčů z lokálně běžícího DNS\n" +#~ " serveru s podporou DNSSec." + +#~ msgid "" +#~ "If you don't restart strongSwan now, you should do so manually at the " +#~ "first opportunity." +#~ msgstr "" +#~ "Pokud nerestartujete strongSwan nyní, měli byste to provést při nejbližší " +#~ "příležitosti." + +#~ msgid "Create an RSA public/private keypair for this host?" +#~ msgstr "Vytvořit veřejný/soukromý pár RSA klíčů pro tento počítač?" + +#~ msgid "" +#~ "StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to " +#~ "authenticate IPSec connections to other hosts. RSA authentication is " +#~ "generally considered more secure and is easier to administer. You can use " +#~ "PSK and RSA authentication simultaneously." +#~ msgstr "" +#~ "strongSwan může pro autentizaci IPSec spojení s jinými počítači používat " +#~ "předsdílený klíč (PSK), nebo veřejný/soukromý pár RSA klíčů. RSA " +#~ "autentizace se považuje za bezpečnější a jednodušší na správu. " +#~ "Autentizace PSK a RSA můžete používat současně." + +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "Jestliže si nepřejete vytvořit nový pár klíčů pro tento počítač, můžete " +#~ "si v příštím kroku zvolit existující klíče." + +#~ msgid "" +#~ "The required information can automatically be extracted from an existing " +#~ "X.509 certificate with a matching RSA private key. Both parts can be in " +#~ "one file, if it is in PEM format. You should choose this option if you " +#~ "have such an existing certificate and key file and want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "Potřebné informace lze získat automaticky z existujícího certifikátu " +#~ "X.509 s odpovídajícím soukromým RSA klíčem. Jedná-li se o formát PEM, " +#~ "mohou být obě části v jednom souboru. Vlastníte-li takový certifikát a " +#~ "soubor s klíčem a chcete-li je použít pro autentizaci IPSec spojení, " +#~ "odpovězte kladně." + +#~ msgid "RSA key length:" +#~ msgstr "Délka RSA klíče:" + +#~ msgid "" +#~ "Please enter the length of RSA key you wish to generate. A value of less " +#~ "than 1024 bits is not considered secure. A value of more than 2048 bits " +#~ "will probably affect performance." +#~ msgstr "" +#~ "Zadejte prosím délku vytvářeného RSA klíče. Z důvodu bezpečnosti by " +#~ "neměla být menší než 1024 bitů. Hodnota větší než 2048 bitů může ovlivnit " +#~ "výkon." + +#~ msgid "" +#~ "Only self-signed X.509 certificates can be created automatically, because " +#~ "otherwise a certificate authority is needed to sign the certificate " +#~ "request." +#~ msgstr "" +#~ "Automaticky lze vytvořit pouze certifikát podepsaný sám sebou, protože " +#~ "jinak je zapotřebí certifikační autorita, která by podepsala požadavek na " +#~ "certifikát." + +#~ msgid "" +#~ "If you accept this option, the certificate created can be used " +#~ "immediately to connect to other IPSec hosts that support authentication " +#~ "via an X.509 certificate. However, using strongSwan's PKI features " +#~ "requires a trust path to be created by having all X.509 certificates " +#~ "signed by a single authority." +#~ msgstr "" +#~ "Odpovíte-li kladně, můžete nový certifikát ihned použít k připojení na " +#~ "další počítače s IPSec, které podporují autentizaci pomocí certifikátu " +#~ "X.509. Nicméně pro využití PKI možností ve strongSwanu je nutné, aby byly " +#~ "všechny certifikáty v cestě důvěry podepsány stejnou autoritou." + +#~ msgid "" +#~ "This field is mandatory; otherwise a certificate cannot be generated." +#~ msgstr "Toto pole je povinné, bez něj není možné certifikát vytvořit." + +#~ msgid "" +#~ "Please enter the locality name (often a city) that should be used in the " +#~ "certificate request." +#~ msgstr "" +#~ "Zadejte jméno lokality (např. města), které se má použít v požadavku na " +#~ "certifikát." + +#~ msgid "" +#~ "Please enter the organization name (often a company) that should be used " +#~ "in the certificate request." +#~ msgstr "" +#~ "Zadejte název organizace (firmy), který se má použít v požadavku na " +#~ "certifikát." + +#~ msgid "" +#~ "Please enter the organizational unit name (often a department) that " +#~ "should be used in the certificate request." +#~ msgstr "" +#~ "Zadejte název organizační jednotky (např. oddělení), který se má použít v " +#~ "požadavku na certifikát." + +#~ msgid "" +#~ "Please enter the common name (such as the host name of this machine) that " +#~ "should be used in the certificate request." +#~ msgstr "" +#~ "Zadejte běžné jméno (např. jméno počítače), které se má použít v " +#~ "požadavku na certifikát." + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "\"co nejdříve\", \"po NFS\", \"po PCMCIA\"" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Existují tři možnosti, kdy se dá strongSwan spouštět: před NFS službami, " +#~ "po NFS službách nebo po PCMCIA službách. Správná odpověď závisí na vašem " +#~ "konkrétním nastavení." + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Jestliže nemáte svůj strom /usr připojen skrz NFS (buď přes NFS " +#~ "připojujete jiné, ne tak důležité stromy, nebo NFS vůbec nepoužíváte) a " +#~ "nepoužíváte síťovou kartu PCMCIA, je nejlepší spouštět strongSwan co " +#~ "nejdříve, čímž umožníte aby byly NFS svazky chráněny pomocí IPSec. V " +#~ "takovém případě (nebo pokud si nejste jisti, nebo pokud vám na tom " +#~ "nezáleží) na otázku odpovězte „co nejdříve“ (výchozí)." + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Jestliže máte strom /usr připojen skrz NFS a nepoužíváte síťovou kartu " +#~ "PCMCIA, musíte spustit strongSwan po NFS, aby byly všechny potřebné " +#~ "soubory dostupné. V tomto případě na otázku odpovězte „po NFS“. Uvědomte " +#~ "si prosím, že v tomto případě nemůže být NFS svazek /usr chráněn pomocí " +#~ "IPSec." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Jestliže používáte PCMCIA síťovou kartu pro vaše IPSec připojení, pak je " +#~ "jedinou možností jej spustit po PCMCIA službách. V tom případě odpovězte " +#~ "„po PCMCIA“. Toto je také správná odpověď, pokud chcete získat klíče z " +#~ "lokálního DNS serveru s podporou DNSSec." + +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Přejete si podporu IKEv1?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan podporuje protokol Internet Key Exchange ve verzích 1 a 2 " +#~ "(IKEv1, IKEv2). Přejete si při startu strongSwanu spustit daemona „pluto“ " +#~ "podporujícího IKEv1?" + +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Přejete si podporu IKEv2?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan podporuje protokol Internet Key Exchange ve verzích 1 a 2 " +#~ "(IKEv1, IKEv2). Přejete si při startu strongSwanu spustit daemona " +#~ "„charon“ podporujícího IKEv2?" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan přichází s podporou pro oportunistické šifrování (OE), které " +#~ "uchovává autentizační informace IPSecu (např. veřejné RSA klíče) v " +#~ "(nejlépe zabezpečených) DNS záznamech. Dokud nebude tato schopnost více " +#~ "rozšířena, způsobí její aktivace výrazné zpomalení každého nového " +#~ "odchozího spojení. Od verze 2.0 přichází strongSwan s implicitně zapnutou " +#~ "podporou OE čímž pravděpodobně zruší vaše probíhající spojení do " +#~ "Internetu (tj. vaši výchozí cestu - default route) v okamžiku, kdy " +#~ "spustíte pluto (strongSwan keying démon)." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Prosím vyberte si zda chcete povolit podporu pro OE. Nejste-li si jisti, " +#~ "podporu nepovolujte." + +#~ msgid "x509, plain" +#~ msgstr "x509, prostý" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Typ páru RSA klíčů, který se vytvoří:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Je možné vytvořit prostý pár RSA klíčů pro použití se strongSwanem, nebo " +#~ "vytvořit soubor s certifikátem X509, který obsahuje veřejný RSA klíč a " +#~ "dodatečně uchovává odpovídající soukromý klíč." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Pokud chcete vytvořit IPSec spojení jen k počítačům, na kterých taktéž " +#~ "běží strongSwan, může být mnohem jednodušší použít pár prostých RSA " +#~ "klíčů. Pokud se ale chcete připojit k jiným implementacím IPSec, budete " +#~ "potřebovat certifikát X509. Také je možné zde vytvořit certifikát X509 a " +#~ "později, pokud druhá strana používá strongSwan bez podpory certifikátů " +#~ "X509, z něj získat veřejný RSA klíč v prostém formátu." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Certifikát X509 je proto doporučován zejména díky své flexibilitě. Tento " +#~ "instalátor by v měl být schopen skrýt komplexnost vytváření a používání " +#~ "certifikátu ve strongSwanu." diff --git a/debian/po/da.po b/debian/po/da.po new file mode 100644 index 000000000..0687e0219 --- /dev/null +++ b/debian/po/da.po @@ -0,0 +1,476 @@ +# Danish translation strongswan. +# Copyright (C) 2010 strongswan & nedenstående oversættere. +# This file is distributed under the same license as the strongswan package. +# Joe Hansen (joedalton2@yahoo.dk), 2010. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: 2010-11-04 12:42+0000\n" +"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n" +"Language-Team: Danish <dansk@dansk-gruppen.dk>\n" +"Language: da\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Erstattede tidligere kørselsniveauhåndtering" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Tidligere versioner af pakken strongSwan havde et valg mellem tre " +"forskellige start-/stopniveauer. På grund af ændringer i den normale " +"procedure for systemopstart, er dette ikke længere nødvendigt eller " +"brugbart. For alle nye installationer samt ældre installationer der kører i " +"en af de prædefinerede tilstande, vil standardniveauer for sane ikke blive " +"angivet. Hvis du opgraderer fra en tidligere version og ændrede dine " +"opstartsparametre i strongSwan, så kig venligst i NEWS.Debian for " +"instruktioner om hvordan du ændrer din opsætning, så den passer." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Genstart strongSwan nu?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" +"Genstart af strongSwan anbefales, da det er en sikkerhedsrettelse, rettelsen " +"vil ikke træde i kraft før dæmonen genstartes. De fleste forventer at " +"dæmonen genstartes, så dette er generelt en god ide. Det kan dog lægge " +"eksisterende forbindelser ned og så få dem op igen, så hvis du bruger sådan " +"en strongSwan-tunneltil at forbinde for denne opdatering, anbefales en " +"genstart ikke." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Start strongSwans IKEv1-dæmon?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Dæmonen pluto skal køre for at understøtte version 1 af Internet Key " +"Exchange-protokollen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Start streongSwans IKEv2-dæmon?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Dæmonen charon skal køre for at understøtte version 2 af Internet Key " +"Exchange-protokollen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Brug et X.509-certifikat for denne vært?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Et X.509-certifikat for denne vært kan oprettes automatisk eller importeres. " +"Det kan bruges til at godkende IPsec-forbindelser til andre værter og er den " +"foretrukne måde at opbygge sikre IPsec-forbindelser. Den anden mulighed " +"ville være at bruge delte hemmeligheder (adgangskoder der er de samme på " +"begge sider af tunnelen) til godkendelse af en forbindelse, men for et " +"større antal forbindelser, er nøglebaseret godkendelse nemmere at " +"administrere og mere sikkert." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Alternativt kan du afvise denne indstilling og senere bruge kommandoen »dpkg-" +"reconfigure strongswan«." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "opret" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "importer" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" +"Metoder hvormed et X.509-certifikat kan bruges til at godkende denne vært:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"Det er muligt at oprette et nyt X.509-certifikat med brugerdefineret " +"opsætning eller at importere en eksisterende offentlig og privat nøgle gemt " +"i PEM-filer for godkendelse af IPsec-forbindelser." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Hvis du vælger at oprette et nyt X.509-certifikat, vil du først blive spurgt " +"om et antal spørgsmål, som skal besvares før oprettelsen kan begynde. Husk " +"venligst at hvis du ønsker at den offentlige nøgle skal underskrives af et " +"eksisterende Certificate Authority, så bør du ikke vælge at oprette et " +"certifikat underskrevet af dig selv og alle svarene skal svare præcis til " +"krævene i CA'en, ellers vil certifikatanmodningen blive afvist." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Hvis du ønsker at importere en eksisterende offentlig og privat nøgle, vil " +"du blive spurgt om deres filnavne (som kan være identiske, hvis begge er " +"gemt sammen i en fil). Du kan valgfrit angive et filnavn hvor de offentlige " +"nøgler fra Certificate Authority opbevares, men denne fil kan ikke være den " +"samme som den tidligere. Vær venligst også opmærksom på at formatet for " +"X.509-certifikatet skal være PEM, og at den private nøgle ikke må være " +"krypteret, ellers vil importproceduren fejle." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Filnavn på dit PEM-formateret X.509-certifikat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Indtast venligst placeringen på filen der indeholder dit X.509-certifikat i " +"PEM-format." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Filnavn på din private PEM-formateret X.509-nøgle:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Indtast venligst placeringen på filen, der indeholder den private RSA-nøgle " +"der svarer til dit X.509-certifikat i PEM-format. Dette kan være den samme " +"fil som indeholder X.509-certifikatet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Filnavn på dit PEM-formaterede X.509-RootCA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Du kan nu valgfrit indtaste placeringen på filen, der indeholder X.509 " +"Certificate Authority-root brugt til at underskrive dit certifikat i PEM-" +"format. Hvis du ikke har et eller ikke ønsker at bruge det så efterlad dette " +"felt tomt. Bemærk venligst at det ikke er muligt at gemme RootCA'en i den " +"samme fil som dit X.509-certifikat eller din private nøgle." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Indtast venligst hvilken længde den oprettede RSA-nøgle skal have:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Indtast venligst længden på den oprettede RSA-nøgle. Den bør ike være mindre " +"end 1024 bit, da dette er usikkert, og du vil sikkert ikke have brug for " +"mere end 4096 bit, da det kun sløver godkendelsesprocessen ned og behovet " +"ikke er der i øjeblikket." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Opret et X.509-certifikat du selv har underskrevet?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Kun X.509-certifikater du selv har underskrevet kan oprettes automatisk, da " +"en Certifikat Authority ellers er nødvendig for at certifikatforespørgslen " +"biver underskrevet. Hvis du vælger at oprette et certifikat, du selv " +"underskriver, kan du umiddelbart bruge det efterfølgende til at forbinde til " +"andre IPsec-værter som understøtter X.509-certifikater til godkendelse af " +"IPsec-forbindelser. Brug af strongSwans PKI-funktioner kræver dog at alle " +"certifikater skal være underskrevet af en Certificate Authority for at " +"oprette en troværdighed." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Hvis du vælger ikke at oprette et certifikat, du selv har underskrevet, vil " +"kun den private RSA-nøgle og certifikatforespørgslen blive oprettet, og du " +"vil skulle underskrive certifikatforespørgslen med dit Certificate Authority." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Landekode for X.509-certifikatforespørgslen:" + +# hvad er det for en tobogstavskode de henviser til her? DA eller DK. +# ISO 3166 som de nævner efterfølgende er trecifret (DNK), men underdelen af +# 3166 er tocifret og DK for Danmark, men det dækker områderne i Danmark +# som Midtjylland DK-82 med flere. +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Indtast venligst koden, der består af to bogstaver, for landet hvor serveren " +"befinder sig (såsom »DK« for Danmark)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"OpenSSL vil nægte at oprette et certifikat med mindre dette er en gyldig " +"ISO-3166 landekode. Et tomt felt er tilladt andre steder i X.509-" +"certifikatet men ikke her." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Stat eller provinsnavn for X.509-certifikatforespørgslen:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Indtast venligst det fulde navn på staten eller provinsen som serveren " +"befinder sig i (såsom »Nordjylland«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Lokalitetsnavn for X.509-certifikatforespørgslen:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Indtast venligst lokaliteten hvor serveren befinder sig (ofte en by, såsom " +"»Århus«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisationsnavn for X.509-certifikatforespørglsen:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Indtast venligst organisationen som serveren tilhører (såsom »Debian«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisationsgruppe for X.509-certifikatforespørgslen:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Indtast venligst organisationsgruppen som serveren tilhører (såsom " +"»sikkerhedsafdelingen«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Betegnelsen for X.509-certifikatforespørgslen:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Indtast venligst betegnelsen (navnet) for denne vært (såsom »gateway." +"eksempel.org«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "E-post-adresse for X.509-certifikatforespørgslen:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Indtast venligst e-post-adressen på personen eller organisationen der er " +"ansvarlig for X.509-certifikatet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Aktiver opportunistisk kryptering?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Denne version af strongSwan understøtter opportunistisk kryptering (OE), som " +"gemmer IPSec-godkendelsesinformation i DNS-punkter. Indtil dette er udbredt, " +"vil aktivering medføre en væsentlig forsinkelse for hver ny udgående " +"forbindelse." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Du skal kun aktivere opportunistisk kryptering, hvis du er sikker på, at du " +"ønsker det. Det kan få internetforbindelsen til at gå ned (standardrute), " +"når plutodæmonen starter op." diff --git a/debian/po/de.po b/debian/po/de.po new file mode 100644 index 000000000..8930d6b5b --- /dev/null +++ b/debian/po/de.po @@ -0,0 +1,789 @@ +# German translation of strongswan templates +# Matthias Julius <mdeb@julius-net.net>, 2007. +# Martin Eberhard Schauer <Martin.E.Schauer@gmx.de>, 2010. +# Helge Kreutzmann <debian@helgefjell.de>, 2007, 2010. +# This file is distributed under the same license as the strongswan package. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.4.0-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: 2010-06-29 21:55+0200\n" +"Last-Translator: Helge Kreutzmann <debian@helgefjell.de>\n" +"Language-Team: German <debian-l10n-german@lists.debian.org>\n" +"Language: de\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +# (mes) andere Übersetzungen für supersede: etw.Akk. ersetzen, für etw.Akk. Ersatz sein, an die Stelle von etw. Dat. treten, etw.Akk. überflüssig machen, etw.Akk. verdrängen +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Alte Verwaltung der Runlevel abgelöst" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Frühere Versionen von strongSwan ermöglichten eine Wahl zwischen drei " +"verschiedenen Start/Stop-Modi. Aufgrund von Änderungen des standardmäßigen " +"Systemstarts ist dies nicht mehr notwendig oder nützlich. Sowohl für alle " +"neuen als auch bestehende Installationen, die in einem der vordefinierten " +"Modi betrieben wurden, werden jetzt vernünftige Standardwerte gesetzt. Wenn " +"Sie jetzt ein Upgrade von einer früheren Version durchführen und Sie die " +"strongSwan-Startparameter angepasst haben, werfen Sie bitte einen Blick auf " +"NEWS.Debian. Die Datei enthält Anweisungen, wie Sie Ihren Installation " +"entsprechend ändern." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "StrongSwan jetzt starten?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" +"Es wird empfohlen, strongSwan neuzustarten, da eine Sicherheitskorrektur " +"erst nach dem Neustart des Daemons greift. Die meisten Leute erwarten, dass " +"der Daemon neu startet, daher ist diese Wahl eine gute Idee. Er kann " +"allerdings existierende Verbindungen beenden und erneut aufbauen. Falls Sie " +"solch eine Verbindung für diese Aktualisierung verwenden, wird der Neustart " +"nicht empfohlen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "strongSwans IKEv1-Daemon starten?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Der Pluto-Daemon muss laufen, um Version 1 des Internet Key Exchange-" +"Protokolls zu unterstützen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "strongSwans IKEv2-Daemon starten?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Der Charon-Daemon muss laufen, um Version 2 des Internet Key Exchange-" +"Protokolls zu unterstützen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Für diesen Rechner ein X.509-Zertifikat verwenden?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Für diesen Rechner kann ein X.509-Zertifikat automatisch erstellt oder " +"importiert werden, das zur Authentifizierung von IPSec-Verbindungen zu " +"anderen Rechnern verwendet werden kann. Dieses Vorgehen ist für den Aufbau " +"gesicherter IPSec-Verbindungen vorzuziehen. Die andere Möglichkeit ist die " +"Verwendung von gemeinsamen Geheimnissen (engl.: shared secrets, gleiche " +"Passwörter an beiden Enden des Tunnels) zur Authentifizierung einer " +"Verbindung. Für eine größere Anzahl von Verbindungen ist aber die RSA-" +"Authentifizierung einfacher zu verwalten und sicherer." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Alternativ können Sie diese Option ablehnen und später den Befehl »dpkg-" +"reconfigure strongswan« zur Rückkehr zu dieser Option verwenden." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "erstellen" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "importieren" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" +"Methoden für die Authentifizierung dieses Rechners mittels eines X.509-" +"Zertifikats:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"Es ist möglich, mit benutzerdefinierten Einstellungen ein neues X.509-" +"Zertifikat zu erstellen oder einen vorhandenen, in PEM-Datei(en) " +"gespeicherten, öffentlichen und privaten Schlüssel für die Authentifizierung " +"von IPSec-Verbindungen zu verwenden." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Wenn Sie sich für die Erstellung eines neuen X.509-Zertifikats entscheiden, " +"wird Ihnen zunächst eine Reihe von Fragen gestellt. Diese Fragen müssen " +"beantwortet werden, damit das Zertifikat erstellt werden kann. Bitte " +"beachten Sie: Wenn der öffentliche Schlüssel von einer bestehenden " +"Zertifizierungsstelle (Certificate Authority, CA) bestätigen lassen wollen, " +"sollten Sie nicht wählen, ein selbstsigniertes Zertifikat zu erstellen. " +"Außerdem müssen dann alle gegebenen Antworten exakt den Anforderungen der CA " +"entsprechen, da sonst der Antrag auf Zertifizierung zurückgewiesen werden " +"kann." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Wenn Sie bestehende öffentliche und private Schlüssel importieren wollen, " +"werden Sie nach deren Dateinamen gefragt. (Die Namen können übereinstimmen, " +"wenn beide Teile zusammen in einer Datei gespeichert werden.) Optional " +"können Sie auch den Namen einer Datei angeben, die den/die öffentlichen " +"Schlüssel Ihrer Zertifizierungsstelle enthält. Dieser Name muss von den " +"Erstgenannten verschieden sein. Bitte beachten Sie auch, dass Sie für die " +"X.509-Zertifikate das Format PEM verwenden und dass der private Schlüssel " +"nicht verschlüsselt sein darf, weil sonst der Import-Vorgang fehlschlagen " +"wird." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Dateiname Ihres X.509-Zertifikats im PEM-Format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Bitte geben Sie den Speicherort der Datei ein, die Ihr X.509-Zertifikat im " +"PEM-Format enthält." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Dateiname des privaten X.509-Schlüssels im PEM-Format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Bitte geben Sie den Speicherort der Datei ein, die den zu Ihrem X.509-" +"Zertifikat passenden privaten RSA-Schlüssel im PEM-Format enthält. Dies kann " +"dieselbe Datei sein, die das X.509-Zertifikat enthält." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Dateinamen Ihrer PEM-Format-X.509-RootCA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Optional können Sie nun den Speicherort der Datei mit dem »X.509 Certificate " +"Authority Root« angeben, mit dem Ihr Zertifikat im PEM-Format unterzeichnet " +"wurde. Wenn Sie keine haben oder diese nicht verwenden wollen, lassen Sie " +"dieses Feld bitte leer. Bitte beachten Sie, dass es nicht möglich ist, die " +"RootCA in der gleichen Datei wie Ihr X.509-Zertifikat oder den privaten " +"Schlüssel zu speichern." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "" +"Bitte geben Sie ein, welche Länge der erstellte RSA-Schlüssels haben soll:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Bitte geben Sie die Länge des erstellten RSA-Schlüssels an. Er sollte nicht " +"kürzer als 1024 Bits sein, da dies als unsicher betrachtet werden könnte und " +"Sie benötigen nicht mehr als 4096 Bits, da dies nur den Authentifizierungs-" +"Prozess verlangsamt und derzeit nicht benötigt wird." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Selbstsigniertes X.509-Zertifikat erstellen?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Nur selbstsignierte X.509-Zertifikate können automatisch erstellt werden, da " +"da andernfalls eine Zertifizierungsstelle zur Signatur der " +"Zertifikatsanfrage benötigt wird. Falls Sie sich entscheiden, ein " +"selbstsigniertes Zertifikat zu erstellen, können Sie es sofort zur " +"Verbindung mit anderen IPSec-Rechnern verwenden, die X.509-Zertifikate zur " +"Authentifizierung von IPSec-Verbindungen verwenden. Die Verwendung der PKI-" +"Funktionalität von strongSwan verlangt allerdings, dass alle Zertifikate von " +"einer Zertifizierungsstelle signiert sind, um einen Vertrauenspfad zu " +"erstellen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Falls Sie kein selbstsigniertes Zertifikat erstellen möchten, wird nur der " +"private RSA-Schlüssel und die Zertifikatsanforderung erstellt. Sie müssen " +"diese Zertifikatsanforderung von Ihrer Zertifizierungsstelle signieren " +"lassen." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Ländercode für die X.509-Zertifikatsanforderung:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Geben Sie den Ländercode (zwei Zeichen) für das Land ein, in dem der Server " +"steht (z. B. »AT« für Österreich)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"Ohne einen gültigen Ländercode nach ISO-3166 wird es OpenSSL ablehnen, ein " +"Zertifikat zu generieren. Ein leeres Feld ist für andere Elemente des X.509-" +"Zertifikats zulässig, aber nicht für dieses." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Name des Landes oder der Provinz für diese X.509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Bitte geben Sie den kompletten Namen des Landes oder der Provinz ein, in der " +"sich der Server befindet (wie »Oberösterreich«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Ort für die X.509-Zertifikatsanforderung:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Geben Sie bitte den Ort an, an dem der Server steht (oft ist das eine Stadt " +"wie beispielsweise »Wien«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisationsname für die X.509-Zertifikatsanforderung:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Bitte geben Sie die Organisation an, zu der der Server gehört (wie z.B. " +"»Debian«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisationseinheit für die X.509-Zertifikatsanforderung:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Bitte geben Sie die Organisationseinheit für die X.509-" +"Zertifikatsanforderung ein (z.B. »Sicherheitsgruppe«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "»Common Name« für die X.509-Zertifikatsanforderung:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Bitte geben Sie den »Common Name« für diesen Rechner ein (wie z.B. »gateway." +"example.org«)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "E-Mail-Adresse für die X.509-Zertifikatsanforderung:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Bitte geben Sie die E-Mail-Adresse der für das X.509-Zertifikat " +"verantwortlichen Person oder Organisation ein." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Opportunistische Verschlüsselung aktivieren?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Diese Version von strongSwan unterstützt opportunistische Verschlüsselung " +"(OE), die IPSec-Authentifizierungsinformationen in DNS-Einträgen speichert. " +"Bis dies weit verbreitet ist, führt die Verwendung zu einer deutlichen " +"Verzögerung bei jeder ausgehenden Verbindung." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Sie sollten opportunistische Verschlüsselung nur verwenden, falls Sie sich " +"sicher sind, dass Sie sie verwenden möchten. Beim Starten des Pluto-Daemons " +"könnte die Internetverbindung (Default Route) unterbrochen werden." + +#~ msgid "" +#~ "Previous versions of the Openswan package gave a choice between three " +#~ "different Start/Stop-Levels. Due to changes in the standard system " +#~ "startup procedure, this is no longer necessary or useful. For all new " +#~ "installations as well as old ones running in any of the predefined modes, " +#~ "sane default levels will now be set. If you are upgrading from a previous " +#~ "version and changed your Openswan startup parameters, then please take a " +#~ "look at NEWS.Debian for instructions on how to modify your setup " +#~ "accordingly." +#~ msgstr "" +#~ "Frühere Versionen von Openswan ermöglichten eine Wahl zwischen drei " +#~ "verschiedenen Start/Stop-Ebenen. Aufgrund von Änderungen des " +#~ "standardmäßigen Systemstarts ist dies nicht mehr notwendig oder nützlich. " +#~ "Sowohl für alle neuen als auch bestehende Installationen, die in einem " +#~ "der vordefinierten Modi betrieben wurden, werden jetzt vernünftige " +#~ "Standardwerte gesetzt. Wenn Sie jetzt ein Upgrade von einer früheren " +#~ "Version durchführen und Sie die Openswan-Startparameter angepasst haben, " +#~ "werfen Sie bitte einen Blick auf NEWS.Debian. Die Datei enthält " +#~ "Anweisungen, wie Sie Ihren Setup entsprechend ändern." + +#~ msgid "Restart Openswan now?" +#~ msgstr "Möchten Sie jetzt Openswan neu starten?" + +#~ msgid "" +#~ "Restarting Openswan is recommended, since if there is a security fix, it " +#~ "will not be applied until the daemon restarts. Most people expect the " +#~ "daemon to restart, so this is generally a good idea. However, this might " +#~ "take down existing connections and then bring them back up, so if you are " +#~ "using such an Openswan tunnel to connect for this update, restarting is " +#~ "not recommended." +#~ msgstr "" +#~ "Der Neustart von Openswan wird empfohlen. Wenn mit dieser Version ein " +#~ "Sicherheitsproblem beseitigt wurde, wird dies erst nach dem Neustart des " +#~ "Daemons wirksam. Da die meisten Anwender einen Neustart des Daemons " +#~ "erwarten, ist dies grundsätzlich eine gute Idee. Der Neustart kann aber " +#~ "bestehende Verbindungen schließen und anschließend wiederherstellen. Wenn " +#~ "Sie einen solchen Openswan-Tunnel für die Verbindung bei dieser " +#~ "Aktualisierung verwenden, wird von einem Neustart abgeraten." + +#~ msgid "" +#~ "Alternatively you can reject this option and later use the command \"dpkg-" +#~ "reconfigure openswan\" to come back." +#~ msgstr "" +#~ " Alternativ können Sie diese Option ablehnen und später mit dem Befehl " +#~ "»dpkg-reconfigure openswan« zurückzukommen." + +#~ msgid "Length of RSA key to be created:" +#~ msgstr "Länge des zu erstellenden RSA-Schlüssels:" + +#~ msgid "" +#~ "Please enter the required RSA key-length. Anything under 1024 bits should " +#~ "be considered insecure; anything more than 4096 bits slows down the " +#~ "authentication process and is not useful at present." +#~ msgstr "" +#~ "Bitte geben Sie die Länge des zu erstellenden RSA-Schlüssels ein. Sie " +#~ "sollte nicht weniger als 1024 Bit sein, da dies als unsicher betrachtet " +#~ "wird. Alles über 4098 Bit verlangsamt den Authentifizierungs-Prozess und " +#~ "ist zur Zeit nicht nützlich." + +#~ msgid "" +#~ "Only self-signed X.509 certificates can be created automatically, because " +#~ "otherwise a Certificate Authority is needed to sign the certificate " +#~ "request. If you choose to create a self-signed certificate, you can use " +#~ "it immediately to connect to other IPsec hosts that support X.509 " +#~ "certificate for authentication of IPsec connections. However, using " +#~ "Openswan's PKI features requires all certificates to be signed by a " +#~ "single Certificate Authority to create a trust path." +#~ msgstr "" +#~ "Nur selbstsignierte X.509-Zertifikate können automatisch erstellt werden, " +#~ "da anderenfalls für die Unterzeichnung der Zertifikatsanforderung eine " +#~ "Zertifizierungsstelle benötigt wird. Falls Sie ein selbstsigniertes " +#~ "Zertifikat erstellen, können Sie dieses sofort verwenden, um sich mit " +#~ "anderen IPSec-Rechnern zu verbinden, die X.509-Zertifikate zur " +#~ "Authentifizierung von IPsec-Verbindungen benutzen. Falls Sie jedoch die " +#~ "PKI-Funktionen von Openswan verwenden möchten, müssen alle X.509-" +#~ "Zertifikate von einer einzigen Zertifizierungsstelle signiert sein, um " +#~ "einen Vertrauenspfad zu schaffen." + +#~ msgid "Modification of /etc/ipsec.conf" +#~ msgstr "Veränderung von /etc/ipsec.conf" + +#~ msgid "" +#~ "Due to a change in upstream Openswan, opportunistic encryption is no " +#~ "longer enabled by default. The no_oe.conf file that was shipped in " +#~ "earlier versions to explicitly disable it can therefore no longer be " +#~ "included by ipsec.conf. Any such include paragraph will now be " +#~ "automatically removed to ensure that Openswan can start correctly." +#~ msgstr "" +#~ "Aufgrund einer Änderung im Quelltext von Openswan ist opportunistische " +#~ "Verschlüsselung nicht mehr standardmäßig aktiviert. Ältere Versionen von " +#~ "Openswan enthielten die Datei no_oe.conf, die zur expliziten " +#~ "Deaktivierung der opportunistischen Verschlüsselung diente. Diese kann " +#~ "jetzt nicht mehr mittels ipsec.conf aufgenommen werden. Jeder " +#~ "entsprechende Absatz wird jetzt automatisch entfernt, um einen korrekten " +#~ "Start von Openswan sicherzustellen." + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Möchten Sie strongSwan neustarten?" + +#~ msgid "Please enter the location of your X509 certificate in PEM format:" +#~ msgstr "" +#~ "Bitte geben Sie den Ort der Datei an, der Ihr X509-Zertifikat im PEM-" +#~ "Format enthält." + +#~ msgid "Please enter the location of your X509 private key in PEM format:" +#~ msgstr "" +#~ "Bitte geben Sie den Ort der Datei an, der Ihr X509-Zertifikat im PEM-" +#~ "Format enthält." + +#~ msgid "" +#~ "Please enter the 2 letter country code for your country. This code will " +#~ "be placed in the certificate request." +#~ msgstr "" +#~ "Bitte geben Sie den zweibuchstabigen Ländercode für Ihr Land ein. Dieser " +#~ "Code wird in der Zertifikatsanfrage verwendet." + +#~ msgid "Example: AT" +#~ msgstr "Beispiel: AT" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Beispiel: Oberösterreich" + +#~ msgid "Example: Vienna" +#~ msgstr "Beispiel: Wien" + +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Bitte geben Sie die Organisation (z.B. Firma) ein, für die das X509-" +#~ "Zertifikat erstellt werden soll. Dieser Name wird in der " +#~ "Zertifikatsanfrage verwandt." + +#~ msgid "Example: Debian" +#~ msgstr "Beispiel: Debian" + +#~ msgid "Example: security group" +#~ msgstr "Beispiel: Sicherheitsgruppe" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Beispiel: gateway.debian.org" + +#~ msgid "When to start strongSwan:" +#~ msgstr "Wann soll strongSwan gestartet werden:" + +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "Falls Sie kein neues öffentliches/privates Schlüsselpaar erstellen " +#~ "wollen, können Sie im nächsten Schritt ein existierendes auswählen." + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "frühestmöglich, »nach NFS«, »nach PCMCIA«" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Es gibt drei Möglichkeiten, wann strongSwan starten kann: vor oder nach " +#~ "den NFS-Diensten und nach den PCMCIA-Diensten. Die richtige Antwort hängt " +#~ "von Ihrer spezifischen Einrichtung ab." + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Falls Sie Ihren /usr-Baum nicht über NFS eingehängt haben (entweder weil " +#~ "Sie nur andere, weniger lebenswichtige Bäume über NFS einhängen, oder " +#~ "falls Sie NFS überhaupt nicht verwenden) und keine PCMCIA-Netzwerkkarte " +#~ "benutzen, ist es am besten, strongSwan so früh wie möglich zu starten und " +#~ "damit durch IPSec gesicherte NFS-Einhängungen zu erlauben. In diesem Fall " +#~ "(oder falls Sie dieses Problem nicht verstehen oder es Ihnen egal ist), " +#~ "antworten Sie »frühestmöglich« (Standardwert) auf diese Frage." + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Falls Sie Ihren /usr-Baum über NFS eingehängt haben und keine PCMCIA-" +#~ "Netzwerkkarte benutzen, müssen Sie strongSwan nach NFS starten, so dass " +#~ "alle benötigten Dateien verfügbar sind. In diesem Fall antworten Sie " +#~ "»nach NFS« auf diese Frage. Bitte beachten Sie, dass NFS-Einhängungen " +#~ "von /usr in diesem Fall nicht über IPSec gesichert werden können." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Falls Sie eine PCMCIA-Netzwerkkarte für Ihre IPSec-Verbindungen benutzen, " +#~ "dann müssen Sie nur auswählen, dass er nach den PCMCIA-Diensten startet. " +#~ "Antworten Sie in diesem Fall »nach PCMCIA«. Dies ist auch die richtige " +#~ "Antwort, falls Sie Schlüssel von einem lokal laufenden DNS-Server mit " +#~ "DNSSec-Unterstützung abholen wollen." + +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Möchten Sie IKEv1 unterstützen?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan unterstützt beide Versionen des »Internet Key Exchange«-" +#~ "Protokolls (Schlüsselaustausch über Internet), IKEv1 und IKEv2. Möchten " +#~ "Sie den »pluto«-Daemon für IKEv1-Unterstützung starten, wenn strongSwan " +#~ "gestartet wird." + +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Möchten Sie IKEv2 unterstützen?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan unterstützt beide Versionen des »Internet Key Exchange«-" +#~ "Protokolls (Schlüsselaustausch über Internet), IKEv1 und IKEv2. Möchten " +#~ "Sie den »charon«-Daemon für IKEv2-Unterstützung starten, wenn strongSwan " +#~ "gestartet wird." + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan enthält Unterstützung für opportunistische Verschlüsselung " +#~ "(OV), die Authentifizierungsinformationen von IPSec (z.B. öffentliche RSA-" +#~ "Schlüssel) in DNS-Datensätzen speichert. Solange dies nicht weit " +#~ "verbreitet ist, wird jede neue ausgehende Verbindung signifikant " +#~ "verlangsamt, falls diese Option aktiviert ist. Seit Version 2.0 wird " +#~ "strongSwan von den Autoren mit aktiviertem OV ausgeliefert und wird daher " +#~ "wahrscheinlich Ihre existierenden Verbindungen ins Internet (d.h. Ihre " +#~ "Standard-Route) stören, sobald Pluto (der strongSwan Schlüssel-Daemon) " +#~ "gestartet wird." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Bitte wählen Sie aus, ob Sie OV aktivieren möchten. Falls Sie unsicher " +#~ "sind, aktivieren Sie es nicht." + +#~ msgid "x509, plain" +#~ msgstr "x509, einfach" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Die Art des RSA-Schlüsselpaars, das erstellt werden soll:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Es besteht die Möglichkeit, ein einfaches öffentliches/privates " +#~ "Schlüsselpaar für den Einsatz mit strongSwan oder eine X509-" +#~ "Zertifikatsdatei zu erstellen, die den öffentlichen Schlüssel und " +#~ "zusätzlich den zugehörigen privaten Schlüssel enthält." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Falls Sie nur IPSec-Verbindungen zu Rechnern aufbauen wollen, auf denen " +#~ "auch strongSwan läuft, könnte es etwas einfacher sein, einfache RSA-" +#~ "Schlüsselpaare zu verwenden. Falls Sie aber mit anderen IPSec-" +#~ "Implementierungen Verbindungen aufnehmen wollen, benötigen Sie ein X509-" +#~ "Zertifikat. Es besteht auch die Möglichkeit, hier ein X509-Zertifikat zu " +#~ "erstellen und den öffentlichen RSA-Schlüssel im einfachen Format zu " +#~ "extrahieren, falls die andere Seite strongSwan ohne X509-" +#~ "Zertifikatsunterstützung betreibt." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Daher wird ein X509-Zertifikat empfohlen, da es flexibler ist und dieses " +#~ "Installationsprogramm in der Lage sein sollte, die komplexe Erstellung " +#~ "des X509-Zertifikates und seinen Einsatz in strongSwan zu verstecken." diff --git a/debian/po/es.po b/debian/po/es.po new file mode 100644 index 000000000..b1b8cb1f3 --- /dev/null +++ b/debian/po/es.po @@ -0,0 +1,659 @@ +# strongswan po-debconf translation to Spanish +# Copyright (C) 2010 Software in the Public Interest +# This file is distributed under the same license as the strongswan package. +# +# Changes: +# - Initial translation +# Francisco Javier Cuadrado <fcocuadrado@gmail.com>, 2010 +# +# Traductores, si no conocen el formato PO, merece la pena leer la +# documentación de gettext, especialmente las secciones dedicadas a este +# formato, por ejemplo ejecutando: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Equipo de traducción al español, por favor lean antes de traducir +# los siguientes documentos: +# +# - El proyecto de traducción de Debian al español +# http://www.debian.org/intl/spanish/ +# especialmente las notas y normas de traducción en +# http://www.debian.org/intl/spanish/notas +# +# - La guía de traducción de po's de debconf: +# /usr/share/doc/po-debconf/README-trans +# o http://www.debian.org/intl/l10n/po-debconf/README-trans +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.4.1-5\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: 2010-10-09 20:45+0100\n" +"Last-Translator: Francisco Javier Cuadrado <fcocuadrado@gmail.com>\n" +"Language-Team: Debian l10n Spanish <debian-l10n-spanish@lists.debian.org>\n" +"Language: es\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Se ha sustituido la antigua gestión del nivel de ejecución" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Las versiones previas del paquete de StrongSwan daban la opción de elegir " +"entre tres niveles diferentes de Inicio/Parada. Debido a los cambios en el " +"procedimiento del sistema estándar de arranque, esto ya no es necesario ni " +"útil. Para todas las instalaciones nuevas, así como para las antiguas que " +"ejecuten cualquiera de los modos predefinidos, se configurarán unos niveles " +"predeterminado válidos. Si está actualizando de una versión antigua y ha " +"cambiado los parámetros de arranque de StrongSwan, eche un vistazo al " +"archivo «NEWS.Debian» para leer las instrucciones sobre cómo modificar su " +"configuración apropiadamente." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "¿Desea reiniciar StrongSwan ahora mismo?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" +"Se recomienda reiniciar StrongSwan, porque si hay un parche de seguridad, " +"éste no se aplicará hasta que el demonio se reinicie. La mayoría de la gente " +"espera que el demonio se reinicie, así que generalmente es una buena idea. " +"Sin embargo, esto puede cerrar las conexiones existentes y después volverlas " +"a abrir, de modo que si está utilizando un túnel de StrongSwan en la " +"conexión de esta actualización, no se recomienda reiniciar." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "¿Desea iniciar el demonio IKEv1 de StrongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"El demonio pluto se debe ejecutar para poder utilizar la versión 1 del " +"protocolo de intercambio de claves por internet («Internet Key Exchange»)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "¿Desea iniciar el demonio IKEv2 de StrongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"El demonio charon se debe ejecutar para permitir utilizar la versión 2 del " +"protocolo de intercambio de claves por internet («Internet Key Exchange»)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "¿Desea utilizar un certificado X.509 para esta máquina?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Se puede crear automáticamente o importar un certificado X.509 para esta " +"máquina. Esto se puede utilizar para autenticar conexiones IPsec de otras " +"máquinas y es la forma preferida para construir conexiones IPsec seguras. La " +"otra posibilidad sería utilizar secretos compartidos (contraseñas que son la " +"misma en ambos lados del túnel) para autenticar una conexión, pero para un " +"gran número de conexiones, la autenticación basada en claves es más sencilla " +"de administrar y más segura." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"También puede rechazar esta opción y utilizar más tarde la orden «dpkg-" +"reconfigure strongswan» para volver a este proceso." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "crear" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "importar" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" +"Métodos para utilizar un certificado X.509 para autenticar esta máquina:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"Es posible crear un certificado X.509 nuevo con la configuración definida " +"por el usuario o importar una clave pública/privada almacenada en archivo/s " +"PEM para autenticar las conexiones IPsec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Si escoge crear un certificado X.509 nuevo, primero se le realizarán unas " +"cuantas preguntas que deberá contestar antes de que la creación comience. " +"Por favor, tenga en cuenta que si quiere que una Autoridad de Certificación " +"(CA) firme la clave pública no debería escoger crear un certificado auto-" +"firmado y todas las respuestas deberán coincidir exactamente con los " +"requisitos de la CA, de otro modo puede que se rechace la petición del " +"certificado." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Si quiere importar una clave pública/privada, se le preguntará por los " +"nombres de los archivos (que deberán ser idénticos si ambas partes se " +"almacenan en un único archivo). Opcionalmente, puede indicar el nombre de un " +"archivo dónde las clave/s pública/s de la Autoridad de Certificación se " +"almacenen, pero este archivo no puede ser el mismo que los anteriores. Por " +"favor, tenga en cuenta que el formato para los certificados X.509 tiene que " +"ser PEM y que la clave privada no debe estar cifrada o el proceso de " +"importación fallará." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Nombre del archivo del certificado X.509 en el formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Introduzca la ubicación completa del archivo que contiene el certificado " +"X.509 en el formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "" +"Nombre del archivo de la clave privada del certificado X.509 en el formato " +"PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Introduzca la ubicación del archivo que contiene la clave privada RSA del " +"certificado X.509 en el formato PEM. Puede ser el mismo archivo que contiene " +"el del certificado X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "" +"Nombre del archivo del certificado X.509 de la raíz de la Autoridad de " +"Certificación (CA) en el formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Opcionalmente, ahora puede introducir la ubicación del archivo que contiene " +"el certificado X.509 de la raíz de la Autoridad de Certificación (CA) " +"utilizado para firmar su certificado en formato PEM. Si no tiene uno o no " +"quiere utilizarlo, deje este campo en blanco. Por favor, tenga en cuenta que " +"no es posible almacenar la raíz de la CA en el mismo archivo que su " +"certificado X.509 o la clave privada." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Introduzca la longitud que debería tener la clave RSA creada:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Introduzca la longitud de la clave RSA creada. No debería ser menor de 1024 " +"bits porque se considera inseguro, además probablemente no necesite más de " +"4096 bits porque sólo ralentiza el proceso de autenticación y no es " +"necesario en estos momentos." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "¿Desea crear un certificado X.509 auto-firmado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Sólo los certificados X.509 se pueden crear automáticamente, porque de otro " +"modo la Autoridad de Certificación (CA) se necesitará para firmar la " +"petición del certificado. Si escoge crear un certificado auto-firmado, puede " +"utilizarlo inmediatamente para conectar a otras máquinas IPsec que permitan " +"la autenticación de conexiones IPsec con certificados X.509. Sin embargo, si " +"se utilizan las funcionalidades PKI de StrongSwan se necesita que todos los " +"certificados estén firmados por una única Autoridad de Certificación para " +"crear una ruta segura." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Si no escoge crear un certificado auto-firmado, sólo se crearán las " +"peticiones de la clave privada y la petición del certificado, y tendrá que " +"firmar la petición del certificado con su Autoridad de Certificación." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Código del país para la petición del certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Introduzca el código de dos letras para el país en el que el servidor está " +"ubicado (por ejemplo «ES» para España)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"OpenSSL rechazará generar un certificado a menos que este campo sea un " +"código de país ISO-3166 válido, además no se permite que este campo se deje " +"en blanco." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Estado o provincia para la petición del certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Introduzca el nombre completo del estado o la provincia en la que el " +"servidor está ubicado (por ejemplo «Comunidad de Madrid»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Localidad para la petición del certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Introduzca la localidad en la que el servidor está ubicado (normalmente una " +"ciudad, por ejemplo «Madrid»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Nombre de la organización para la petición del certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Introduzca la organización a la que el servidor pertenece (por ejemplo " +"«Debian»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unidad de la organización para la petición del certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Introduzca el nombre de la unidad de la organización (o departamento) a la " +"que el servidor pertenece (por ejemplo «departamento de seguridad»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Nombre Común (CN) para la petición del certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Introduzca el Nombre Común (CN) de esta máquina (por ejemplo «gateway." +"example.org»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "" +"Dirección de correo electrónico para la petición del certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Introduzca la dirección de correo electrónico del responsable individual o " +"de la organización del certificado X.509." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "¿Desea activar el cifrado oportunístico?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Esta versión de StrongSwan permite utilizar cifrado oportunístico " +"(«Opportunistic Encryption», OE), que almacena la información de la " +"autenticación de IPSec en los registros del DNS. Hasta que esto esté " +"ampliamente difundido, activarlo puede causar un gran retraso para cada " +"conexión saliente." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Sólo debería activar el cifrado oportunístico si está seguro que lo quiere. " +"Esto puede romper la conexión a internet (la ruta predeterminada) cuando el " +"demonio pluto se inicie." + +#~ msgid "earliest" +#~ msgstr "lo más pronto posible" + +#~ msgid "after NFS" +#~ msgstr "después de NFS" + +#~ msgid "after PCMCIA" +#~ msgstr "después de PCMCIA" + +#~ msgid "When to start strongSwan:" +#~ msgstr "Cuando se iniciará strongSwan:" + +#~ msgid "" +#~ "StrongSwan starts during system startup so that it can protect " +#~ "filesystems that are automatically mounted." +#~ msgstr "" +#~ "StrongSwan se inicia durante el arranque del sistema, de modo que pueda " +#~ "proteger los sistemas de archivos que se montan automáticamente." + +#~ msgid "" +#~ " * earliest: if /usr is not mounted through NFS and you don't use a\n" +#~ " PCMCIA network card, it is best to start strongSwan as soon as\n" +#~ " possible, so that NFS mounts can be secured by IPSec;\n" +#~ " * after NFS: recommended when /usr is mounted through NFS and no\n" +#~ " PCMCIA network card is used;\n" +#~ " * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +#~ " network card or if it needs keys to be fetched from a locally running " +#~ "DNS\n" +#~ " server with DNSSec support." +#~ msgstr "" +#~ " * lo más pronto posible: si «/usr» no está montado mediante NFS y no usa " +#~ "una\n" +#~ " tarjeta de red PCMCIA, es mejor iniciar strongSwan lo más pronto " +#~ "posible,\n" +#~ " de modo que el montaje de NFS se pueda asegurar mediante IPSec.\n" +#~ " * después de NFS: se recomienda cuando «/usr» se monta mediante NFS y " +#~ "no\n" +#~ " se usa una tarjeta de red PCMCIA.\n" +#~ " * después de PCMCIA: se recomienda si la conexión IPSec usa una tarjeta\n" +#~ " de red PCMCIA o si necesita obtener las claves desde un servidor de " +#~ "DNS local\n" +#~ " compatible con DNSSec." + +#~ msgid "" +#~ "If you don't restart strongSwan now, you should do so manually at the " +#~ "first opportunity." +#~ msgstr "" +#~ "Si no quiere reiniciar strongSwan ahora mismo, debería realizarlo " +#~ "manualmente cuando considere oportuno." + +#~ msgid "Create an RSA public/private keypair for this host?" +#~ msgstr "" +#~ "¿Desea crear un par de claves (pública/privada) RSA para este equipo?" + +#~ msgid "" +#~ "StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to " +#~ "authenticate IPSec connections to other hosts. RSA authentication is " +#~ "generally considered more secure and is easier to administer. You can use " +#~ "PSK and RSA authentication simultaneously." +#~ msgstr "" +#~ "StrongSwan puede utilizar una clave pre-compartida («Pre-Shared Key», " +#~ "PSK) o un par de claves RSA para autenticarse en las conexiones IPSec con " +#~ "otras máquinas. La autenticación con RSA se considera, generalmente, más " +#~ "segura y más fácil de administrar. Puede utilizar la autenticación con " +#~ "PSK y con RSA de forma simultánea." + +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "Si no quiere crear un nuevo par de claves, puede escoger utilizar un par " +#~ "existente en el siguiente paso." + +#~ msgid "" +#~ "The required information can automatically be extracted from an existing " +#~ "X.509 certificate with a matching RSA private key. Both parts can be in " +#~ "one file, if it is in PEM format. You should choose this option if you " +#~ "have such an existing certificate and key file and want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "La información necesaria se puede extraer automáticamente desde un " +#~ "certificado X.509 con una clave privada RSA correspondiente. Ambas partes " +#~ "pueden estar en un único archivo, si está en el formato PEM. Debería " +#~ "escoger esta opción si tiene un certificado y un archivo de clave, y " +#~ "quiere utilizarlo para autenticar las conexiones IPSec." + +#~ msgid "RSA key length:" +#~ msgstr "Longitud de la clave RSA:" + +#~ msgid "" +#~ "Please enter the length of RSA key you wish to generate. A value of less " +#~ "than 1024 bits is not considered secure. A value of more than 2048 bits " +#~ "will probably affect performance." +#~ msgstr "" +#~ "Introduzca la longitud de la clave RSA que quiere generar. Un valor menor " +#~ "de 1024 bits no se considera seguro. Un valor de más de 2048 bits puede " +#~ "afectar al rendimiento." + +#~ msgid "" +#~ "Only self-signed X.509 certificates can be created automatically, because " +#~ "otherwise a certificate authority is needed to sign the certificate " +#~ "request." +#~ msgstr "" +#~ "Sólo se pueden crear automáticamente certificados X.509 auto-firmados, " +#~ "porque de otro modo se necesitaría una autoridad de certificación para " +#~ "firmar la petición del certificado." + +#~ msgid "" +#~ "If you accept this option, the certificate created can be used " +#~ "immediately to connect to other IPSec hosts that support authentication " +#~ "via an X.509 certificate. However, using strongSwan's PKI features " +#~ "requires a trust path to be created by having all X.509 certificates " +#~ "signed by a single authority." +#~ msgstr "" +#~ "Si acepta esta opción, el certificado creado se puede utilizar " +#~ "inmediatamente para conectar a otras máquinas de IPSec que permitan la " +#~ "autenticación mediante un certificado X.509. Sin embargo, si se utilizan " +#~ "las funcionalidades PKI de strongSwan se requiere crear una ruta de " +#~ "confianza para tener todos los certificados X.509 firmados por una única " +#~ "autoridad." + +#~ msgid "" +#~ "Please enter the two-letter ISO3166 country code that should be used in " +#~ "the certificate request." +#~ msgstr "" +#~ "Introduzca el código ISO3166 de dos letras del país que se debería " +#~ "utilizar en la petición del certificado." + +#~ msgid "" +#~ "This field is mandatory; otherwise a certificate cannot be generated." +#~ msgstr "" +#~ "Este campo es obligatorio, de otro modo no se podría generar un " +#~ "certificado." + +#~ msgid "" +#~ "Please enter the locality name (often a city) that should be used in the " +#~ "certificate request." +#~ msgstr "" +#~ "Introduzca el nombre de la localidad (normalmente una ciudad) que se " +#~ "debería usar en la petición del certificado." + +#~ msgid "" +#~ "Please enter the organization name (often a company) that should be used " +#~ "in the certificate request." +#~ msgstr "" +#~ "Introduzca el nombre de la organización (normalmente una compañía) que se " +#~ "debería usar en la petición del certificado." + +#~ msgid "" +#~ "Please enter the common name (such as the host name of this machine) that " +#~ "should be used in the certificate request." +#~ msgstr "" +#~ "Introduzca el nombre común (como el nombre de la máquina) que se debería " +#~ "usar en la petición del certificado." diff --git a/debian/po/eu.po b/debian/po/eu.po new file mode 100644 index 000000000..0b672b811 --- /dev/null +++ b/debian/po/eu.po @@ -0,0 +1,470 @@ +# translation of strongswan_4.4.1-5.1_eu.po to Basque +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Piarres Beobide <pi@beobide.net>, 2009. +# Iñaki Larrañaga Murgoitio <dooteo@zundan.com>, 2010. +msgid "" +msgstr "" +"Project-Id-Version: strongswan_4.4.1-5.1_eu\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: 2010-11-16 20:23+0100\n" +"Last-Translator: Iñaki Larrañaga Murgoitio <dooteo@zundan.com>\n" +"Language-Team: Basque <debian-l10n-basque@lists.debian.org>\n" +"Language: eu\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Exekuzio-mailaren kudeaketa zaharra ordeztuta" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"strongSwan paketearen aurreko bertsioak hiru Abiarazte-/Gelditzen-maila " +"desberdinen arteko aukera eskaintzen zuen. Sistemaren abioaren prozedura " +"arruntean aldaketak gertatu direnez, ez dira beharrezkoak edo erabilgarriak. " +"Instalazio berri guztientzako, aurredefinitutako moduetako batean " +"exekutatzen diren zaharretan ere, zentzuzko maila lehenetsiak ezarriko dira " +"orain. Aurreko bertsiotik eguneratzen ari bazara, eta strongSwan-en abioko " +"parametroak aldatu bazenituen, irakur ezazu NEWS.Debian fitxategia. " +"konfigurazioa modu egokian nola aldatzen den jakiteko." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Berrabiarazi StrongSwan orain?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" +"StrongSwan berrabiaraztea gomendatzen da segurtasunezko konponketa bat " +"badago ez baita ezarriko daemona berrabiarazi artea. Erabiltzaile gehienek " +"daemona berrabiaraztea espero dutenez, burutazio ona da hori. Hala ere, " +"honek martxan dauden konexioak itxi eta gero berriz abiaraziko ditu. Hori " +"dela eta, eguneraketa honetan strongSwan tunela erabiltzen ari bazara, ez da " +"gomendatzen berrabiaraztea." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "StrongSwan-ren IKEv1 daemona abiarazi?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"'pluto' daemona exekutatzen egon behar da Interneteko Gakoen Trukaketa (IKE) " +"protokoloaren lehen bertsioa onartzeko." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "StrongSwan-ren IKEv2 daemona abiarazi?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"'charon' daemona exekutatzen egon behar da Interneteko Gakoen Trukaketa " +"(IKE) protokoloaren lehen bertsioa onartzeko." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "X.509 ziurtagiria erabili ostalari honentzako?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Ostalari honentzako X.509 ziurtagiri bat automatikoki sor edo inportatu " +"daiteke. Beste ostalariekin IPsec bidez konektatzean autentifikatzeko " +"erabili daiteke, eta hobetsitako bidea da IPsec konexio seguruak " +"eraikitzeko. Beste aukera bat ezkutukoak (tunelaren bi aldeetan berdinak " +"diren pasahitzak) partekatzea litzateke konexio bat autentifikatzeko, baina " +"konexio kopuru handi batentzako gakoetan oinarritutako autentifikazioa " +"errazagoa eta askoz ere seguruagoa da kudeatzeko." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Bestela, aukera hau ukatu dezakezu eta beranduago itzuli \"dpkg-reconfigure " +"strongswan\" komandoa erabiliz." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "sortu" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "inportatu" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "Metodoa ostalari hau X.509 ziurtagiria erabiliz autentifikatzeko:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"X.509 ziurtagiri berri bat sor daiteke erabiltzaileak definitutako " +"ezarpenekin edo PEM fitxategietan gordetako gako publiko eta pribatuak " +"inportatu daiteke IPsec konexioak autentifikatzeko." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"X.509 ziurtagiri berri bat sortzea hautatzen baduzu aurrenik, eta sortzeko " +"lanak hasi aurretik, erantzun beharreko galdera batzuk egingo zaizkizu. " +"Jakin ezazu gako publikoa existitzen den Ziurtagiri-emaile batek sinatzea " +"nahi baduzu, ez zenukeela sortu beharko auto-sinatutako sinatzen duen " +"ziurtagiririk, eta emandako erantzun guztiak zehatz-meatz ZEren " +"eskakizunekin bat etorri beharko dutela, bestela ziurtagiriaren eskaera " +"ukatu egingo baita." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Existitzen den gako publiko eta pribatua inportatzea nahi izanez gero, haien " +"fitxategi-izenak eskatuko zaizkizu (berdinak izango dira bi zatiak fitxategi " +"batean gordeta badaude). Aukeran ziurtagiri-emailearen gako publikoa duen " +"fitxategia ere zehaz dezakezu, baina fitxategi hau ezin da aurrekoen berdina " +"izan. Kontuz ibili, X.509 ziurtagirien formatua PEM izan behar duelako, eta " +"gako pribatua ezin delako enkriptatuta egon, bestela inportatzeko prozesuak " +"huts egingo bait luke." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Zure PEM formatuko X.509 ziurtagiriaren fitxategi-izena :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Idatzi zure PEM formatuko X.509 ziurtagiria duen fitxategiaren bide-izen " +"osoa." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "PEM formatuko X.509 gako pribatuaren fitxategi-izena :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Idatzi dagoen zure PEM formatuko X.509 ziurtagiriaren pareko RSA gako " +"pribatua duen fitxategiaren kokapen osoa. Hau X.509 ziurtagiriaren fitxategi " +"berdina izan daiteke." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "PEM formatuko X.509 ziurtagiriaren fitxategi-izena:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Aukeran X.509 Ziurtagiri-emailearen erroa duen fitxategiaren kokalekua idatz " +"dezakezu zure ziurtagiria PEM formatuan sinatzeko. Ez badaukazu do ez baduzu " +"hori erabiltzerik nahi, utzi eremu hau hutsik. Jakin ezazu ezin dela gorde " +"erroko ZE (RootCA) zure X.509 ziurtagiria edo gako pribatua duen fitxategi " +"berdinean." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Sartu sortutako RSA gakoak edukiko duen luzera:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Sartu sortutako RSA gakoaren luzera. Ez luke 1024 bit baino txikiagoa izan " +"behar ez-segurutzat jotzen delako, eta litekeena da 4096 bit baino luzeagoa " +"behar ez izatea, autentifikatzeko prozesua soilik moteltzen duelako eta " +"unean ez delako behar." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Sortu auto-sinatutako X.509 ziurtagiria?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Soilik auto-sinatutako X.509 ziurtagiriak sor daitezke automatikoki, bestela " +"Ziurtagiri-emailea behar delako ziurtagiriaren eskaera sinatzeko. Auto-" +"sinatutako ziurtagiria sortzea aukeratzen baduzu, ziurtagiri hori berehala " +"erabil dezakezu X.509 ziurtagiria onartzen duten beste IPsec ostalariekin " +"IPsec konexioak autentifikatzeko. Hala ere, strongSwan-en PKI eginbidea " +"erabiltzeak ziurtagiri guztiak Ziurtagiri-emaile batek sinatuta egotea " +"eskatzen du bide fidagarri bat sortzeko." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Ez baduzu auto-sinatutako ziurtagiri bat sortzea aukeratzen, soilik RSAren " +"gako pribatua eta ziurtagiriaren eskaera sortuko dira, eta ziurtagiriaren " +"eskaera zure Ziurtagiri-emailearekin sinatu beharko duzu." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "X.509 ziurtagiriaren eskaeraren herrialdearen kodea:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Sartu zerbitzaria kokatuta dagoen herrialdeari dagokion bi hizkiko kodea " +"(hala nola \"AT\" Austriarentzako)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"OpenSSL-ek ukatu egingo du ziurtagiri bat sortzea baldin eta herrialdearen " +"baliozko ISO-3166 kodea ez bada. X.509 ziurtagiriko beste edozer eremu " +"hutsik egon daiteke, baina ez eremu hau." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaeraren estatu edo probintziaren izena:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Idatzi zerbitzaria kokatuta dagoen estatu edo probintziaren izen osoa " +"(adibidez, \"Goiko Austria\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaeraren herriaren izena:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Idatzi zerbitzaria kokatuta dagoen kokalekua (normalean herria, adibidez, " +"\"Bilbo\"). " + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaeraren erakundearen izena:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "Idatzi zerbitzaria duen erakundea (adibidez, \"Debian\")" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaeraren saila:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "Idatzi zerbitzaria duen saila (adibidez, \"segurtasunaren taldea\")" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaeraren izen arrunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Idatzi ostalari honen izen arrunta (adibidez, \"atebidea.adibidea.org\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaeraren helbide elektronikoa:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Idatzi X.509 ziurtagiriaren ardura duen pertsona edo erakundearen helbide " +"elektronikoa." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Gaitu enkriptazio oportunista?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"StrongSwan bertsio honek aukerako enkriptazio oportunistaren (OE) euskarria " +"du, honek IPSec autentifikazio informazioa DNS erregistroetan gordetzen " +"ditu. Hau guztiz garatua ez dagoenez gaitzeak kanporako konexio berri " +"guztien atzerapen esanguratsu bat eragin dezake." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Enkriptazio oportunista behar duzula ziur bazaude bakarrik gaitu beharko " +"zenuke. Interneteko konexioak moztuko dira (lehenetsitako atebidea) pluto " +"daemona abiaraztean." diff --git a/debian/po/fi.po b/debian/po/fi.po new file mode 100644 index 000000000..1b226f9a9 --- /dev/null +++ b/debian/po/fi.po @@ -0,0 +1,664 @@ +# Copyright (C) 2009 +# This file is distributed under the same license as the strongswan package. +# +# Esko Arajärvi <edu@iki.fi>, 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-09 12:15+0200\n" +"PO-Revision-Date: 2009-05-25 14:49+0100\n" +"Last-Translator: Esko Arajärvi <edu@iki.fi>\n" +"Language-Team: Finnish <debian-l10n-finnish@lists.debian.org>\n" +"Language: fi\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Käynnistetäänkö strongSwan uudelleen nyt?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is recommended, because if there is a security fix, " +#| "it will not be applied until the daemon restarts. However, this might " +#| "close existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such " +"a strongSwan tunnel to connect for this update, restarting is not " +"recommended." +msgstr "" +"On suositeltavaa käynnistää strongSwan-taustaohjelma uudelleen, koska " +"mahdolliset tietoturvapäivitykset eivät tule käyttöön ennen tätä. Tämä " +"saattaa kuitenkin katkaista olemassa olevat yhteydet ja avata ne sitten " +"uudelleen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Käynnistetäänkö strongSwanin IKEv1-taustaohjelma?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Internet Key Exchange -protokollan version 1 tuki vaatii, että pluto-" +"taustaohjelma on käynnissä." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Käynnistetäänkö strongSwanin IKEv2-taustaohjelma?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Internet Key Exchange -protokollan version 2 tuki vaatii, että charon-" +"taustaohjelma on käynnissä." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Use an existing X.509 certificate for strongSwan?" +msgid "Use an X.509 certificate for this host?" +msgstr "Tulisiko strongSwanin käyttää olemassa olevaa X.509-varmennetiedostoa?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X.509 certificate in PEM format:" +msgid "File name of your PEM format X.509 certificate:" +msgstr "PEM-muodossa olevan X.509-varmennetiedoston nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X.509 " +#| "certificate in PEM format." +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Anna PEM-muodossa olevan, X.509-varmenteen sisältävän tiedoston täydellinen " +"polku." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your existing X.509 private key in PEM format:" +msgid "File name of your PEM format X.509 private key:" +msgstr "PEM-muotoisen, olemassa olevan, salaisen X.509-avaimen tiedostonimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X.509 certificate in PEM format. This can be the same file " +#| "as the X.509 certificate." +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Anna PEM-muodossa olevaan X.509-varmenteeseen täsmäävän salaisen RSA-avaimen " +"täydellinen polku. Tämä voi olla sama tiedosto kuin X.509-varmenteen " +"sisältävä." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "File name of your X.509 certificate in PEM format:" +msgid "File name of your PEM format X.509 RootCA:" +msgstr "PEM-muodossa olevan X.509-varmennetiedoston nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Create a self-signed X.509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "Luodaanko itseallekirjoitettu X.509-varmenne?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "If you do not accept this option, only the RSA private key will be " +#| "created, along with a certificate request which you will need to have " +#| "signed by a certificate authority." +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Jos et valitse tätä vaihtoehtoa, luodaan vain salainen RSA-avain ja " +"varmennepyyntö, joka pitää lähettää ulkoisen varmentajan " +"allekirjoitettavaksi." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Country code for the X.509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön maakoodi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "State or province name for the X.509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön osavaltio, lääni tai maakunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province to include in the " +#| "certificate request." +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Anna varmennepyyntöön sisällytettävä osavaltion, läänin tai maakunnan koko " +"nimi." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Locality name for the X.509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön paikkakunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Organization name for the X.509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön järjestön nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Organizational unit for the X.509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön järjestön yksikkö:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Organizational unit for the X.509 certificate request:" +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "X.509-varmennepyynnön järjestön yksikkö:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "Common name for the X.509 certificate request:" +msgid "Common Name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön yleinen nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Email address for the X.509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön sähköpostiosoite:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "" +#| "Please enter the email address (for the individual or organization " +#| "responsible) that should be used in the certificate request." +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Anna varmennepyynnössä käytettävä sähköpostiosoite (yksityinen ja järjestön)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Käytetäänkö opportunistista salausta?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"StrongSwanin tämä versio tukee opportunistista salausta (opportunistic " +"encryption, OE), joka tallentaa IPSec-varmennustietoja DNS-tietueisiin. " +"Ennen kuin tämä käytäntö yleistyy laajalti, sen käyttö aiheuttaa merkittävän " +"viiveen jokaiseen uuteen ulospäin otettavaan yhteyteen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Valitse opportunistinen salaus vain, jos olet varma, että haluat sen " +"käyttöön. Se saattaa rikkoa Internet-yhteyden (oletusreitityksen), kun pluto-" +"taustaohjelma käynnistyy." + +#, fuzzy +#~| msgid "When to start strongSwan:" +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Koska strongSwan käynnistetään:" + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "Please enter the location of your X509 certificate in PEM format:" +#~ msgstr "" +#~ "Anna PEM-muodossa olevan, X.509-varmenteen sisältävän tiedoston " +#~ "täydellinen polku." + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "Please enter the location of your X509 private key in PEM format:" +#~ msgstr "" +#~ "Anna PEM-muodossa olevan, X.509-varmenteen sisältävän tiedoston " +#~ "täydellinen polku." + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "You may now enter the location of your X509 RootCA in PEM format:" +#~ msgstr "" +#~ "Anna PEM-muodossa olevan, X.509-varmenteen sisältävän tiedoston " +#~ "täydellinen polku." + +#, fuzzy +#~| msgid "" +#~| "Please enter the two-letter ISO3166 country code that should be used in " +#~| "the certificate request." +#~ msgid "" +#~ "Please enter the 2 letter country code for your country. This code will " +#~ "be placed in the certificate request." +#~ msgstr "" +#~ "Anna varmennepyynnössä käytettävä kaksikirjaiminen ISO-3166-maakoodi." + +#, fuzzy +#~| msgid "" +#~| "Please enter the locality name (often a city) that should be used in the " +#~| "certificate request." +#~ msgid "" +#~ "Please enter the locality (e.g. city) where you live. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Anna varmennepyynnössä käytettävä paikkakunnan nimi (usein kaupunki)." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization name (often a company) that should be used " +#~| "in the certificate request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "Anna varmennepyynnössä käytettävä järjestön nimi (usein yritys)." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organizational unit name (often a department) that " +#~| "should be used in the certificate request." +#~ msgid "" +#~ "Please enter the organizational unit (e.g. section) that the X509 " +#~ "certificate should be created for. This name will be placed in the " +#~ "certificate request." +#~ msgstr "" +#~ "Valitse varmennepyynnössä käytettävä järjestön yksikkö (usein osasto)." + +#, fuzzy +#~| msgid "" +#~| "Please enter the common name (such as the host name of this machine) " +#~| "that should be used in the certificate request." +#~ msgid "" +#~ "Please enter the common name (e.g. the host name of this machine) for " +#~ "which the X509 certificate should be created for. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Anna varmennepyynnössä käytettävä yleinen nimi (kuten tämän koneen " +#~ "verkkonimi)." + +#~ msgid "earliest" +#~ msgstr "mahdollisimman aikaisin" + +#~ msgid "after NFS" +#~ msgstr "NFS:n jälkeen" + +#~ msgid "after PCMCIA" +#~ msgstr "PCMCIA:n jälkeen" + +#~ msgid "" +#~ "StrongSwan starts during system startup so that it can protect " +#~ "filesystems that are automatically mounted." +#~ msgstr "" +#~ "StrongSwan käynnistetään järjestelmän käynnistyessä, jotta se voi " +#~ "suojella automaattisesti liitettäviä levyjärjestelmiä." + +#~ msgid "" +#~ " * earliest: if /usr is not mounted through NFS and you don't use a\n" +#~ " PCMCIA network card, it is best to start strongSwan as soon as\n" +#~ " possible, so that NFS mounts can be secured by IPSec;\n" +#~ " * after NFS: recommended when /usr is mounted through NFS and no\n" +#~ " PCMCIA network card is used;\n" +#~ " * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +#~ " network card or if it needs keys to be fetched from a locally running " +#~ "DNS\n" +#~ " server with DNSSec support." +#~ msgstr "" +#~ "* mahdollisimman aikaisin: Jos hakemistoa /usr ei liitetä NFS:n avulla,\n" +#~ " eikä käytössä ole PCMCIA-verkkokortteja, strongSwan kannattaa\n" +#~ " käynnistää mahdollisimman aikaisin, jotta liitettävät NFS-järjestelmät\n" +#~ " voidaan suojata IPSecillä.\n" +#~ "* NFS:n jälkeen: suositeltava, kun käytössä ei ole PCMCIA-verkkokortteja\n" +#~ " ja /usr liitetään NFS:n avulla.\n" +#~ "* PCMCIA:n jälkeen: suositeltava, jos IPSec-yhteys käyttää\n" +#~ " PCMCIA-verkkokorttia tai hakee avaimia paikalliselta DNS-palvelimelta\n" +#~ " DNSSec-tuen avulla." + +#~ msgid "" +#~ "If you don't restart strongSwan now, you should do so manually at the " +#~ "first opportunity." +#~ msgstr "" +#~ "Jos et käynnistä strongSwania nyt uudelleen, tee se käsin mahdollisimman " +#~ "pian." + +#~ msgid "Create an RSA public/private keypair for this host?" +#~ msgstr "" +#~ "Luodaanko tälle koneelle julkisesta ja salaisesta avaimesta koostuva RSA-" +#~ "avainpari?" + +#~ msgid "" +#~ "StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to " +#~ "authenticate IPSec connections to other hosts. RSA authentication is " +#~ "generally considered more secure and is easier to administer. You can use " +#~ "PSK and RSA authentication simultaneously." +#~ msgstr "" +#~ "StrongSwan voi käyttää ennalta vaihdettua avainta (Pre-Shared Key, PSK) " +#~ "tai RSA-avainparia varmentaessaan IPSec-yhteyksiä toisiin koneisiin. RSA-" +#~ "varmennusta pidetään yleisesti turvallisempana ja helpommin " +#~ "ylläpidettävänä. PSK- ja RSA-varmennuksia voidaan käyttää yhtä aikaa." + +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "Jos et halua luoda uutta avainparia, voi valita olemassa olevan parin " +#~ "seuraavassa vaiheessa." + +#~ msgid "" +#~ "The required information can automatically be extracted from an existing " +#~ "X.509 certificate with a matching RSA private key. Both parts can be in " +#~ "one file, if it is in PEM format. You should choose this option if you " +#~ "have such an existing certificate and key file and want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "Vaadittavat tiedot voidaan automaattisesti erottaa olemassa olevasta " +#~ "X.509-varmennetiedostosta täsmäävällä salaisella RSA-avaimella. Avaimen " +#~ "molemmat osat voivat olla samassa tiedostossa, jos se on PEM-muodossa. " +#~ "Valitse tämä vaihtoehto, jos tällaiset varmenne- ja avaintiedostot ovat " +#~ "olemassa ja haluat käyttää niitä IPSec-yhteyksien varmentamiseen." + +#~ msgid "RSA key length:" +#~ msgstr "RSA-avaimen pituus:" + +#~ msgid "" +#~ "Please enter the length of RSA key you wish to generate. A value of less " +#~ "than 1024 bits is not considered secure. A value of more than 2048 bits " +#~ "will probably affect performance." +#~ msgstr "" +#~ "Anna luotavan RSA-avaimen pituus. 1024 bittiä lyhyempiä avaimia ei pidetä " +#~ "turvallisina. 2048 bittiä pidemmät avaimet luultavasti heikentävät " +#~ "suorituskykyä." + +#~ msgid "" +#~ "Only self-signed X.509 certificates can be created automatically, because " +#~ "otherwise a certificate authority is needed to sign the certificate " +#~ "request." +#~ msgstr "" +#~ "Vain itseallekirjoitettu X.509-varmenne voidaan luoda automaattisesti, " +#~ "koska muussa tapauksessa tarvitaan ulkoinen varmentaja allekirjoittamaan " +#~ "varmennepyyntö." + +#~ msgid "" +#~ "If you accept this option, the certificate created can be used " +#~ "immediately to connect to other IPSec hosts that support authentication " +#~ "via an X.509 certificate. However, using strongSwan's PKI features " +#~ "requires a trust path to be created by having all X.509 certificates " +#~ "signed by a single authority." +#~ msgstr "" +#~ "Jos valitset tämän vaihtoehdon, luotua varmennetta voidaan heti käyttää " +#~ "yhteyksien ottamiseen toisiin IPSEc-koneisiin, jotka tukevat " +#~ "varmentamista X.509-varmenteilla. StrongSwanin PKI-ominaisuuksien käyttö " +#~ "kuitenkin vaatii varmennuspolun, jossa sama varmentaja on " +#~ "allekirjoittanut kaikki X.509-varmenteet." + +#~ msgid "" +#~ "This field is mandatory; otherwise a certificate cannot be generated." +#~ msgstr "Tämä kenttä on pakollinen. Ilman sitä varmennetta ei voida luoda." diff --git a/debian/po/fr.po b/debian/po/fr.po new file mode 100644 index 000000000..22a9f6bc7 --- /dev/null +++ b/debian/po/fr.po @@ -0,0 +1,1040 @@ +# Translation of strongswan debconf templates to French +# Copyright (C) 2005-2007 Christian Perrier <bubulle@debian.org> +# This file is distributed under the same license as the strongswan package. +# +# Christian Perrier <bubulle@debian.org>, 2005-2007, 2009, 2010. +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-09 12:15+0200\n" +"PO-Revision-Date: 2010-06-24 22:17+0200\n" +"Last-Translator: Christian Perrier <bubulle@debian.org>\n" +"Language-Team: French <debian-l10n-french@lists.debian.org>\n" +"Language: fr\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 1.0\n" +"Plural-Forms: Plural-Forms: nplurals=2; plural=n>1;\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Abandon de l'ancien système de lancement" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Les versions précédentes du paquet de stronSwan permettaient de choisir " +"entre trois séquences possibles de lancement au démarrage de la machine. " +"Comme l'organisation générale des scripts de lancement a été profondément " +"modifiée dans le système, cela n'est désormais plus utile. Pour toutes les " +"nouvelles installations, ainsi que pour les anciennes qui fonctionnaient " +"selon un des trois modes prédéfinis, une séquence de lancement sûre va être " +"mise en place. Si vous effectuez une mise à jour et aviez modifié les " +"paramètres de lancement de strongSwan, veuillez consulter le fichier NEWS." +"Debian pour trouver les informations qui vous permettront d'adapter vos " +"réglages." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Faut-il redémarrer StrongSwan maintenant ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such " +"a strongSwan tunnel to connect for this update, restarting is not " +"recommended." +msgstr "" +"Redémarrer strongSwan est préférable car un éventuel correctif de sécurité " +"ne prendra effet que si le démon est redémarré. La plupart des utilisateurs " +"s'attendent à ce que le démon redémarre et c'est donc le plus souvent le " +"meilleur choix. Cependant, cela pourrait interrompre provisoirement des " +"connexions en cours, y compris la connexion utilisée actuellement pour cette " +"mise à jour. En conséquence, il est déconseillé de redémarrer si le tunnel " +"est utilisé pour l'administration du système." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Faut-il démarrer le démon IKEv1 de StrongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Le démon « pluto » doit fonctionner pour que la version 1 du protocole IKE " +"(Internet Key Exchange) puisse être gérée." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Faut-il démarrer le démon IKEv2 de StrongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Le démon « charon » doit fonctionner pour que la version 2 du protocole IKE " +"(Internet Key Exchange) puisse être gérée." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Faut-il utiliser un certificat X.509 existant avec cet hôte ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Un certificat X.509 peut être créé automatiquement ou importé, pour cet " +"hôte. Il peut servir à authentifier des connexions IPSec vers d'autres " +"hôtes, ce qui est la méthode conseillée pour l'établissement de liaisons " +"IPSec sûres. L'autre possibilité d'authentification à la connexion est " +"l'utilisation d'un secret partagé (« pre-shared key » : des mots de passe " +"identiques aux deux extrémités du tunnel). Toutefois, pour de nombreuses " +"connexions, l'authentification à base de clés est plus simple à administrer " +"et plus sûre." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Vous pouvez ne pas choisir cette option et y revenir plus tard avec la " +"commande « dpkg-reconfigure strongswan »." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "Créer" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "Importer" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" +"Méthode de mise en place d'un certificat X.509 pour l'authentification de " +"cet hôte :" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"Pour l'authentification des connexions IPsec, il est possible de créer un " +"nouveau certificat X.509 avec des réglages personnalisés ou importer une " +"paire de clés publique et privée depuis un ou plusieurs fichiers PEM." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Si vous choisissez de créer un nouveau certificat X.509, vous devrez fournir " +"plusieurs informations avant la création. Veuillez noter que si vous " +"souhaitez utiliser un certificat signé par une autorité de certification, " +"vous ne devez pas choisir de créer un certificat auto-signé et devrez donner " +"exactement les réponses souhaitées par l'autorité de certification sinon la " +"requête de certificat risquerait d'être rejetée." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Si vous souhaitez importer une paire de clés, vous devrez en fournir les " +"noms de fichiers (qui peuvent être identiques si les parties privée et " +"publique sont dans le même fichier). Vous pourrez facultativement fournir le " +"nom d'un fichier contenant la ou les clés publiques de l'autorité de " +"certification. Ce fichier devra être différent des précédents. Le format des " +"certificats X.509 doit être PEM et la clé privée ne doit pas être chiffrée. " +"Dans le cas contraire, l'importation échouera." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Nom du fichier PEM contenant le certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Veuillez indiquer l'emplacement du fichier contenant votre certificat X.509 " +"au format PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Nom du fichier PEM contenant la clé privée X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Veuillez indiquer l'emplacement du fichier contenant la clé privée RSA " +"correspondant au certificat X.509 au format PEM. Cela peut être le fichier " +"qui contient le certificat X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "" +"Nom du fichier PEM contenant le certificat X.509 de l'autorité de " +"certification :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Veuillez indiquer facultativement l'emplacement du fichier (au format PEM) " +"contenant le certificat X.509 de l'autorité de certification qui a signé le " +"certificat que vous avez fourni. Si vous n'utilisez pas d'autorité de " +"certification, vous pouvez laisser ce champ vide. Veuillez noter que ce " +"fichier doit être différent du fichier de certificat X.509 et de la clé " +"privée que vous utilisez." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Longueur de la clé RSA à créer :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Veuillez indiquer la longueur de la clé RSA qui sera créée. Elle ne doit pas " +"être inférieure à 1024 bits car cela serait considéré comme insuffisamment " +"sûr. Un choix excédant 4096 bits est probablement inutile car cela ne fait " +"essentiellement que ralentir le processus d'authentification sans avoir " +"d'intérêt actuellement." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Souhaitez-vous créer un certificat X.509 auto-signé ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Seuls des certificats X.509 auto-signés peuvent être créés automatiquement " +"puisqu'une autorité de certification est indispensable pour signer la " +"demande de certificat. Si vous choisissez de créer un certificat auto-signé, " +"vous pourrez vous en servir immédiatement pour vous connecter aux hôtes qui " +"authentifient les connexions IPsec avec des certificats X.509. Cependant, si " +"vous souhaitez utiliser les nouvelles fonctionnalités PKI de strongSwan, " +"vous aurez besoin que tous les certificats soient signés par la même " +"autorité de certification afin de créer un chemin de confiance." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Si vous ne voulez pas créer de certificat auto-signé, seules la clé privée " +"RSA et la demande de certificat seront créées et vous devrez ensuite faire " +"signer la demande de certificat par votre autorité de certification." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Code du pays pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Veuillez indiquer le code à deux lettres du pays où est situé le serveur " +"(p. ex. « FR » pour la France)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"Il est impératif de choisir ici un code de pays ISO-3166 valable sinon " +"OpenSSL refusera de créer les certificats. Tous les autres champs d'un " +"certificat X.509 peuvent être vides, sauf celui-ci." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "État ou province pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Veuillez indiquer le nom complet de l'état ou de la province qui sera inclus " +"dans la demande de certificat (p. ex. « Québec »)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Localité pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Veuillez indiquer la localité où est situé le serveur (ce sera souvent une " +"ville, comme « Montcuq »)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisme pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Veuillez indiquer l'organisme propriétaire du serveur (p. ex. « Debian »)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unité d'organisation pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Veuillez indiquer l'unité d'organisation pour la demande de certificat X.509 " +"(p. ex. « Équipe sécurité »)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Nom ordinaire pour la demande de certification X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Veuillez indiquer le nom ordinaire de ce serveur (ce sera souvent son nom " +"réseau)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "Adresse électronique pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Veuillez indiquer l'adresse électronique de la personne ou de l'organisme " +"responsable du certificat X.509." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Faut-il activer le chiffrement opportuniste ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Cette version de strongSwan gère le chiffrement opportuniste (OE) qui " +"conserve les informations d'authentification IPSec dans des enregistrements " +"DNS. Tant que cette fonctionnalité n'est pas déployée largement, l'activer " +"augmentera notablement la durée d'établissement des connexions sortantes." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Vous ne devriez l'activer que s'il est indispensable de l'utiliser. Il est " +"possible que cela coupe la connexion Internet (la route par défaut) au " +"moment où le démon « pluto » démarre." + +#, fuzzy +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Moment de démarrage de strongSwan :" + +#~ msgid "Please enter the location of your X509 certificate in PEM format:" +#~ msgstr "Emplacement du certificat X509 :" + +#~ msgid "Please enter the location of your X509 private key in PEM format:" +#~ msgstr "Emplacement de la clé privée X509 :" + +#~ msgid "You may now enter the location of your X509 RootCA in PEM format:" +#~ msgstr "Emplacement du certificat X509 de l'autorité de certification :" + +#~ msgid "" +#~ "Please enter the 2 letter country code for your country. This code will " +#~ "be placed in the certificate request." +#~ msgstr "" +#~ "Veuillez indiquer le code à deux lettres de votre pays. Ce code sera " +#~ "inclus dans la demande de certificat." + +#~ msgid "" +#~ "Please enter the locality (e.g. city) where you live. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Veuillez indiquer la localité (p. ex. la ville) où vous résidez. Ce nom " +#~ "sera inclus dans la demande de certificat." + +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Veuillez indiquer l'organisme (p. ex. l'entreprise) pour qui sera créé le " +#~ "certificat X509. Ce nom sera inclus dans la demande de certificat." + +#~ msgid "" +#~ "Please enter the organizational unit (e.g. section) that the X509 " +#~ "certificate should be created for. This name will be placed in the " +#~ "certificate request." +#~ msgstr "" +#~ "Veuillez indiquer l'unité d'organisation (p. ex. département, division, " +#~ "etc.) pour qui sera créé le certificat X509. Ce nom sera inclus dans la " +#~ "demande de certificat." + +#~ msgid "" +#~ "Please enter the common name (e.g. the host name of this machine) for " +#~ "which the X509 certificate should be created for. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Veuillez indiquer le nom ordinaire (p. ex. le nom réseau de cette " +#~ "machine) pour qui sera créé le certificat X509. Ce nom sera inclus dans " +#~ "la demande de certificat." + +#~ msgid "earliest" +#~ msgstr "Le plus tôt possible" + +#~ msgid "after NFS" +#~ msgstr "Après NFS" + +#~ msgid "after PCMCIA" +#~ msgstr "Après PCMCIA" + +#~ msgid "" +#~ "StrongSwan starts during system startup so that it can protect " +#~ "filesystems that are automatically mounted." +#~ msgstr "" +#~ "StrongSwan est lancé au démarrage du système afin de pouvoir protéger les " +#~ "systèmes de fichiers qui sont montés automatiquement." + +#~ msgid "" +#~ " * earliest: if /usr is not mounted through NFS and you don't use a\n" +#~ " PCMCIA network card, it is best to start strongSwan as soon as\n" +#~ " possible, so that NFS mounts can be secured by IPSec;\n" +#~ " * after NFS: recommended when /usr is mounted through NFS and no\n" +#~ " PCMCIA network card is used;\n" +#~ " * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +#~ " network card or if it needs keys to be fetched from a locally running " +#~ "DNS\n" +#~ " server with DNSSec support." +#~ msgstr "" +#~ " - Le plus tôt possible : conseillé si /usr n'est pas monté par NFS\n" +#~ " et que vous n'utilisez pas de carte réseau PCMCIA ;\n" +#~ " - Après NFS : recommandé si /usr est un montage NFS et qu'aucune\n" +#~ " carte réseau PCMCIA n'est utilisée ;\n" +#~ " - après PCMCIA : recommandé si la connexion IPSec utilise une carte\n" +#~ " réseau PCMCIA ou s'il est nécessaire de récupérer des clés\n" +#~ " depuis un serveur DNS qui gère DNSSec." + +#~ msgid "" +#~ "If you don't restart strongSwan now, you should do so manually at the " +#~ "first opportunity." +#~ msgstr "" +#~ "Si vous ne redémarrez pas StrongSwan maintenant, il est conseillé de le " +#~ "faire manuellement dès que possible." + +#~ msgid "Create an RSA public/private keypair for this host?" +#~ msgstr "" +#~ "Faut-il créer une paire de clés RSA publique et privée pour cet hôte ?" + +#~ msgid "" +#~ "StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to " +#~ "authenticate IPSec connections to other hosts. RSA authentication is " +#~ "generally considered more secure and is easier to administer. You can use " +#~ "PSK and RSA authentication simultaneously." +#~ msgstr "" +#~ "StrongSwan peut utiliser une clé secrète partagée (PSK : « Pre-Shared " +#~ "Key ») ou une paire de clés RSA pour gérer l'authentification des " +#~ "connexions IPSec vers d'autres hôtes. L'authentification RSA est en " +#~ "général considérée comme plus sûre et plus simple à administrer. Les deux " +#~ "modes d'authentification peuvent être utilisés en même temps." + +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "Si vous ne souhaitez pas créer une paire de clés publique et privée, vous " +#~ "pouvez choisir d'en utiliser une existante." + +#~ msgid "" +#~ "The required information can automatically be extracted from an existing " +#~ "X.509 certificate with a matching RSA private key. Both parts can be in " +#~ "one file, if it is in PEM format. You should choose this option if you " +#~ "have such an existing certificate and key file and want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "L'information nécessaire peut être récupérée depuis un fichier de " +#~ "certificat X.509 existant, avec la clé privée RSA correspondante. Les " +#~ "deux parties peuvent se trouver dans un seul fichier, s'il est en format " +#~ "PEM. Vous devriez choisir cette option si vous possédez un tel certificat " +#~ "ainsi que la clé privée, et si vous souhaitez vous en servir pour " +#~ "l'authentification des connexions IPSec." + +#~ msgid "RSA key length:" +#~ msgstr "Taille de la clé RSA :" + +#~ msgid "" +#~ "Please enter the length of RSA key you wish to generate. A value of less " +#~ "than 1024 bits is not considered secure. A value of more than 2048 bits " +#~ "will probably affect performance." +#~ msgstr "" +#~ "Veuillez indiquer la taille de la clé RSA que vous souhaitez créer. Une " +#~ "valeur inférieure à 1024 bits n'est pas considérée comme sûre. Une valeur " +#~ "supérieure à 2048 bits risque d'altérer les performances." + +#~ msgid "" +#~ "Only self-signed X.509 certificates can be created automatically, because " +#~ "otherwise a certificate authority is needed to sign the certificate " +#~ "request." +#~ msgstr "" +#~ "Seuls les certificats X.509 auto-signés peuvent être créés " +#~ "automatiquement car, pour les autres certificats, une autorité de " +#~ "certification est indispensable." + +#~ msgid "" +#~ "If you accept this option, the certificate created can be used " +#~ "immediately to connect to other IPSec hosts that support authentication " +#~ "via an X.509 certificate. However, using strongSwan's PKI features " +#~ "requires a trust path to be created by having all X.509 certificates " +#~ "signed by a single authority." +#~ msgstr "" +#~ "Si vous choisissez cette option, le certificat qui sera créé pourra être " +#~ "utilisé immédiatement pour la connexion à d'autres hôtes IPSec qui gèrent " +#~ "l'authentification par certificat X.509. Cependant l'utilisation des " +#~ "fonctionnalités PKI (« Public Key Infrastructure » : infrastructure " +#~ "publique de clés) de strongSwan impose la création d'un chemin de " +#~ "confiance avec tous les certificats X.509 signés par la même autorité de " +#~ "certification." + +#~ msgid "" +#~ "This field is mandatory; otherwise a certificate cannot be generated." +#~ msgstr "" +#~ "Ce champ est obligatoire, sinon le certificat ne pourra pas être créé." + +#~| msgid "" +#~| "Previous versions of the Openswan package allowed the user to choose " +#~| "between three different Start/Stop-Levels. Due to changes in the " +#~| "standard system startup procedure, this is no longer necessary and " +#~| "useful. For all new installations as well as old ones running in any of " +#~| "the predefined modes, sane default levels set will now be set. If you " +#~| "are upgrading from a previous version and changed your Openswan startup " +#~| "parameters, then please take a look at NEWS.Debian for instructions on " +#~| "how to modify your setup accordingly." +#~ msgid "" +#~ "Previous versions of the Openswan package gave a choice between three " +#~ "different Start/Stop-Levels. Due to changes in the standard system " +#~ "startup procedure, this is no longer necessary or useful. For all new " +#~ "installations as well as old ones running in any of the predefined modes, " +#~ "sane default levels will now be set. If you are upgrading from a previous " +#~ "version and changed your Openswan startup parameters, then please take a " +#~ "look at NEWS.Debian for instructions on how to modify your setup " +#~ "accordingly." +#~ msgstr "" +#~ "Les versions précédentes du paquet d'Openswan permettaient de choisir " +#~ "entre trois séquences possibles de lancement au démarrage de la machine. " +#~ "Comme l'organisation générale des scripts de lancement a été profondément " +#~ "modifiée dans le système, cela n'est désormais plus utile. Pour toutes " +#~ "les nouvelles installations, ainsi que pour les anciennes qui " +#~ "fonctionnaient selon un des trois modes prédéfinis, une séquence de " +#~ "lancement sûre va être mise en place. Si vous effectuez une mise à jour " +#~ "et aviez modifié les paramètres de lancement d'Openswan, veuillez " +#~ "consulter le fichier NEWS.Debian pour trouver les informations qui vous " +#~ "permettront d'adapter vos réglages." + +#~| msgid "Do you wish to restart Openswan?" +#~ msgid "Restart Openswan now?" +#~ msgstr "Souhaitez-vous redémarrer Openswan ?" + +#~| msgid "" +#~| "Restarting Openswan is a good idea, since if there is a security fix, it " +#~| "will not be fixed until the daemon restarts. Most people expect the " +#~| "daemon to restart, so this is generally a good idea. However, this might " +#~| "take down existing connections and then bring them back up (including " +#~| "the connection currently used for this update, so it is recommended not " +#~| "to restart if you are using any of the tunnel for administration)." +#~ msgid "" +#~ "Restarting Openswan is recommended, since if there is a security fix, it " +#~ "will not be applied until the daemon restarts. Most people expect the " +#~ "daemon to restart, so this is generally a good idea. However, this might " +#~ "take down existing connections and then bring them back up, so if you are " +#~ "using such an Openswan tunnel to connect for this update, restarting is " +#~ "not recommended." +#~ msgstr "" +#~ "Redémarrer Openswan est préférable car un éventuel correctif de sécurité " +#~ "ne sera actif que si le démon est redémarré. La plupart des utilisateurs " +#~ "s'attendent à ce que le démon redémarre et c'est donc le plus souvent le " +#~ "meilleur choix. Cependant, cela pourrait interrompre provisoirement des " +#~ "connexions en cours, y compris la connexion utilisée actuellement pour " +#~ "cette mise à jour. En conséquence, il est déconseillé de redémarrer si le " +#~ "tunnel est utilisé pour l'administration du système." + +#~| msgid "" +#~| "If you do not want to this now you can answer \"No\" and later use the " +#~| "command \"dpkg-reconfigure openswan\" to come back." +#~ msgid "" +#~ "Alternatively you can reject this option and later use the command \"dpkg-" +#~ "reconfigure openswan\" to come back." +#~ msgstr "" +#~ "Vous pouvez ne pas choisir cette option et y revenir plus tard avec la " +#~ "commande « dpkg-reconfigure openswan »." + +#~ msgid "Length of RSA key to be created:" +#~ msgstr "Longueur de la clé RSA à créer :" + +#~| msgid "" +#~| "Please enter the length of the created RSA key. It should not be less " +#~| "than 1024 bits because this should be considered unsecure and you will " +#~| "probably not need anything more than 4096 bits because it only slows the " +#~| "authentication process down and is not needed at the moment." +#~ msgid "" +#~ "Please enter the required RSA key-length. Anything under 1024 bits should " +#~ "be considered insecure; anything more than 4096 bits slows down the " +#~ "authentication process and is not useful at present." +#~ msgstr "" +#~ "Veuillez indiquer la longueur de la clé RSA qui sera créée. Elle ne doit " +#~ "pas être inférieure à 1024 bits car cela serait considéré comme " +#~ "insuffisamment sûr. Un choix excédant 4096 bits est probablement inutile " +#~ "car cela ne fait essentiellement que ralentir le processus " +#~ "d'authentification sans avoir d'intérêt actuellement." + +#~| msgid "" +#~| "This installer can only create self-signed X509 certificates " +#~| "automatically, because otherwise a certificate authority is needed to " +#~| "sign the certificate request. If you want to create a self-signed " +#~| "certificate, you can use it immediately to connect to other IPsec hosts " +#~| "that support X509 certificate for authentication of IPsec connections. " +#~| "However, if you want to use the new PKI features of Openswan >= 1.91, " +#~| "you will need to have all X509 certificates signed by a single " +#~| "certificate authority to create a trust path." +#~ msgid "" +#~ "Only self-signed X.509 certificates can be created automatically, because " +#~ "otherwise a Certificate Authority is needed to sign the certificate " +#~ "request. If you choose to create a self-signed certificate, you can use " +#~ "it immediately to connect to other IPsec hosts that support X.509 " +#~ "certificate for authentication of IPsec connections. However, using " +#~ "Openswan's PKI features requires all certificates to be signed by a " +#~ "single Certificate Authority to create a trust path." +#~ msgstr "" +#~ "Seuls des certificats X.509 auto-signés peuvent être créés " +#~ "automatiquement puisqu'une autorité de certification est indispensable " +#~ "pour signer la demande de certificat. Si vous choisissez de créer un " +#~ "certificat auto-signé, vous pourrez vous en servir immédiatement pour " +#~ "vous connecter aux hôtes qui authentifient les connexions IPsec avec des " +#~ "certificats X.509. Cependant, si vous souhaitez utiliser les nouvelles " +#~ "fonctionnalités PKI d'Openswan, vous aurez besoin que tous les " +#~ "certificats soient signés par la même autorité de certification afin de " +#~ "créer un chemin de confiance." + +#~ msgid "Modification of /etc/ipsec.conf" +#~ msgstr "Modification de /etc/ipsec.conf" + +#~| msgid "" +#~| "Due to a change in upstream Openswan, opportunistic encryption is no " +#~| "longer enabled by default. The no_oe.conf file that was shipped in " +#~| "earlier versions to explicitly disable it can therefore no longer be " +#~| "included by ipsec.conf. A respective include paragraph will now be " +#~| "automatically removed to ensure that Openswan can start correctly." +#~ msgid "" +#~ "Due to a change in upstream Openswan, opportunistic encryption is no " +#~ "longer enabled by default. The no_oe.conf file that was shipped in " +#~ "earlier versions to explicitly disable it can therefore no longer be " +#~ "included by ipsec.conf. Any such include paragraph will now be " +#~ "automatically removed to ensure that Openswan can start correctly." +#~ msgstr "" +#~ "En raison de modifications dans la version amont d'Openswan, le " +#~ "chiffrement opportuniste n'est plus activé par défaut. Le fichier no_oe." +#~ "conf qui était fourni avec les versions précédentes pour le désactiver " +#~ "explicitement ne peut donc plus être inclus dans ipsec.conf. Toute " +#~ "instruction d'inclusion de ce fichier sera automatiquement retirée afin " +#~ "qu'Openswan puisse démarrer correctement." + +#~ msgid "Example: AT" +#~ msgstr "Exemple : FR" + +#~ msgid "" +#~ "Please enter the state or province name for the X509 certificate request:" +#~ msgstr "État, province ou région :" + +#~ msgid "" +#~ "Please enter the full name of the state or province you live in. This " +#~ "name will be placed in the certificate request." +#~ msgstr "" +#~ "Veuillez indiquer le nom complet de l'état, de la province ou de la " +#~ "région où vous résidez. Ce nom sera inclus dans la demande de certificat." + +#~ msgid "Example: Upper Austria" +#~ msgstr "" +#~ "Exemples : Rhône-Alpes, Brabant Wallon, Bouches du Rhône, Québec, Canton " +#~ "de Vaud" + +#~ msgid "Example: Vienna" +#~ msgstr "Exemple : Saint-Étienne" + +#~ msgid "Example: Debian" +#~ msgstr "Exemple : Debian" + +#~ msgid "Example: security group" +#~ msgstr "Exemple : Département Réseaux et Informatique Scientifique" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Exemple : gateway.debian.org" + +#~ msgid "Do you want to create a RSA public/private keypair for this host?" +#~ msgstr "" +#~ "Souhaitez-vous créer une paire de clés RSA publique et privée pour cet " +#~ "hÃŽte ?" + +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one." +#~ msgstr "" +#~ "Si vous ne souhaitez pas créer une paire de clés publique et privée, " +#~ "vous pouvez choisir d'en utiliser une existante." + +#~ msgid "x509" +#~ msgstr "X509" + +#~ msgid "plain" +#~ msgstr "Simple paire" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "Openswan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Il est possible de créer une simple paire de clés destinée à être " +#~ "utilisée avec Openswan ou de créer un fichier de certificat X509 qui " +#~ "contient la clé publique RSA et de conserver la clé privée " +#~ "correspondante par ailleurs." + +#, fuzzy +#~| msgid "" +#~| "If you only want to build up IPSec connections to hosts also running " +#~| "Openswan, it might be a bit easier using plain RSA keypairs. But if you " +#~| "want to connect to other IPSec implementations, you will need a X509 " +#~| "certificate. It is also possible to create a X509 certificate here and " +#~| "extract the RSA public key in plain format if the other side runs " +#~| "Openswan without X509 certificate support." +#~ msgid "" +#~ "If you only want to create IPsec connections to hosts also running " +#~ "Openswan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPsec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "Openswan without X509 certificate support." +#~ msgstr "" +#~ "Si vous ne prévoyez d'établir des connexions IPSec qu'avec des hÃŽtes " +#~ "utilisant Openswan, il sera probablement plus facile d'utiliser des clés " +#~ "RSA simples. Mais si vous souhaitez vous connecter à des hÃŽtes " +#~ "utilisant d'autres implémentations d'IPSec, vous aurez besoin d'un " +#~ "certificat X509. Il est également possible de créer un certificat X509 " +#~ "puis d'en extraire une simple clé publique RSA, si l'autre extrémité " +#~ "de la connexion utilise Openswan sans la gestion des certificats X509." + +#, fuzzy +#~| msgid "" +#~| "Therefore a X509 certificate is recommended since it is more flexible " +#~| "and this installer should be able to hide the complex creation of the " +#~| "X509 certificate and its use in Openswan anyway." +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in Openswan." +#~ msgstr "" +#~ "Ainsi, il vous est conseillé d'utiliser un certificat X509 car cette " +#~ "méthode est plus souple. Cet outil d'installation devrait vous " +#~ "simplifier la tâche de création et d'utilisation de ce certificat X509." + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically extract the needed information from an " +#~| "existing X509 certificate with a matching RSA private key. Both parts " +#~| "can be in one file, if it is in PEM format. Do you have such an existing " +#~| "certificate and key file and want to use it for authenticating IPSec " +#~| "connections?" +#~ msgid "" +#~ "This installer can automatically extract the needed information from an " +#~ "existing X509 certificate with a matching RSA private key. Both parts can " +#~ "be in one file, if it is in PEM format. If you have such an existing " +#~ "certificate and key file please select if want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "Cet outil d'installation est capable d'extraire automatiquement " +#~ "l'information nécessaire d'un fichier de certificat X509 existant, avec " +#~ "la clé privée RSA correspondante. Les deux parties peuvent se trouver " +#~ "dans un seul fichier, s'il est en format PEM. Indiquez si vous possédez " +#~ "un tel certificat ainsi que la clé privée, et si vous souhaitez vous en " +#~ "servir pour l'authentification des connexions IPSec." + +#~ msgid "x509, plain" +#~ msgstr "X509, Simple paire" + +#, fuzzy +#~| msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgid "earliest, after NFS, after PCMCIA" +#~ msgstr "Le plus tÃŽt possible, AprÚs NFS, AprÚs PCMCIA" + +#, fuzzy +#~| msgid "" +#~| "With the current Debian startup levels (nearly everything starting in " +#~| "level 20), it is impossible for Openswan to always start at the correct " +#~| "time. There are three possibilities when Openswan can start: before or " +#~| "after the NFS services and after the PCMCIA services. The correct answer " +#~| "depends on your specific setup." +#~ msgid "" +#~ "With the default system startup levels (nearly everything starting in " +#~ "level 20), it is impossible for Openswan to always start at the correct " +#~ "time. There are three possibilities when Openswan can start: before or " +#~ "after the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Avec les niveaux de démarrage actuellement utilisés par Debian (presque " +#~ "tout démarre au niveau 20), il est impossible de faire en sorte " +#~ "qu'Openswan démarre toujours au moment approprié. Il existe trois " +#~ "moments où il est opportun de le démarrer : avant ou aprÚs les " +#~ "services NFS, ou aprÚs les services PCMCIA. La réponse appropriée " +#~ "dépend de vos réglages spécifiques." + +#, fuzzy +#~| msgid "" +#~| "If you do not have your /usr tree mounted via NFS (either you only mount " +#~| "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~| "and don't use a PCMCIA network card, then it's best to start Openswan at " +#~| "the earliest possible time, thus allowing the NFS mounts to be secured " +#~| "by IPSec. In this case (or if you don't understand or care about this " +#~| "issue), answer \"earliest\" to this question (the default)." +#~ msgid "" +#~ "If the /usr tree of this system is not mounted via NFS (either you only " +#~ "mount other, less vital trees via NFS or don't use NFS mounted trees at " +#~ "all) and no PCMCIA network card is used, then it's best to start Openswan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Si votre arborescence /usr n'est pas un montage NFS (soit parce que vos " +#~ "montages NFS sont à d'autres endroits, moins critiques, soit parce que " +#~ "vous n'utilisez pas du tout de montage NFS) et si vous n'utilisez pas de " +#~ "carte réseau PCMCIA, il est préférable de démarrer Openswan le plus " +#~ "tÃŽt possible, ce qui permettra de sécuriser les montages NFS avec " +#~ "IPSec. Dans ce cas (ou bien si vous ne comprenez pas l'objet de la " +#~ "question ou qu'elle ne vous concerne pas), choisissez « le plus tÃŽt " +#~ "possible », qui est le choix par défaut." + +#, fuzzy +#~| msgid "" +#~| "If you have your /usr tree mounted via NFS and don't use a PCMCIA " +#~| "network card, then you will need to start Openswan after NFS so that all " +#~| "necessary files are available. In this case, answer \"after NFS\" to " +#~| "this question. Please note that the NFS mount of /usr can not be secured " +#~| "by IPSec in this case." +#~ msgid "" +#~ "If the /usr tree is mounted via NFS and no PCMCIA network card is used, " +#~ "then you will need to start Openswan after NFS so that all necessary " +#~ "files are available. In this case, answer \"after NFS\" to this question. " +#~ "Please note that the NFS mount of /usr can not be secured by IPSec in " +#~ "this case." +#~ msgstr "" +#~ "Si /usr est un montage NFS et que vous n'utilisez pas de carte réseau " +#~ "PCMCIA, vous devrez alors démarrer Openswan aprÚs les services NFS afin " +#~ "que tous les fichiers nécessaires soient disponibles. Dans ce cas, " +#~ "choisissez « AprÚs NFS ». Veuillez noter que le montage NFS de /usr " +#~ "n'est alors pas sécurisé par IPSec." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Si vous utilisez une carte PCMCIA pour vos connexions IPSec, votre seul " +#~ "choix possible est le démarrage aprÚs les services PCMCIA. Choisissez " +#~ "alors « AprÚs PCMCIA ». Faites également ce choix si vous souhaitez " +#~ "récupérer les clés d'authentification sur un serveur DNS reconnaissant " +#~ "DNSSec." + +#, fuzzy +#~| msgid "At which level do you wish to start Openswan?" +#~ msgid "Please select the level at which you wish to start Openswan:" +#~ msgstr "Ãtape de lancement d'Openswan :" + +#, fuzzy +#~| msgid "Which type of RSA keypair do you want to create?" +#~ msgid "Please select which type of RSA keypair you want to create:" +#~ msgstr "Type de paire de clés RSA à créer :" + +#~ msgid "Do you wish to enable opportunistic encryption in Openswan?" +#~ msgstr "Souhaitez-vous activer le chiffrement opportuniste dans Openswan ?" + +#~ msgid "" +#~ "Openswan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, Openswan upstream comes with OE enabled by " +#~ "default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the Openswan keying " +#~ "daemon) is started." +#~ msgstr "" +#~ "Openswan gÚre le chiffrement opportuniste (« opportunistic " +#~ "encryption » : OE) qui permet de conserver les informations " +#~ "d'authentification IPSec (c'est-à -dire les clés publiques RSA) dans des " +#~ "enregistrements DNS, de préférence sécurisés. Tant que cette " +#~ "fonctionnalité ne sera pas déployée largement, son activation " +#~ "provoquera un ralentissement significatif pour toute nouvelle connexion " +#~ "sortante. à partir de la version 2.0, cette fonctionnalité est activée " +#~ "par défaut dans Openswan, ce qui peut interrompre le fonctionnement de " +#~ "votre connexion à l'Internet (c'est-à -dire votre route par défaut) " +#~ "dÚs le démarrage de pluto, le démon de gestion de clés d'Openswan." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Veuillez choisir si vous souhaitez activer la gestion du chiffrement " +#~ "opportuniste. Ne l'activez pas si vous n'êtes pas certain d'en avoir " +#~ "besoin." diff --git a/debian/po/gl.po b/debian/po/gl.po new file mode 100644 index 000000000..e92bbd1ea --- /dev/null +++ b/debian/po/gl.po @@ -0,0 +1,668 @@ +# Copyright (C) 2009 THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the strongswan package. +# +# marce villarino <mvillarino@users.sourceforge.net>, 2009. +msgid "" +msgstr "" +"Project-Id-Version: templates_[kI6655]\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-09 12:15+0200\n" +"PO-Revision-Date: 2009-05-25 14:50+0100\n" +"Last-Translator: marce villarino <mvillarino@users.sourceforge.net>\n" +"Language-Team: Galician <proxecto@trasno.ent>\n" +"Language: gl\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.2\n" +"Plural-Forms: nplurals=2; plural=n != 1;\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Desexa reiniciar strongSwan agora?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is recommended, because if there is a security fix, " +#| "it will not be applied until the daemon restarts. However, this might " +#| "close existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such " +"a strongSwan tunnel to connect for this update, restarting is not " +"recommended." +msgstr "" +"Recoméndase reiniciar strongSwan porque se houbese algunha actualización de " +"seguridade non se aplicará até que se reinicie o daemon. Porén, pode pechar " +"as conexións existentes e logo volver a recuperalas." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Desexa iniciar o daemon IKEv1 de strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon pluto debe estar en execución para soportar a versión 1 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Desexa iniciar o IKEv2 de strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon charon debe estar en execución para soportar a versión 2 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Use an existing X.509 certificate for strongSwan?" +msgid "Use an X.509 certificate for this host?" +msgstr "Desexa empregar un certificado X.509 xa existente para strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X.509 certificate in PEM format:" +msgid "File name of your PEM format X.509 certificate:" +msgstr "Nome do ficheiro do certificado X.509 en formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X.509 " +#| "certificate in PEM format." +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Indique a rota completa ao ficheiro que contén o certificado X.509 en " +"formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your existing X.509 private key in PEM format:" +msgid "File name of your PEM format X.509 private key:" +msgstr "Nome do ficheiro coa chave privada X.509 en formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X.509 certificate in PEM format. This can be the same file " +#| "as the X.509 certificate." +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Indique a rota completa ao ficheiro que contén a chave privada RSA que se " +"corresponde do certificado X.509 en formato PEM. Este pode ser o mesmo " +"ficheiro que o do certificado X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "File name of your X.509 certificate in PEM format:" +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Nome do ficheiro do certificado X.509 en formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Create a self-signed X.509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "Desexa crear un certificado X.509 autoasinado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "If you do not accept this option, only the RSA private key will be " +#| "created, along with a certificate request which you will need to have " +#| "signed by a certificate authority." +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Se non acepta esta opción só se creará a chave privada RSA, xunto cun pedido " +"de certificado que precisará que lle asine unha autoridade de certificación." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Country code for the X.509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Código de país para o pedido do certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "State or province name for the X.509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Nome do estado ou provincia para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province to include in the " +#| "certificate request." +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Indique o nome completo do estado ou provincia a incluír no pedido de " +"certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Locality name for the X.509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Nome de localidade para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Organization name for the X.509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Nome da organización para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Organizational unit for the X.509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unidade organizacional para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Organizational unit for the X.509 certificate request:" +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "Unidade organizacional para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "Common name for the X.509 certificate request:" +msgid "Common Name for the X.509 certificate request:" +msgstr "Nome común para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Email address for the X.509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "Enderezo de correo electrónico para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "" +#| "Please enter the email address (for the individual or organization " +#| "responsible) that should be used in the certificate request." +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Indique o enderezo de correo electrónico (do individuo ou do responsábel da " +"organización) que se debe empregar no pedido de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Desexa activar a cifraxe oportunista?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Esta versión de strongSwan soporta a cifraxe oportunista (OE) que garda a " +"información de autenticación de IPSec en rexistros de DNS. Até que estea " +"amplamente utilizado activalo provocará un retardo significativo en cada " +"nova conexión saínte." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Só debería activar a cifraxe oportunista se está certo de que a desexa. Pode " +"estragar a conexión a Internet (a rota por omisión) segundo se inicie o " +"daemon pluto." + +#, fuzzy +#~| msgid "When to start strongSwan:" +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Cando iniciar strongSwan:" + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "Please enter the location of your X509 certificate in PEM format:" +#~ msgstr "" +#~ "Indique a rota completa ao ficheiro que contén o certificado X.509 en " +#~ "formato PEM." + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "Please enter the location of your X509 private key in PEM format:" +#~ msgstr "" +#~ "Indique a rota completa ao ficheiro que contén o certificado X.509 en " +#~ "formato PEM." + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "You may now enter the location of your X509 RootCA in PEM format:" +#~ msgstr "" +#~ "Indique a rota completa ao ficheiro que contén o certificado X.509 en " +#~ "formato PEM." + +#, fuzzy +#~| msgid "" +#~| "Please enter the two-letter ISO3166 country code that should be used in " +#~| "the certificate request." +#~ msgid "" +#~ "Please enter the 2 letter country code for your country. This code will " +#~ "be placed in the certificate request." +#~ msgstr "" +#~ "Indique o código de país ISO3166 de dúas letras que se debe empregar no " +#~ "pedido de certificado." + +#, fuzzy +#~| msgid "" +#~| "Please enter the locality name (often a city) that should be used in the " +#~| "certificate request." +#~ msgid "" +#~ "Please enter the locality (e.g. city) where you live. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Indique o nome da localidade (xeralmente unha cidade) que se debe " +#~ "empregar no pedido de certificado." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization name (often a company) that should be used " +#~| "in the certificate request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Indique o nome da organización (xeralmente unha empresa) que se debe " +#~ "empregar no pedido de certificado." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organizational unit name (often a department) that " +#~| "should be used in the certificate request." +#~ msgid "" +#~ "Please enter the organizational unit (e.g. section) that the X509 " +#~ "certificate should be created for. This name will be placed in the " +#~ "certificate request." +#~ msgstr "" +#~ "Indique o nome da unidade organizacional (xeralmente un departamento) que " +#~ "debe empregarse no pedido de certificado." + +#, fuzzy +#~| msgid "" +#~| "Please enter the common name (such as the host name of this machine) " +#~| "that should be used in the certificate request." +#~ msgid "" +#~ "Please enter the common name (e.g. the host name of this machine) for " +#~ "which the X509 certificate should be created for. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Indique o nome común (como o nome desta máquina) que se debe empregar no " +#~ "pedido de certificado." + +#~ msgid "earliest" +#~ msgstr "o primeiro" + +#~ msgid "after NFS" +#~ msgstr "despois do NFS" + +#~ msgid "after PCMCIA" +#~ msgstr "despois do PCMCIA" + +#~ msgid "" +#~ "StrongSwan starts during system startup so that it can protect " +#~ "filesystems that are automatically mounted." +#~ msgstr "" +#~ "StrongSwan iniciase durante o arrinque do sistema de maneira que poda " +#~ "protexer sistemas de ficheiros que se monten automaticamente." + +#~ msgid "" +#~ " * earliest: if /usr is not mounted through NFS and you don't use a\n" +#~ " PCMCIA network card, it is best to start strongSwan as soon as\n" +#~ " possible, so that NFS mounts can be secured by IPSec;\n" +#~ " * after NFS: recommended when /usr is mounted through NFS and no\n" +#~ " PCMCIA network card is used;\n" +#~ " * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +#~ " network card or if it needs keys to be fetched from a locally running " +#~ "DNS\n" +#~ " server with DNSSec support." +#~ msgstr "" +#~ " * o primeiro: se /usr non se monta mediante NFS e non se emprega unha\n" +#~ " tarxeta PCMCIA, é mellor iniciar strongSwan tan axiña como se poda,\n" +#~ " para que as montaxes NFS podan asegurarse mediante IPSec,\n" +#~ " * despois do NFS: recoméndase cando /usr se monte mediante NFS e non\n" +#~ " se empregue ningunha tarxeta PCMCIA,\n" +#~ " * despois do PCMCIA: recoméndase se a conexión IPSec emprega unha " +#~ "tarxeta\n" +#~ " de rede PCMCIA ou se fose preciso que as chaves se obteñan desde un\n" +#~ " servidor DNS a executarse localmente con soporte para DNSSec." + +#~ msgid "" +#~ "If you don't restart strongSwan now, you should do so manually at the " +#~ "first opportunity." +#~ msgstr "" +#~ "Se non reinicia agora strongSwan debería facelo manualmente en canto poda." + +#~ msgid "Create an RSA public/private keypair for this host?" +#~ msgstr "" +#~ "Desexa crear un par de chaves pública/privada RSA para este servidor?" + +#~ msgid "" +#~ "StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to " +#~ "authenticate IPSec connections to other hosts. RSA authentication is " +#~ "generally considered more secure and is easier to administer. You can use " +#~ "PSK and RSA authentication simultaneously." +#~ msgstr "" +#~ "StrongSwan pode empregar unha chave precompartida (PSK) ou un par de " +#~ "chaves RSA para autenticar as conexións IPSec con outros servidores. A " +#~ "autenticación RSA xeralmente considérase máis segura e é máis fácil de " +#~ "administrar. Pode empregar as autenticacións PSK e RSA á vez." + +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "Se son quer crear un novo par de chaves pública/privada, no seguinte paso " +#~ "pode escoller empregar unha xa existente." + +#~ msgid "" +#~ "The required information can automatically be extracted from an existing " +#~ "X.509 certificate with a matching RSA private key. Both parts can be in " +#~ "one file, if it is in PEM format. You should choose this option if you " +#~ "have such an existing certificate and key file and want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "A información requirida pode extraerse automaticamente a partir dun " +#~ "certificado X.509 xa existente coa chave privada RSA que corresponda. " +#~ "Ambas as partes poden estar nun ficheiro se este está no formato PEM. " +#~ "Debe escoller esta opción se ten tal certificado e chave e quere " +#~ "empregalo para autenticar conexións IPSec." + +#~ msgid "RSA key length:" +#~ msgstr "Lonxitude da chave RSA:" + +#~ msgid "" +#~ "Please enter the length of RSA key you wish to generate. A value of less " +#~ "than 1024 bits is not considered secure. A value of more than 2048 bits " +#~ "will probably affect performance." +#~ msgstr "" +#~ "Indique a lonxitude da chave RSA que desexe xerar. Os valores menores de " +#~ "1024 bits non se consideran seguros, mentres que os maiores de 2048 bits " +#~ "posibelmente afecten ao rendemento." + +#~ msgid "" +#~ "Only self-signed X.509 certificates can be created automatically, because " +#~ "otherwise a certificate authority is needed to sign the certificate " +#~ "request." +#~ msgstr "" +#~ "Só se poden crear automaticamente certificados X.509 autoasinados, porque " +#~ "noutro caso é precisa unha autoridade de certificación para asinar o " +#~ "pedido de certificado." + +#~ msgid "" +#~ "If you accept this option, the certificate created can be used " +#~ "immediately to connect to other IPSec hosts that support authentication " +#~ "via an X.509 certificate. However, using strongSwan's PKI features " +#~ "requires a trust path to be created by having all X.509 certificates " +#~ "signed by a single authority." +#~ msgstr "" +#~ "Se acepta esta opción o certificado que se cree pode empregarse " +#~ "inmediatamente para conectarse con outros servidores IPSec que soporten a " +#~ "autenticación mediante un certificado X.509. Porén, par empregar as " +#~ "funcionalidades PKI de strongSwan requírese que se cree unha rota de " +#~ "confianza asinando todos os certificados X.509 por unha única autoridade." + +#~ msgid "" +#~ "This field is mandatory; otherwise a certificate cannot be generated." +#~ msgstr "" +#~ "Este campo é obrigatorio, caso contrario non se poderá xerar un " +#~ "certificado." diff --git a/debian/po/it.po b/debian/po/it.po new file mode 100644 index 000000000..e9f11d539 --- /dev/null +++ b/debian/po/it.po @@ -0,0 +1,476 @@ +# ITALIAN TRANSLATION OF STRONGSWAN'S PO-DEBCONF FILE. +# COPYRIGHT (C) YEAR THE STRONGSWAN'S COPYRIGHT HOLDER +# This file is distributed under the same license as the strongswan package. +# +# Vincenzo Campanella <vinz65@gmail.com>, 2010. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: 2010-11-13 16:03+0100\n" +"Last-Translator: Vincenzo Campanella <vinz65@gmail.com>\n" +"Language-Team: Italian <tp@lists.linux.it>\n" +"Language: it\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Vecchia gestione del runlevel sostituita" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Le versioni precedenti di strongSwan lasciavano la scelta fra tre diversi " +"livelli di avvio/arresto. A seguito dei cambiamenti nella procedura standard " +"di avvio, questo non è più necessario né utile. Per tutte le nuove " +"installazioni e per quelle già esistenti che vengono eseguite in qualsiasi " +"modalità predefinita vengono ora impostati dei livelli predefiniti " +"ragionevoli. Se si sta aggiornando da una versione precedente e si sono " +"modificati i parametri di strongSwan, consultare le NEWS.Debian su come " +"modificare le impostazioni." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Riavviare strongSwan adesso?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" +"È raccomandato il riavvio di strongSwan, in quanto un'eventuale correzione " +"di sicurezza non verrà applicata fino al riavvio del demone. La maggior " +"parte degli utenti si attende che il demone si riavvii, per cui in genere è " +"una buona scelta. Il riavvio potrebbe però interrompere e riavviare le " +"connessioni esistenti, per cui se si sta utilizzando un tunnel strongSwan " +"per l'aggiornamento il riavvio non è raccomandabile." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Avviare il demone di strongSwan IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Per il supporto alla versione 1 del protocollo IKE (Internet Key Exchange) è " +"necessario che il demone pluto sia in esecuzione." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Avviare il demone di strongSwan IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Per il supporto alla versione 2 del protocollo IKE (Internet Key Exchange) è " +"necessario che il demone charon sia in esecuzione." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Utilizzare un certificato X.509 per questo host?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Per questo host è possibile la creazione o la creazione automatica di un " +"certificato X.509 per l'autenticazione di connessioni IPsec ad altri host; è " +"la modalità preferita per la creazione di connessioni IPsec sicure. L'altra " +"possibilità è l'utilizzo di password segrete condivise e identiche fra le " +"due estremità del tunnel, ma il funzionamento tramite chiavi è più agevole " +"da amministrare e più sicuro per un elevato numero di connessioni." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"In alternativa è possibile rifiutare questa opzione e ritornare sulla scelta " +"in un secondo tempo, eseguendo «dpkg-reconfigure strongswan»." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "creare" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "importare" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" +"Metodi per l'utilizzo di un certificato X.509 per autenticare questo host:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"È possibile creare un nuovo certificato X.509 con impostazioni definite " +"dall'utente, oppure importare una chiave esistente pubblica e privata " +"memorizzata in file PEM per l'autenticazione di connessioni IPsec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Se si sceglie di creare un nuovo certificato X.509 verranno poste alcune " +"domande cui è necessario rispondere prima che la creazione venga avviata. È " +"da ricordare che, se si desidera che la chiave pubblica venga firmata da " +"un'autorità di certificazione (CA) esistente, non si dovrebbe creare un " +"certificato auto-firmato e inoltre tutte le risposte fornite devono " +"adempiere esattamente i requisiti della CA, in quanto altrimenti la " +"richiesta di certificato potrebbe essere rifiutata." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Se si desidera importare una chiave esistente pubblica e privata verrà " +"richiesto il loro nome file, che può essere identico se entrambe le parti " +"sono memorizzate insieme in un solo file. Opzionalmente si può specificare " +"un nome file in cui vengono mantenute le chiavi pubbliche dell'autorità di " +"certificazione, ma in questo caso il file non può essere il medesimo dei " +"precedenti. Si presti attenzione anche al fatto che il formato dei " +"certificati X.509 deve essere PEM e che la chiave privata non deve essere " +"cifrata, altrimenti la procedura d'importazione fallirà." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Nome file del proprio certificato X.509 formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Inserire la posizione del file che contiene il proprio certificato X.509 in " +"formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Nome file della propria chiave privata X.509 formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Inserire la posizione del file che contiene la chiave privata RSA " +"corrispondente al proprio certificato X.509 in formato PEM. Può essere il " +"medesimo file che contiene il certificato X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Nome file del proprio RootCA X.509 formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Opzionalmente è possibile inserire la posizione del file che contiene " +"l'autorità di certificazione root (RootCA) utilizzata per la firma del " +"proprio certificato in formato PEM. Se non se ne possiede uno o non si " +"desidera utilizzarlo lasciare il campo vuoto. Notare che non è possibile " +"memorizzare il RootCA nello stesso file del proprio certificato o chiave " +"privata X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Inserire la lunghezza che la chiave RSA creata dovrà avere:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Inserire la lunghezza della chiave RSA creata. Non dovrebbe essere minore di " +"1024 bit, in quanto altrimenti potrebbe essere considerata insicura, né " +"superiore a 4096 bit, in quanto altrimenti rallenterebbe il processo di " +"autenticazione e al momento attuale non è una misura necessaria." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Creare un certificato X.509 auto-firmato?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"È possibile creare automaticamente solo certificati X.509 auto-firmati, in " +"quanto altrimenti è necessario l'intervento di un'autorità di certificazione " +"per firmare la richiesta di certificato. Se si sceglie di creare un " +"certificato auto-firmato è possibile utilizzarlo immediatamente per " +"collegarsi ad altri host IPsec che supportano il certificato X.509 per " +"l'autenticazione di connessioni IPsec. L'utilizzo delle funzionalità PKI di " +"strongSwan richiede però che tutti i certificati vengano firmati da una " +"singola autorità di certificazione per creare un percorso fidato." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Se non si sceglie di creare un certificato auto-firmato verranno creati solo " +"la chiave privata RSA e la richiesta di certificato che andrà poi firmata " +"con l'autorità di certificazione scelta." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Codice paese per la richiesta di certificato X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Inserire il codice a due lettere corrispondente al paese in cui il server " +"risiede (per esempio, «IT» per l'Italia)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"OpenSSL rifiuterà di generare un certificato se il codice paese non è valido " +"e conforme a ISO-3166. È permesso un campo vuoto altrove nel certificato " +"X.509, ma non in questo campo." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "" +"Nome dello stato o della provincia per la richiesta di certificato X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Inserire il nome completo dello stato o della provincia il in cui il server " +"risiede (per esempio, «Milano»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Nome della località per la richiesta di certificato X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Inserire il nome della località in cui il server risiede (spesso una città, " +"per esempio «Milano»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Nome dell'organizzazione per la richiesta di certificato X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Inserire il nome dell'organizzazione cui il server appartiene (per esempio, " +"«Debian»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unità organizzativa per la richiesta di certificato X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Inserire l'unità organizzativa cui il server appartiene (per esempio, " +"«gruppo sicurezza»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Nome comune host per la richiesta di certificato X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Inserire il nome comune di questo host (per esempio, «gateway.esempio.it»)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "Indirizzo e-mail per la richiesta di certificato X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Inserire l'indirizzo di posta elettronica della persona o " +"dell'organizzazione responsabile per il certificato X.509." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Abilitare la cifratura opportunistica?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Questa versione di strongSwan supporta la cifratura opportunistica (OE), la " +"quale memorizza le informazioni di autenticazione IPsec in record DNS. " +"Finché non sarà una soluzione largamente applicata, l'attivazione dell'OE " +"causerà un ritardo significativo per ogni connessione in uscita." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Si dovrebbe abilitare l'OE solo se lo si desidera veramente. Potrebbe " +"interrompere la connessione Internet (route predefinita) durante l'avvio del " +"demone pluto." diff --git a/debian/po/ja.po b/debian/po/ja.po new file mode 100644 index 000000000..979b31dcc --- /dev/null +++ b/debian/po/ja.po @@ -0,0 +1,621 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.4.1-4\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: 2010-09-27 20:52+0900\n" +"Last-Translator: Hideki Yamane <henrich@debian.org>\n" +"Language-Team: Japanese <debian-japanese@lists.debian.org>\n" +"Language: ja\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "以前のランレベル管理は不要になりました" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"strongSwan パッケージの以前のバージョンでは、3 つの異なった Start/Stop レベル" +"から選べるようになっていました。標準のシステム起動手順が変更されたことによっ" +"て、これはもう必要ではなくなったりあるいは役立たなくなったりしています。これ" +"まで事前定義されていたモードで動作していたのものと同様に、新規にインストール" +"したものは適切なデフォルトのレベルが設定されるようになっています。以前のバー" +"ジョンからのアップグレードで strongSwan の起動パラメータを変更していた場合" +"は、どのように設定を修正するかは NEWS.Debian の指示を参照してください。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "strongSwan を今すぐ再起動しますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" +"セキュリティ修正があった場合など、デーモンが再起動されるまでは修正が反映され" +"ないので、strongSwan の再起動をお勧めします。多くの人はデーモンが再起動するの" +"を予期していますので、これは大抵の場合問題ありません。しかし、この作業では現" +"在の接続が一旦切断されてから再度繋ぎなおすことになるので、今回のアップデート" +"に strongSwan のトンネルを使っているような場合は、再起動はお勧めしません。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "strongSwan の IKEv1 デーモンを起動しますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Internet Key Exchange プロトコルバージョン 1 をサポートするには pluto デーモ" +"ンが実行されている必要があります。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "strongSwan の IKEv2 デーモンを起動しますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Internet Key Exchange プロトコルバージョン 2 をサポートするには charon デーモ" +"ンが実行されている必要があります。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "このホストに対して X.509 証明書を利用しますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"このホスト用に X.509 証明書を自動的に生成あるいはインポートできます。他のホス" +"トとの IPSec 通信での認証に利用可能で、セキュアな IPSec 通信を確立する方法と" +"して好まれています。他に利用可能な方法としては共通鍵 (PSK、トンネルの双方で同" +"じパスワードを利用する) を通信の認証に利用するというのがありますが、多数の接" +"続に対しては RSA 認証のほうが管理がより簡単でよりセキュアです。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"または、この選択肢を選ばないでおいて、後ほど「dpkg-reconfigure strongswan」を" +"実行して再度呼び出すこともできます。" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "作成する" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "インポートする" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "このホストを認証するのに利用する X.509 証明書をどうするか:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"ユーザが定義した設定で新規に X.509 証明書を作成することも、IPsec 接続認証用の" +"既存の PEM ファイル形式で保存されている公開鍵および秘密鍵をインポートすること" +"も可能です。" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"新規に X.509 証明書を作るのを選択した場合は、作成を始める前に答える必要がある" +"質問をまず大量に尋ねられます。既存の認証局によって署名された公開鍵が必要な場" +"合は、自己署名認証を作成するのを選んではならず、回答はすべて認証局 (CA) の要" +"求項目に完全に一致している必要があることに留意してください。そうでない場合" +"は、証明書要求は拒否されることになるでしょう。" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"既存の公開鍵および秘密鍵をインポートしたい場合は、ファイル名を尋ねられます " +"(両方が一つのファイルに保存されている場合は全く同じになるかもしれません)。ど" +"こに認証局の公開鍵が保存されているかを指定することも任意で可能ですが、この" +"ファイルは先ほどのものと同じにはできません。X.509 証明書は PEM 形式であり、秘" +"密鍵は暗号化されていないことが必要なことにも注意ください。さもなくばインポー" +"ト作業は失敗します。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "PEM 形式の X.509 証明書のファイル名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "PEM 形式の X.509 証明書を含んでいるファイルの場所を入力してください。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "PEM 形式の X.509 秘密鍵のファイル名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"PEM 形式の X.509 証明書に対応する RSA 秘密鍵を含むファイルの場所を入力してく" +"ださい。これは X.509 証明書を含んでいるファイルと同じで構いません。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "PEM 形式の X.509 ルート CA のファイル名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"X.509 認証局のルートが証明書に署名するのに使った PEM 形式のファイルを含んだ" +"ファイルの場所を入力することも任意で可能です。これを持っていない、あるいは利" +"用したくないという場合にはこの欄を空のままにしておいてください。ルート CA を " +"X.509 証明書や秘密鍵と同じファイルに保存するのはできないことにご注意くださ" +"い。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "作成する RSA 鍵の鍵長を入力してください:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"生成する RSA 鍵の長さを入力してください。安全のため、1024 ビット未満にすべき" +"ではありません。4096 ビットより大きなものにする必要もないでしょう。認証プロセ" +"スが遅くなりますし、現時点ではおそらく必要ありません。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "自己署名 X.509 証明書を生成しますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"証明書要求に署名するためには認証局が必要となるので、自動的に行うには自己署名 " +"X.509 証明書のみが生成が可能です。自己署名証明書の作成を選んだ場合は、すぐに" +"これを利用して、IPSec 接続の認証に X.509 証明書を利用している他の IPSec ホス" +"トへの接続が可能になります。しかし、strongSwan の PKI 機能を使いたい場合は、" +"trust path を生成するために単一の認証局によってすべての X.509 証明書に署名し" +"てもらう必要があります。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"自己署名証明書を作成したくない場合、RSA 秘密鍵と対応する証明書要求のみが作成" +"されるので、認証局に対して証明書要求に署名をしてもらう必要が生じます。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する国コード:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"サーバが存在する場所の二文字の国コード (例えば日本の場合は「JP」) を入力して" +"ください。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"OpenSSL は、正規の ISO-3166 国コードが無いと証明書の生成を拒否します。X.509 " +"証明書において、他のフィールドについては空でも構いませんが、これについては許" +"可されていません。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する都道府県名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "サーバ所在地の都道府県名 (例:「Tokyo」)を入力してください。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する地域名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "サーバ所在地 (大抵は「Shinjuku」のような市区名)を入力してください。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する組織名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "サーバが所属する組織 (「Debian」など) を入力してください。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する部署名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "サーバが所属する部署名 (「security group」など) を入力してください。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載するコモンネーム:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"このホスト用の (「gateway.example.org」のような) コモンネームを入力してくださ" +"い。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載するメールアドレス:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"X.509 証明書についての対応を行う、個人あるいは団体のメールアドレスを入力して" +"ください。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "opportunistic encryption を有効にしますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"このバージョンの strongSwan は opportunistic encryption (OE) をサポートしてい" +"ます。OE は IPSec 認証情報を DNS レコードに含めたものです。これが広く適用され" +"るようになるまでは、これを有効にすると全ての新規の外部接続に著しい遅延を引き" +"起こします。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"opportunistic encryption を有効にするのは、本当に利用したいと考えた時のみにす" +"べきです。この設定は、pluto デーモンの起動などインターネット接続 (デフォルト" +"ルート) を切断する可能性があります。" + +#~ msgid "" +#~ "Please enter the 2 letter country code for your country. This code will " +#~ "be placed in the certificate request." +#~ msgstr "" +#~ "あなたの国の国コードを2文字で入力してください。このコードは証明書要求に記" +#~ "載されます。" + +#~ msgid "Example: AT" +#~ msgstr "例: JP" + +#~ msgid "Example: Upper Austria" +#~ msgstr "例: Tokyo" + +#~ msgid "" +#~ "Please enter the locality (e.g. city) where you live. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "あなたの在住している地域の名前 (例: 市町村名) を入力してください。これは証" +#~ "明書要求に記載されます。" + +#~ msgid "Example: Vienna" +#~ msgstr "例: Shinjuku-ku" + +#~ msgid "Example: Debian" +#~ msgstr "例: Debian" + +#~ msgid "Example: security group" +#~ msgstr "例: security group" + +#~ msgid "" +#~ "Please enter the common name (e.g. the host name of this machine) for " +#~ "which the X509 certificate should be created for. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "X.509 証明書の生成対象となるべきコモンネーム (例: このマシンのホスト名) を" +#~ "入力してください。これは証明書要求に記載されます。" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "例: gateway.debian.org" + +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "新たな公開鍵・秘密鍵のキーペアを生成したくない場合は、次の段階で既存のキー" +#~ "ペアの利用を選択することも可能です。" + +#~ msgid "" +#~ "The required information can automatically be extracted from an existing " +#~ "X.509 certificate with a matching RSA private key. Both parts can be in " +#~ "one file, if it is in PEM format. You should choose this option if you " +#~ "have such an existing certificate and key file and want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "要求情報は X.509 証明書から RSA 秘密鍵と照らし合わせて必要な情報を自動的に" +#~ "展開する事が可能です。 PEM 形式の場合、双方を一つのファイルにまとめること" +#~ "も可能です。そのような証明書と鍵のファイルが既にあり、これらを IPSec 通信" +#~ "での認証に使用したい場合はこのオプションを有効にしてください。" + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "可能な限り早く, \"NFS 起動後\", \"PCMCIA 起動後\"" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "strongSwan を起動させるタイミングの選択肢としては3つが考えられます: NFS " +#~ "サービスの開始前・開始後・PCMCIA サービスの開始後、です。正解はあなたの設" +#~ "定次第です。" + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "NFS 経由で /usr をマウントせず (他のパーティションやあまり重要ではないパー" +#~ "ティションを NFS 経由でマウントするか、または NFS マウントを全く使わな" +#~ "い)、加えて PCMCIA ネットワークカードを利用していない場合、可能な限り早い" +#~ "タイミングで strongSwan を起動するのがベストです。この設定によって、NFS で" +#~ "のマウントは IPSec で保護されます。この場合 (またはこの問題を理解していな" +#~ "いか特に気にしない場合) 、\"可能な限り早く\"と質問に答えてください (標準設" +#~ "定です) 。" + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "NFS 経由で /usr をマウントしていて PCMCIA ネットワークカードを使用していな" +#~ "い場合は、必要なファイルを利用可能にするために strongSwan を NFS の後で起" +#~ "動しなければなりません。この場合、\"NFS 起動後\" と答えてください。この時" +#~ "に NFS 経由でマウントされる /usr は、IPSec によるセキュアな状態にはならな" +#~ "いということに注意してください。" + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "IPSec 接続に PCMCIA ネットワークカードを利用していた場合、PCMCIA サービス" +#~ "の起動後に strongSwan を起動する以外に選択はありません。この場" +#~ "合、\"PCMCIA 起動後\" と答えてください。ローカルで動作している DNSSec 機能" +#~ "を使用している DNS サーバから鍵を取得したい場合でも、この答えをしてくださ" +#~ "い。" + +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "IKEv1 をサポートしますか?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan は IKEv1 と IKEv2 の両方のインターネット鍵交換プロトコルをサ" +#~ "ポートしています。strongSwan が起動する際、IKEv1 サポートのため \"pluto\" " +#~ "デーモンを起動しますか?" + +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "IKEv2 をサポートしますか?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan は IKEv1 と IKEv2 の両方のインターネット鍵交換プロトコルをサ" +#~ "ポートしています。strongSwan が起動する際、IKEv2 サポートのため \"pluto\" " +#~ "デーモンを起動しますか?" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan は、IPSec 認証情報 (例: RSA 公開鍵) を (願わくはセキュアな) " +#~ "DNS レコード内に保存する opportunistic encryption (OE) をサポートしていま" +#~ "す。これは広く利用されるようになるまで、有効にすると外部への新規接続は全て" +#~ "格段に遅くなります。バージョン 2.0 より strongSwan の開発元はデフォルトで " +#~ "OE を有効にしています。そのため pluto (strongSwan 鍵署名デーモン) が開始す" +#~ "るとすぐ、既存のインターネット接続 (つまりデフォルトルート) が中断されるか" +#~ "もしれません。" + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "OE のサポートを有効にするかどうかを選んでください。よくわからない場合は、" +#~ "有効にはしないでください。" diff --git a/debian/po/nb.po b/debian/po/nb.po new file mode 100644 index 000000000..b00aa9f83 --- /dev/null +++ b/debian/po/nb.po @@ -0,0 +1,658 @@ +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Bjørn Steensrud <bjornst@skogkatt.homelinux.org>, 2009. +msgid "" +msgstr "" +"Project-Id-Version: nb\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-09 12:15+0200\n" +"PO-Revision-Date: 2009-05-25 14:59+0100\n" +"Last-Translator: Bjørn Steensrud <bjornst@skogkatt.homelinux.org>\n" +"Language-Team: Norwegian Bokmål <i18n-nb@lister.ping.uio.no>\n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Start strongSwan på nytt nå" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is recommended, because if there is a security fix, " +#| "it will not be applied until the daemon restarts. However, this might " +#| "close existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such " +"a strongSwan tunnel to connect for this update, restarting is not " +"recommended." +msgstr "" +"Det anbefales å starte strongSwan på nytt nå, for om det var en " +"sikkerhetsrettelse, så får den ikke effekt før daemonen startes på nytt. " +"Imidlertid kan dette lukke eksisterende forbindelser og deretter koble dem " +"opp igjen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Skal strongSwans IKEv1-daemon startes?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pluto-daemonen må kjøre for å kunne støtte versjon 1 av Internet Key " +"Exchange-protokollen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Skal strongSwans IKEv2-daemon startes?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Charon-daemonen må kjøre for å kunne støtte versjon 2 av Internet Key " +"Exchange-protokollen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Use an existing X.509 certificate for strongSwan?" +msgid "Use an X.509 certificate for this host?" +msgstr "Skal et eksisterende X.509-sertifikat brukes for strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X.509 certificate in PEM format:" +msgid "File name of your PEM format X.509 certificate:" +msgstr "Filnavn for ditt X.509-sertifikat i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X.509 " +#| "certificate in PEM format." +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Oppgi full sti til fila som inneholder ditt X.509-sertifikat i PEM-format." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your existing X.509 private key in PEM format:" +msgid "File name of your PEM format X.509 private key:" +msgstr "Filnavn for din eksisterende private X.509-nøkkel i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X.509 certificate in PEM format. This can be the same file " +#| "as the X.509 certificate." +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Oppgi full sti til fila som inneholder den private nøkkelen som tilsvarer " +"ditt X.509-sertifikat i PEM-format. Dette kan være den samme fila som X.509-" +"sertifikatet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "File name of your X.509 certificate in PEM format:" +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Filnavn for ditt X.509-sertifikat i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Create a self-signed X.509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "Skal det lages et selvsignert X.509-sertifikat?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "If you do not accept this option, only the RSA private key will be " +#| "created, along with a certificate request which you will need to have " +#| "signed by a certificate authority." +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Hvis du ikke godtar dette, så blir bare en privat RSA-nøkkel opprettet, " +"sammen med en sertifikatsøknad som du må få en sertifikatutsteder til å " +"signere." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Country code for the X.509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Landskode for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "State or province name for the X.509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Stat eller provinsnavn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province to include in the " +#| "certificate request." +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Oppgi fullt navn på stat eller provins som skal tas med i sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Locality name for the X.509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Stedsnavn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Organization name for the X.509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisasjonsnavn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Organizational unit for the X.509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisasjonsenhet for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Organizational unit for the X.509 certificate request:" +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "Organisasjonsenhet for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "Common name for the X.509 certificate request:" +msgid "Common Name for the X.509 certificate request:" +msgstr "Vanlig navn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Email address for the X.509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "E-postadresse for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "" +#| "Please enter the email address (for the individual or organization " +#| "responsible) that should be used in the certificate request." +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Oppgi e-postadressen (for ansvarlig person eller organisasjon) som skal " +"brukes i sertifikatsøknaden." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Slå på opportunistisk kryptering?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Denne versjonen av strongSwan støtter opportunistisk kryptering (OE), som " +"lagrer autentiseringsinformasjon for IPSec i DNS-data. Inntil dette er tatt " +"i vanlig bruk vil det gi en betydelig forsinkelse for hver ny utgående " +"tilkobling hvis dette er aktivert." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Du bør bare slå på opportunistisk kryptering hvis du er sikker på at du vil " +"ha det. Det kan koble ut Internett-forbindelsen (standardruten) når pluto." +"nissen starter." + +#, fuzzy +#~| msgid "When to start strongSwan:" +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Når strongSwan skal startes:" + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "Please enter the location of your X509 certificate in PEM format:" +#~ msgstr "" +#~ "Oppgi full sti til fila som inneholder ditt X.509-sertifikat i PEM-format." + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "Please enter the location of your X509 private key in PEM format:" +#~ msgstr "" +#~ "Oppgi full sti til fila som inneholder ditt X.509-sertifikat i PEM-format." + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X.509 " +#~| "certificate in PEM format." +#~ msgid "You may now enter the location of your X509 RootCA in PEM format:" +#~ msgstr "" +#~ "Oppgi full sti til fila som inneholder ditt X.509-sertifikat i PEM-format." + +#, fuzzy +#~| msgid "" +#~| "Please enter the two-letter ISO3166 country code that should be used in " +#~| "the certificate request." +#~ msgid "" +#~ "Please enter the 2 letter country code for your country. This code will " +#~ "be placed in the certificate request." +#~ msgstr "" +#~ "Oppgi tobokstavers ISO3166 landskode som skal brukes i sertifikatsøknaden." + +#, fuzzy +#~| msgid "" +#~| "Please enter the locality name (often a city) that should be used in the " +#~| "certificate request." +#~ msgid "" +#~ "Please enter the locality (e.g. city) where you live. This name will be " +#~ "placed in the certificate request." +#~ msgstr "Oppgi stedsnavn (ofte en by) som skal brukes i sertifikatsøknaden." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization name (often a company) that should be used " +#~| "in the certificate request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Oppgi organisasjonsnavn (ofte et firma) som skal brukes i " +#~ "sertifikatsøknaden." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organizational unit name (often a department) that " +#~| "should be used in the certificate request." +#~ msgid "" +#~ "Please enter the organizational unit (e.g. section) that the X509 " +#~ "certificate should be created for. This name will be placed in the " +#~ "certificate request." +#~ msgstr "" +#~ "Oppgi organisasjonsenhet (ofte en avdeling som skal brukes i " +#~ "sertifikatsøknaden." + +#, fuzzy +#~| msgid "" +#~| "Please enter the common name (such as the host name of this machine) " +#~| "that should be used in the certificate request." +#~ msgid "" +#~ "Please enter the common name (e.g. the host name of this machine) for " +#~ "which the X509 certificate should be created for. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Oppgi vanlig navn (slik som vertsnavnet på denne maskinen) som skal " +#~ "brukes i sertifikatsøknaden." + +#~ msgid "earliest" +#~ msgstr "tidligst" + +#~ msgid "after NFS" +#~ msgstr "etter NFS" + +#~ msgid "after PCMCIA" +#~ msgstr "etter PCMCIA" + +#~ msgid "" +#~ "StrongSwan starts during system startup so that it can protect " +#~ "filesystems that are automatically mounted." +#~ msgstr "" +#~ "StrongSwan starter under systemoppstart, slik at det kan beskytte " +#~ "filsystemer som monteres automatisk." + +#~ msgid "" +#~ " * earliest: if /usr is not mounted through NFS and you don't use a\n" +#~ " PCMCIA network card, it is best to start strongSwan as soon as\n" +#~ " possible, so that NFS mounts can be secured by IPSec;\n" +#~ " * after NFS: recommended when /usr is mounted through NFS and no\n" +#~ " PCMCIA network card is used;\n" +#~ " * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +#~ " network card or if it needs keys to be fetched from a locally running " +#~ "DNS\n" +#~ " server with DNSSec support." +#~ msgstr "" +#~ " * tidligst: hvis /usr ikke monteres via NFS og du ikke bruker et\n" +#~ " PCMCIA nettverkskort, så er det best å starte strongSwan\n" +#~ " snarest mulig, slik at NFS-montering kan sikres med IPSec;\n" +#~ " * etter NFS: anbefales når /usr monteres via NFS og det ikke\n" +#~ " brukes noe PCMCIA nettverkskort.\n" +#~ " * etter PCMCIA: anbefales hvis IPSec-tilkoblingen bruker et PCMCIA\n" +#~ " nettverkskort eller om den trenger å hente nøkler fra en lokal\n" +#~ " DNS-tjener med DNSSec-støtte. " + +#~ msgid "" +#~ "If you don't restart strongSwan now, you should do so manually at the " +#~ "first opportunity." +#~ msgstr "" +#~ "Hvis du ikke gjør en omstart på strongSwan nå, så bør du gjøre det " +#~ "manuelt ved første anledning." + +#~ msgid "Create an RSA public/private keypair for this host?" +#~ msgstr "Skal det lages et offentlig/privat RSA-nøkkelpar for denne verten?" + +#~ msgid "" +#~ "StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to " +#~ "authenticate IPSec connections to other hosts. RSA authentication is " +#~ "generally considered more secure and is easier to administer. You can use " +#~ "PSK and RSA authentication simultaneously." +#~ msgstr "" +#~ "StrongSwan kan bruke en delt nøkkel (PSK) eller et RSA-nøkkelpar for å " +#~ "autentisere IPSec-forbindelser til andre verter. RSA-autentisering " +#~ "betraktes for det meste som sikrere og lettere å administrere. Du kan " +#~ "bruke PSK og RSA-autentisering samtidig." + +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "Hvis du ikke vil lage et nytt offentlig/privat nøkkelpar, så kan du velge " +#~ "å bruke et eksisterende nøkkelpar i neste steg." + +#~ msgid "" +#~ "The required information can automatically be extracted from an existing " +#~ "X.509 certificate with a matching RSA private key. Both parts can be in " +#~ "one file, if it is in PEM format. You should choose this option if you " +#~ "have such an existing certificate and key file and want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "Den informasjonen som trengs kan hentes automatisk fra et eksisterende " +#~ "X.509-sertifikat med tilhørende privat RSA-nøkkel. Begge deler kan være i " +#~ "én fil, hvis den er i PEM-format. Du bør velge dette hvis du har et slikt " +#~ "sertifikat og vil bruke det til å autentisere IPSec-forbindelser." + +#~ msgid "RSA key length:" +#~ msgstr "RSA nøkkellengde:" + +#~ msgid "" +#~ "Please enter the length of RSA key you wish to generate. A value of less " +#~ "than 1024 bits is not considered secure. A value of more than 2048 bits " +#~ "will probably affect performance." +#~ msgstr "" +#~ "Oppgi lengde for RSA-nøkkelen du vil opprette. Kortere nøkler enn 1024 " +#~ "bit betraktes ikke som sikre. En nøkkellengde på mer enn 2048 bit vil " +#~ "antakelig gå ut over ytelsen." + +#~ msgid "" +#~ "Only self-signed X.509 certificates can be created automatically, because " +#~ "otherwise a certificate authority is needed to sign the certificate " +#~ "request." +#~ msgstr "" +#~ "Bare selvsignerte X.509-sertifikater kan lages automatisk, for ellers må " +#~ "en sertifikatutsteder signere sertifikatsøknaden." + +#~ msgid "" +#~ "If you accept this option, the certificate created can be used " +#~ "immediately to connect to other IPSec hosts that support authentication " +#~ "via an X.509 certificate. However, using strongSwan's PKI features " +#~ "requires a trust path to be created by having all X.509 certificates " +#~ "signed by a single authority." +#~ msgstr "" +#~ "Hvis du godtar dette, så kan det sertifikatet som lages bli brukt straks " +#~ "til å kople til andre IPSec-verter som støtter autentisering via et X.509-" +#~ "sertifikat. Men om strongSwans PKI-del skal brukes, må det lages en " +#~ "tillitskjede ved at alle X.509-sertifikatene signeres av en enkelt " +#~ "utsteder." + +#~ msgid "" +#~ "This field is mandatory; otherwise a certificate cannot be generated." +#~ msgstr "" +#~ "Dette feltet er obligatorisk, uten det kan det ikke lages et sertifikat." diff --git a/debian/po/nl.po b/debian/po/nl.po new file mode 100644 index 000000000..736f2c753 --- /dev/null +++ b/debian/po/nl.po @@ -0,0 +1,856 @@ +# translation of strongswan_2.7.3+dfsg-1_nl.po to Dutch +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# Luk Claes <luk.claes@ugent.be>, 2005 +# Kurt De Bree <kdebree@telenet.be>, 2006. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan_2.7.3+dfsg-1_nl\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-09 12:15+0200\n" +"PO-Revision-Date: 2006-09-28 19:50+0200\n" +"Last-Translator: Kurt De Bree <kdebree@telenet.be>\n" +"Language-Team: Dutch <debian-l10n-dutch@lists.debian.org>\n" +"Language: nl\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.9.1\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "When to start strongSwan:" +msgid "Restart strongSwan now?" +msgstr "Wanneer moet strongSwan herstarten:" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is a good idea, since if there is a security fix, " +#| "it will not be fixed until the daemon restarts. Most people expect the " +#| "daemon to restart, so this is generally a good idea. However this might " +#| "take down existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such " +"a strongSwan tunnel to connect for this update, restarting is not " +"recommended." +msgstr "" +"strongSwan herstarten is een goed idee omdat als er een " +"veiligheidsherstelling is, het pas echt hersteld zal zijn vanaf dat de " +"achtergronddienst is herstart. De meeste mensen verwachten dat de " +"achtergronddienst herstart, dus dit is meestal een goed idee. Hoewel, dit " +"kan bestaande verbindingen verbreken en ze dan opnieuw herstellen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Use an X.509 certificate for this host?" +msgstr "" +"Hebt u een bestaand X509-certificaatbestand dat u voor strongSwan wilt " +"gebruiken?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Deze installatie kan automatisch een publiek/privaat RSA-sleutelpaar " +"aanmaken voor deze host. Dit sleutelpaar kan worden gebruikt om IPSec-" +"verbinden naar andere hosts te authenticeren en is de aanbevolen manier om " +"veilige IPSec-verbindingen op te zetten. De andere mogelijkheid zou zijn om " +"gedeelde geheimen (wachtwoorden die aan beide kanten van de tunnel hetzelfde " +"zijn) te gebruiken voor het authenticeren van een verbinding, maar voor een " +"groter aantal verbindingen is RSA-authenticatie makkelijker te beheren en " +"veiliger." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your PEM format X.509 certificate:" +msgstr "Bestandsnaam van uw X509-certificaat in PEM-formaat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Geef de volledige locatie van het bestand dat uw X509-certificaat in PEM-" +"formaat bevat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your PEM format X.509 private key:" +msgstr "Bestandsnaam van uw private X509-sleutel in PEM-formaat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Geef de volledige locatie van het bestand dat uw private RSA-sleutel bevat " +"die behoort bij uw X509-certificaat in PEM-formaat. Dit kan hetzelfde " +"bestand zijn als dat wat uw X509-certificaat bevat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Bestandsnaam van uw X509-certificaat in PEM-formaat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "The length of the created RSA key (in bits):" +msgid "Please enter which length the created RSA key should have:" +msgstr "Lengte van de aangemaakte RSA-sleutel (in bits):" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "" +#| "Please enter the length of the created RSA key. It should not be less " +#| "than 1024 bits because this should be considered unsecure and you will " +#| "probably not need anything more than 2048 bits because it only slows the " +#| "authentication process down and is not needed at the moment." +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Geef de lengte van de aangemaakte RSA-sleutel. Het mag niet minder dan 1024 " +"bits zijn omdat dit als onveilig wordt beschouwd en u zult waarschijnlijk " +"niet meer dan 2048 bits nodig hebben omdat het enkel het authenticatieproces " +"vertraagt en op dit moment niet nodig is." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "Wilt u een door uzelf getekend X509-certificaat aanmaken?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "This installer can only create self-signed X509 certificates " +#| "automatically, because otherwise a certificate authority is needed to " +#| "sign the certificate request. If you want to create a self-signed " +#| "certificate, you can use it immediately to connect to other IPSec hosts " +#| "that support X509 certificate for authentication of IPSec connections. " +#| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#| "you will need to have all X509 certificates signed by a single " +#| "certificate authority to create a trust path." +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Deze installatie kan enkel een door uzelf getekend X509-certificaat " +"automatischaanmaken omdat anders een certificaatautoriteit nodig is om de " +"certificaataanvraag te tekenen. Als u een door uzelf getekend certificaat " +"wilt aanmaken, dan kunt u het onmiddellijk gebruiken om een verbinding te " +"leggen met andere IPSec-hosts die X509-certificaten ondersteunen voor IPSec-" +"verbindingen. Hoewel, als u de nieuwe PKI-mogelijkheden wilt gebruiken van " +"strongSwan >= 1.91, dan zult u alle X509-certificaten moeten laten tekenen " +"door één enkele certificaatautoriteit om een vertrouwenspad aan te maken." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to sign the certificate request with your " +#| "certificate authority." +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Als u geen door uzelf getekend certificaat wilt aanmaken, dan zal deze " +"installatie enkel de private RSA-sleutel en de certificaataanvraag aanmaken " +"en u zult de certificaataanvraag moeten laten tekenen door uw " +"certificaatautoriteit." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Landcode van de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "You really need to enter a valid country code here, because openssl will " +#| "refuse to generate certificates without one. An empty field is allowed " +#| "for any other field of the X.509 certificate, but not for this one." +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"U moet hier wel een geldige landcode opgeven omdat openssl anders zal " +"weigeren om een certificaat aan te maken. Er is voor elke veld van het X509-" +"certificaat een leeg veld toegestaan, maar niet voor dit veld." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Staat of provincie voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province you live in. This " +#| "name will be placed in the certificate request." +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Geef de volledige naam van de staat of provincie waarin u woont. Deze naam " +"zal in de certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Plaatsnaam voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Naam van de organisatie voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisatie-eenheid voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "Organisatie-eenheid voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common Name for the X.509 certificate request:" +msgstr "Naam voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "E-mailadres voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Geef het e-mailadres van de persoon of organisatie die verantwoordelijk is " +"voor het X509-certificaat. Dit adres zal in de certificaataanvraag worden " +"geplaatst." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +#, fuzzy +#| msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgid "Enable opportunistic encryption?" +msgstr "Wilt u opportunistische encryptie aanschakelen in strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Wilt u strongSwan herstarten?" + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X509 " +#~| "certificate in PEM format." +#~ msgid "Please enter the location of your X509 certificate in PEM format:" +#~ msgstr "" +#~ "Geef de volledige locatie van het bestand dat uw X509-certificaat in PEM-" +#~ "formaat bevat." + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X509 " +#~| "certificate in PEM format." +#~ msgid "Please enter the location of your X509 private key in PEM format:" +#~ msgstr "" +#~ "Geef de volledige locatie van het bestand dat uw X509-certificaat in PEM-" +#~ "formaat bevat." + +#, fuzzy +#~| msgid "" +#~| "Please enter the full location of the file containing your X509 " +#~| "certificate in PEM format." +#~ msgid "You may now enter the location of your X509 RootCA in PEM format:" +#~ msgstr "" +#~ "Geef de volledige locatie van het bestand dat uw X509-certificaat in PEM-" +#~ "formaat bevat." + +#, fuzzy +#~| msgid "" +#~| "Please enter the 2 letter country code for your country. This code will " +#~| "be placed in the certificate request." +#~ msgid "" +#~ "Please enter the 2 letter country code for your country. This code will " +#~ "be placed in the certificate request." +#~ msgstr "" +#~ "Geef de 2-letterige landcode voor uw land. Deze code zal in de " +#~ "certificaataanvraag worden geplaatst." + +#~ msgid "Example: AT" +#~ msgstr "Voorbeeld: BE" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Voorbeeld: Limburg" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the locality (e.g. city) where you live. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Geef de organisatie (v.b. bedrijf) waarvoor het X509-certificaat wordt " +#~ "aangemaakt. Deze naam zal in de certicicaataanvraag worden geplaatst." + +#~ msgid "Example: Vienna" +#~ msgstr "Voorbeeld: Genk" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Geef de organisatie (v.b. bedrijf) waarvoor het X509-certificaat wordt " +#~ "aangemaakt. Deze naam zal in de certicicaataanvraag worden geplaatst." + +#~ msgid "Example: Debian" +#~ msgstr "Voorbeeld: Debian" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organizational unit (e.g. section) that the X509 " +#~ "certificate should be created for. This name will be placed in the " +#~ "certificate request." +#~ msgstr "" +#~ "Geef de organisatie (v.b. bedrijf) waarvoor het X509-certificaat wordt " +#~ "aangemaakt. Deze naam zal in de certicicaataanvraag worden geplaatst." + +#~ msgid "Example: security group" +#~ msgstr "Voorbeeld: dienst veiligheid" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the common name (e.g. the host name of this machine) for " +#~ "which the X509 certificate should be created for. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Geef de organisatie (v.b. bedrijf) waarvoor het X509-certificaat wordt " +#~ "aangemaakt. Deze naam zal in de certicicaataanvraag worden geplaatst." + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Voorbeeld: gateway.debian.org" + +#~ msgid "When to start strongSwan:" +#~ msgstr "Wanneer moet strongSwan herstarten:" + +#, fuzzy +#~| msgid "Do you want to create a RSA public/private keypair for this host?" +#~ msgid "Create an RSA public/private keypair for this host?" +#~ msgstr "Wilt u een publiek/privaat RSA-sleutelpaar aanmaken voor deze host?" + +#, fuzzy +#~| msgid "" +#~| "If you do not want to create a new public/private keypair, you can " +#~| "choose to use an existing one." +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "Indien u geen nieuw publiek/privaat sleutelpaar wenst aan te maken, kunt " +#~ "u een bestaand sleutelpaar kiezen." + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically extract the needed information from an " +#~| "existing X509 certificate with a matching RSA private key. Both parts " +#~| "can be in one file, if it is in PEM format. If you have such an existing " +#~| "certificate and key file and want to use it for authenticating IPSec " +#~| "connections, then please answer yes." +#~ msgid "" +#~ "The required information can automatically be extracted from an existing " +#~ "X.509 certificate with a matching RSA private key. Both parts can be in " +#~ "one file, if it is in PEM format. You should choose this option if you " +#~ "have such an existing certificate and key file and want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "Deze installatie kan de benodigde informatie automatisch extraheren van " +#~ "een bestaand X509-certificaat met een bijhorende private RSA-sleutel. " +#~ "Beide delen kunnen in één bestand zijn, als het in PEM-formaat is. Hebt u " +#~ "zo'n bestaand certificaat en een sleutelbestand; en wilt u het voor de " +#~ "authenticatie van IPSec-verbindingen gebruiken, antwoord dan met 'ja'" + +#, fuzzy +#~| msgid "" +#~| "Please enter the locality (e.g. city) where you live. This name will be " +#~| "placed in the certificate request." +#~ msgid "" +#~ "Please enter the locality name (often a city) that should be used in the " +#~ "certificate request." +#~ msgstr "" +#~ "Geef de plaatsnaam (v.b. stad) waar u woont. Deze naam zal in de " +#~ "certificaataanvraag worden geplaatst." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organizational unit (e.g. section) that the X509 " +#~| "certificate should be created for. This name will be placed in the " +#~| "certificate request." +#~ msgid "" +#~ "Please enter the organization name (often a company) that should be used " +#~ "in the certificate request." +#~ msgstr "" +#~ "Geef de organisatie-eenheid (v.b. dienst) waarvoor het X509-certificaat " +#~ "wordt aangemaakt. Deze naam zal in de certificaataanvraag worden " +#~ "geplaatst." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organizational unit (e.g. section) that the X509 " +#~| "certificate should be created for. This name will be placed in the " +#~| "certificate request." +#~ msgid "" +#~ "Please enter the organizational unit name (often a department) that " +#~ "should be used in the certificate request." +#~ msgstr "" +#~ "Geef de organisatie-eenheid (v.b. dienst) waarvoor het X509-certificaat " +#~ "wordt aangemaakt. Deze naam zal in de certificaataanvraag worden " +#~ "geplaatst." + +#, fuzzy +#~| msgid "" +#~| "Please enter the common name (e.g. the host name of this machine) for " +#~| "which the X509 certificate should be created for. This name will be " +#~| "placed in the certificate request." +#~ msgid "" +#~ "Please enter the common name (such as the host name of this machine) that " +#~ "should be used in the certificate request." +#~ msgstr "" +#~ "Geef de naam (v.b. computernaam van deze machine) waarvoor het X509-" +#~ "certificaat wordt aangemaakt. Deze naam zal in de certificaataanvraag " +#~ "worden geplaatst." + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "\"zo vroeg mogelijk\", \"na NFS\", \"na PCMCIA\"" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Er zijn drie mogelijkheden wanneer stronSwan kan starten: vóór of na de " +#~ "NFS-diensten en na de PCMCIA-diensten. Het juiste antwoord is afhankelijk " +#~ "van uw specifieke installatie." + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Als u uw /usr-boom niet via NFS heeft aangekoppeld (u koppelt enkel " +#~ "andere, minder vitale bomen via NFS of u gebruikt NFS helemaal niet om " +#~ "bomen aan te koppelen) en u gebruikt geen PCMCIA-netwerkkaart, dan is het " +#~ "best om strongSwan zo vroeg mogelijk te starten, dus toe te staan van de " +#~ "NFS-aankoppelingen te beveiligen door IPSec. In dit geval (of als u deze " +#~ "zaak niet verstaat of het u niet uitmaakt), antwoord dan \"zo vroeg " +#~ "mogelijk\" op deze vraag (de standaard)." + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Als u uw /usr-boom via NFS heeft aangekoppeld en u gebruikt geen PCMCIA-" +#~ "netwerkkaart, dan zult u strongSwan moeten starten na NFS zodat alle " +#~ "nodige bestanden aanwezig zijn. In dit geval, antwoord \"na NFS\" op deze " +#~ "vraag. Merk op dat in dit geval de NFS-aankoppeling van /usr niet kan " +#~ "worden beveiligd door IPSec." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Als u een PCMCIA-netwerkkaart gebruikt voor uw IPSec-verbindingen, dan " +#~ "hebt u enkel de keuze om te starten na de PCMCIA-diensten. Antwoord in " +#~ "dit geval \"na PCMCIA\". Dit is ook het correcte antwoord als u sleutels " +#~ "wilt afhalen van een lokaal draaiende DNS-server met DNSSec-ondersteuning." + +#, fuzzy +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Wilt u strongSwan herstarten?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Wilt u strongSwan herstarten?" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan heeft ondersteuning voor opportunistische encryptie (OE) die " +#~ "IPSec-authenticatie-informatie (v.b. publieke RSA-sleutels) bewaart in " +#~ "(liefst veilige) DNS-records. Totdat dit veelvuldig wordt toegepast zal " +#~ "dit activeren een significante vertraging veroorzaken voor elke nieuwe " +#~ "uitgaande verbinding. Omdat versie 2.0 va strongSwan standaard OE heeft " +#~ "aangeschakeld, wordt dus waarschijnlijk uw bestaande verbinding met het " +#~ "Internet (v.b. uw standaard route) verbroken vanaf dat pluto (de " +#~ "strongSwan-sleutelringachtergronddienst) wordt gestart." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Kiest of u OE-ondersteuning wilt aanschakelen. Indien onzeker, schakel " +#~ "het dan niet aan." + +#~ msgid "x509, plain" +#~ msgstr "x509, gewoon" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Aan te maken type RSA-sleutelpaar:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Het is mogelijk om een gewoon publiek/privaat RSA-sleutelpaar aan te " +#~ "maken om te gebruiken met strongSwan of om een X509-certificaatbestand " +#~ "aan te maken die de publieke RSA-sleutel bevat en de corresponderende " +#~ "private sleutel te bewaren." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Als u enkel IPSec-verbindingen wilt opzetten naar hosts die ook " +#~ "strongSwan draaien, dan is het misschien een beetje gemakkelijker om " +#~ "gewone RSA-sleutelparen te gebruiken. Maar als u verbindingen wilt leggen " +#~ "met andere IPSec-implementaties, dan zult u een X509-certificaat nodig " +#~ "hebben. Het is ook mogelijk om hier een X509-certificaat aan te maken en " +#~ "de publieke RSA-sleutel te extraheren in een gewoon formaat als de andere " +#~ "kant strongSwan draait zonder X509-certificaatondersteuning." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Daarom wordt een X509-certificaat aanbevolen omdat het flexibeler is en " +#~ "deze installatie moet de complexe creatie van een X509-certificaat kunnen " +#~ "verbergen en het toch in strongSwan kunnen gebruiken." diff --git a/debian/po/pt.po b/debian/po/pt.po new file mode 100644 index 000000000..7fd40d15c --- /dev/null +++ b/debian/po/pt.po @@ -0,0 +1,478 @@ +# translation of strongswan debconf to Portuguese +# Copyright (C) 2007 the strongswan's copyright holder +# This file is distributed under the same license as the strongswan package. +# +# Luísa Lourenço <kikentai@gmail.com>, 2007. +# Américo Monteiro <a_monteiro@netcabo.pt>, 2009, 2010. +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.4.0-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-09 12:15+0200\n" +"PO-Revision-Date: 2010-06-26 18:47+0100\n" +"Last-Translator: Américo Monteiro <a_monteiro@netcabo.pt>\n" +"Language-Team: Portuguese <traduz@debianpt.org>\n" +"Language: pt\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 1.0\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Antiga gestão de Runlevels substituída." + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Versões anteriores do pacote strongSwan deram uma hipótese entre três Níveis-" +"Arranque/Paragem diferentes. Devido a alterações no procedimento standard de " +"arranque do sistema, isto não é mais necessário ou útil. Para todas as novas " +"instalação assim como para as antigas que correm em qualquer dos modos " +"predefinidos, serão agora definidos níveis sãos predefinidos. Se você está a " +"actualizar uma versão anterior e alterou os seus parâmetros de arranque do " +"strongSwan, então por favor veja NEWS.Debian para instruções sobre como " +"modificar a sua configuração apropriadamente." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Reiniciar agora o strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such " +"a strongSwan tunnel to connect for this update, restarting is not " +"recommended." +msgstr "" +"É recomendado reiniciar o strongSwan, porque se existir uma correcção de " +"segurança, esta não será aplicada até que o daemon seja reiniciado. A " +"maioria das pessoas espera que o daemon reinicie, portanto isto é geralmente " +"uma boa ideia. No entanto isto poderá fechar ligações existentes e depois " +"ligá-las de novo, portanto se você está a usar algo como um túnel do " +"strongSwan para ligar a esta actualização, o reiniciar não é recomendado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Iniciar o daemon IKEv1 do strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon pluto precisa de estar a correr para suportar a versão 1 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Iniciar o daemon IKEv2 do strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon charon precisa de estar a correr para suportar a versão 2 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Usar um certificado X.509 para esta máquina?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Pode ser criado automaticamente ou importado um certificado X.509 para esta " +"máquina. Pode ser usado para autenticar ligações IPsec para outras máquinas " +"e é a maneira preferida de construir ligações IPsec seguras. A outra " +"possibilidade seria usar segredos partilhados (palavras-passe que são iguais " +"em ambos os lados do túnel) para autenticar a ligação, mas para um grande " +"número de ligações, a autenticação baseada em chaves é mais fácil de " +"administrar e mais segura." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Alternativamente, você pode rejeitar esta opção e mais tarde usar o comando " +"\"dpkg-reconfigure strongswan\" para voltar aqui." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "criar" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "importar" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "Métodos de usar um certificado X.509 para autenticar esta máquina:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"É possível criar um novo certificado X.509 com configurações definidas pelo " +"utilizador ou importar uma chave pública e privada existente em ficheiro(s) " +"PEM para autenticar ligações IPsec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Se escolher criar um novo certificado X.509 ser-lhe-à primeiro perguntado um " +"número de questões que têm de ser respondidas antes da criação poder " +"iniciar. Por favor tenha em mente que se deseja que a chave pública seja " +"assinada por uma Autoridade de Certificados existente, você não deve " +"seleccionar a criação de um certificado auto-assinado e todas as respostas " +"dadas devem corresponder exactamente aos requisitos da AC, caso contrário o " +"pedido de certificado pode ser rejeitado." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Se deseja importar uma chave pública e privada existente, ser-lhe-à pedido " +"os seus nomes de ficheiros (que podem ser idênticos se ambas as partes " +"estiverem armazenadas juntamente no mesmo ficheiro). Opcionalmente você " +"também pode especificar um nome de ficheiro onde as chave(s) pública(s) da " +"Autoridade de Certificados são mantidas, mas este ficheiro não pode ser o " +"mesmo que os anteriores. Por favor tenha também em mente que o formato dos " +"certificados X.509 tem de ser PEM e que a chave privada não pode estar " +"encriptada ou o procedimento de importação irá falhar." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Nome de ficheiro do seu certificado X.509 em formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Por favor insira a localização do ficheiro que contém o seu certificado " +"X.509 em formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Nome do ficheiro da sua chave privada X.509 em formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Por favor insira a localização do ficheiro que contém a chave privada RSA " +"que coincide com o seu certificado X.509 em formato PEM. Este pode ser o " +"mesmo ficheiro que contém o certificado X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Nome de ficheiro do seu RootCA X.509 em formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Opcionalmente você pode agora indicar a localização do ficheiro que contém a " +"raiz da Autoridade de Certificados X.509 usada para assinar o seu " +"certificado em formato PEM. Se você não tem um ou não o quer usar, por favor " +"deixe o campo vazio. Por favor note que não é possível armazenar a RootCA no " +"mesmo ficheiro que o seu certificado X.509 ou chave privada." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Por favor indique o comprimento que a chave RSA criada deve ter:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Por favor indique o comprimento que a chave RSA criada. Não deve ser menos " +"que 1024 bits porque isto seria considerado inseguro e provavelmente você " +"não vai precisar de nada maior que 4096 bits porque apenas atrasa o processo " +"de autenticação e de momento não é necessário." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Criar um certificado X.509 auto-assinado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Apenas os certificados X.509 auto-assinados podem ser criados " +"automaticamente, porque caso contrário é necessário uma Autoridade de " +"Certificados para assinar o pedido de certificado. Se escolher criar um " +"certificado auto-assinado, você pode usá-lo imediatamente para ligar a " +"outras máquinas IPsec que suportam certificados X.509 para autenticação de " +"ligações IPsec. No entanto, usar as funcionalidades PKI do strongSwan requer " +"que todos os certificados seja assinados por uma única Autoridade de " +"Certificados para criar um caminho de confiança." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Se escolher não criar um certificado auto-assinado, apenas a chave RSA " +"privada e o pedido de certificado serão criados, e você tem que assinar o " +"pedido de certificado com a sua Autoridade de Certificados." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Código de país para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Por favor indique o código de duas letras para o país onde o servidor reside " +"(algo como \"PT\" para Portugal)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"O OpenSSL irá recusar gerar um certificado a menos que isto seja um código " +"ISO-3166 de país válido; um campo vazio é permitido em qualquer parte do " +"certificado X.509, mas não aqui." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Estado ou nome da província para o pedido do certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Por favor insira o nome completo do estado ou província onde o servidor " +"reside (algo como \"Estremadura Portugal\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Nome da localidade para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Por favor indique a localidade onde o servidor reside (geralmente uma " +"cidade, tal como \"Lisboa\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Nome da organização para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Por favor indique a organização a que o servidor pertence (algo como \"Debian" +"\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unidade organizativa para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Por favor indique a unidade organizacional a que o servidor pertence (algo " +"como \"Departamento de Segurança\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Nome comum para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Por favor indique o Nome Comum para esta máquina (algo como \"gateway." +"exemplo.org\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "Endereço de email para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Por favor insira o endereço de email da pessoa ou organização responsável " +"pelo certificado X.509." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Activar encriptação oportunista?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Esta versão do strongSwan suporta encriptação oportunista (OE), a qual " +"guarda informação de autenticação IPSec em registos DNS. Até que isto esteja " +"amplamente instalado, a sua activação irá causar um atraso significativo em " +"cada nova ligação de saída." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Você deverá apenas activar a encriptação oportunista se tiver a certeza que " +"a quer. Pode quebrar a ligação à Internet (rota predefinida) assim que o " +"daemon pluto arrancar." diff --git a/debian/po/pt_BR.po b/debian/po/pt_BR.po new file mode 100644 index 000000000..e9c7b66d1 --- /dev/null +++ b/debian/po/pt_BR.po @@ -0,0 +1,819 @@ +# Debconf translations for strongswan. +# Copyright (C) 2010 THE strongswan'S COPYRIGHT HOLDER +# This file is distributed under the same license as the strongswan package. +# +# André Luís Lopes <andrelop@debian.org>, 2005. +# Adriano Rafael Gomes <adrianorg@gmail.com>, 2010. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: 2010-12-12 00:00-0200\n" +"Last-Translator: Adriano Rafael Gomes <adrianorg@gmail.com>\n" +"Language-Team: Brazilian Portuguese <debian-l10n-portuguese@lists.debian." +"org>\n" +"Language: pt_BR\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"pt_BR utf-8\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Antigo gerenciamento de nível de execução (\"runlevel\") obsoleto" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Versões anteriores do pacote strongSwan permitiam escolher entre três " +"diferentes Níveis de Início/Parada (\"Start/Stop-Levels\"). Devido a " +"mudanças no procedimento padrão de inicialização do sistema, isso não é mais " +"necessário ou útil. Para todas as novas instalações, bem como para as " +"antigas instalações executando em qualquer dos modos predefinidos, níveis " +"padrão adequados serão definidos agora. Se você está atualizando a partir de " +"uma versão anterior e alterou seus parâmetros de inicialização do " +"strongSwan, então, por favor, veja o arquivo NEWS.Debian para instruções " +"sobre como modificar sua configuração de acordo." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Reiniciar o strongSwan agora?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" +"Reiniciar o strongSwan é recomendado, uma vez que caso exista uma correção " +"para uma falha de segurança, a mesma não será aplicada até que o daemon seja " +"reiniciado. A maioria das pessoas espera que o daemon seja reiniciado, " +"portanto essa é geralmente uma boa idéia. Porém, isso pode derrubar conexões " +"existentes, e então posteriormente trazê-las de volta, assim se você está " +"usando um túnel strongSwan para se conectar para fazer esta atualização, não " +"é recomendado reiniciar." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Iniciar o daemon IKEv1 do strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon \"pluto\" deve estar em execução para suportar a versão 1 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Iniciar o daemon IKEv2 do strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon \"charon\" deve estar em execução para suportar a versão 2 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Usar um certificado X.509 para este host?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Um certificado X.509 para este host pode ser automaticamente criado ou " +"importado. Ele pode ser usado para autenticar conexões IPsec para outros " +"hosts e é a maneira preferida para construir conexões IPsec seguras. A outra " +"possibilidade seria usar segredos compartilhados (senhas que são iguais em " +"ambos os lados do túnel) para autenticar uma conexão, mas para um grande " +"número de conexões, a autenticação baseada em chaves é mais fácil de " +"administrar e mais segura." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Alternativamente, você pode rejeitar esta opção e mais tarde usar o comando " +"\"dpkg-reconfigure strongswan\" para voltar atrás." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "criar" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "importar" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "Métodos para usar um certificado X.509 para autenticar este host:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"É possível criar um novo certificado X.509 com configurações definidas pelo " +"usuário ou importar um par de chaves pública e privada existente armazenado " +"em arquivo(s) PEM para autenticar conexões IPsec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Se você escolher criar um novo certificado X.509, você primeiro será " +"perguntado sobre uma série de questões que devem ser respondidas antes que a " +"criação possa iniciar. Por favor, tenha em mente que se você quer que a " +"chave pública seja assinada por uma Autoridade Certificadora existente, você " +"não deve selecionar a criação de um certificado auto-assinado, e todas as " +"respostas dadas devem atender exatamente os requisitos da CA, ou a " +"requisição do certificado pode ser rejeitada." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Se você quiser importar um par de chaves pública e privada existente, você " +"será perguntado pelos seus nomes de arquivo (que podem ser idênticos se " +"ambas as partes estão armazenadas juntas em um arquivo único). " +"Opcionalmente, você pode também especificar um nome de arquivo onde a(s) " +"chave(s) pública(s) da Autoridade Certificadora é(são) mantida(s), mas este " +"arquivo não pode ser o mesmo que os anteriores. Por favor, também esteja " +"ciente de que os certificados X.509 devem estar no formato PEM, e de que a " +"chave privada não deve estar criptografada, ou o procedimento de importação " +"falhará." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Nome de arquivo do seu certificado X.509 no formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Por favor, informe a localização do arquivo contendo seu certificado X.509 " +"no formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Nome de arquivo da sua chave privada X.509 no formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Por favor, informe a localização do arquivo contendo a chave privada RSA que " +"casa com seu certificado X.509 no formato PEM. Este pode ser o mesmo arquivo " +"que contém o certificado X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Nome de arquivo da sua RootCA X.509 no formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Opcionalmente, você pode informar a localização do arquivo contendo a " +"Autoridade Certificadora X.509 raiz usada para assinar seu certificado no " +"formato PEM. Se você não tem uma, ou não quer usá-la, por favor, deixe o " +"campo vazio. Por favor, note que não é possível armazenar a RootCA no mesmo " +"arquivo do seu certificado X.509 ou chave privada." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Por favor, informe que tamanho a chave RSA a ser criada deve ter:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Por favor, informe o tamanho da chave RSA a ser criada. A mesma não deve ser " +"menor que 1024 bits devido a uma chave de tamanho menor que esse ser " +"considerada insegura. Você também não precisará de nada maior que 4096 " +"porque isso somente deixaria o processo de autenticação mais lento e não " +"seria necessário no momento." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Criar um certificado X.509 auto-assinado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Somente certificados X.509 auto-assinados podem ser criados automaticamente, " +"devido a uma Autoridade Certificadora ser necessária para assinar a " +"requisição de certificado. Caso você queira criar um certificado auto-" +"assinado, você poderá usá-lo imediatamente para conectar a outros hosts " +"IPsec que suportem certificados X.509 para autenticação de conexões IPsec. " +"Porém, usar os novos recursos PKI do strongSwan requer que todos seus " +"certificados sejam assinados por uma única Autoridade Certificadora para " +"criar um caminho de confiança." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Caso você não queira criar um certificado auto-assinado, somente a chave " +"privada RSA e a requisição de certificado serão criadas, e você terá que " +"assinar a requisição de certificado junto a sua Autoridade Certificadora." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Código de país para a requisição de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Por favor, informe o código de duas letras do país onde o servidor reside " +"(como \"BR\" para Brasil)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"O OpenSSL se recusará a gerar um certificado a menos que este valor seja um " +"código de país ISO-3166 válido; um valor vazio é permitido em qualquer outro " +"campo do certificado X.509, mas não aqui." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Estado ou nome de província para a requisição de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Por favor, informe o nome completo do estado ou província em que o servidor " +"reside (como \"São Paulo\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Nome da localidade para a requisição de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Por favor, informe a localidade em que o servidor reside (como \"São Paulo" +"\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Nome da organização para a requisição de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Por favor, informe a organização à qual o servidor pertence (como \"Debian" +"\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unidade organizacional para a requisição de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Por favor, informe a unidade organizacional à qual o servidor pertence (como " +"\"grupo de segurança\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Nome Comum para a requisição de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Por favor, informe o Nome Comum (\"Common Name\") para este host (como " +"\"gateway.example.org\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "Endereço de e-mail para a requisição de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Por favor, informe o endereço de e-mail da pessoa ou organização responsável " +"pelo certificado X.509." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Habilitar encriptação oportunista?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Esta versão do strongSwan suporta encriptação oportunista (OE), a qual " +"armazena informação de autenticação IPsec em registros DNS. Até que isso " +"seja amplamente difundido, ativá-la causará uma demora significante para " +"cada nova conexão de saída." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Você deve habilitar a encriptação oportunista somente se você tiver certeza " +"de querê-la. Ela pode quebrar a conexão à Internet (rota padrão) quando o " +"daemon \"pluto\" iniciar." + +#, fuzzy +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "Please enter the location of your X509 certificate in PEM format:" +#~ msgstr "" +#~ "Por favor, informe a localização do arquivo contendo seu certificado X509 " +#~ "no formato PEM." + +#, fuzzy +#~ msgid "Please enter the location of your X509 private key in PEM format:" +#~ msgstr "" +#~ "Por favor, informe a localização do arquivo contendo seu certificado X509 " +#~ "no formato PEM." + +#, fuzzy +#~ msgid "You may now enter the location of your X509 RootCA in PEM format:" +#~ msgstr "" +#~ "Por favor, informe a localização do arquivo contendo seu certificado X509 " +#~ "no formato PEM." + +#, fuzzy +#~| msgid "" +#~| "Please enter the 2 letter country code for your country. This code will " +#~| "be placed in the certificate request." +#~ msgid "" +#~ "Please enter the 2 letter country code for your country. This code will " +#~ "be placed in the certificate request." +#~ msgstr "" +#~ "Por favor, informe o códifo de país de duas letras para seu país. Esse " +#~ "código será inserido na requisição de certificado." + +#~ msgid "Example: AT" +#~ msgstr "Exemplo: BR" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Exemplo : Sao Paulo" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the locality (e.g. city) where you live. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Por favor, informe a organização (ou seja, a empresa) para a qual este " +#~ "certificado X509 deverá ser criado. Esse nome será inserido na requisição " +#~ "de certificado." + +#~ msgid "Example: Vienna" +#~ msgstr "Exemplo : Sao Paulo" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Por favor, informe a organização (ou seja, a empresa) para a qual este " +#~ "certificado X509 deverá ser criado. Esse nome será inserido na requisição " +#~ "de certificado." + +#~ msgid "Example: Debian" +#~ msgstr "Exemplo : Debian" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organizational unit (e.g. section) that the X509 " +#~ "certificate should be created for. This name will be placed in the " +#~ "certificate request." +#~ msgstr "" +#~ "Por favor, informe a organização (ou seja, a empresa) para a qual este " +#~ "certificado X509 deverá ser criado. Esse nome será inserido na requisição " +#~ "de certificado." + +#~ msgid "Example: security group" +#~ msgstr "Exemplo : Grupo de Segurança" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the common name (e.g. the host name of this machine) for " +#~ "which the X509 certificate should be created for. This name will be " +#~ "placed in the certificate request." +#~ msgstr "" +#~ "Por favor, informe a organização (ou seja, a empresa) para a qual este " +#~ "certificado X509 deverá ser criado. Esse nome será inserido na requisição " +#~ "de certificado." + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Exemplo : gateway.debian.org" + +#, fuzzy +#~ msgid "When to start strongSwan:" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "Create an RSA public/private keypair for this host?" +#~ msgstr "" +#~ "Você deseja criar um par de chaves RSA pública/privada para este host ?" + +#, fuzzy +#~ msgid "" +#~ "If you do not want to create a new public/private keypair, you can choose " +#~ "to use an existing one in the next step." +#~ msgstr "" +#~ "Você deseja criar um par de chaves RSA pública/privada para este host ?" + +#, fuzzy +#~ msgid "" +#~ "The required information can automatically be extracted from an existing " +#~ "X.509 certificate with a matching RSA private key. Both parts can be in " +#~ "one file, if it is in PEM format. You should choose this option if you " +#~ "have such an existing certificate and key file and want to use it for " +#~ "authenticating IPSec connections." +#~ msgstr "" +#~ "Este instalador pode extrair automaticamente a informação necessária de " +#~ "um certificado X509 existente com uma chave RSA privada adequada. Ambas " +#~ "as partes podem estar em um arquivo, caso estejam no formato PEM. Você " +#~ "possui um certificado existente e um arquivo de chave e quer usá-los para " +#~ "autenticar conexões IPSec ?" + +#, fuzzy +#~| msgid "" +#~| "Please enter the locality (e.g. city) where you live. This name will be " +#~| "placed in the certificate request." +#~ msgid "" +#~ "Please enter the locality name (often a city) that should be used in the " +#~ "certificate request." +#~ msgstr "" +#~ "Por favor, informe a localidade (ou seja, cidade) onde você mora. Esse " +#~ "nome será inserido na requisição de certificado." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organizational unit (e.g. section) that the X509 " +#~| "certificate should be created for. This name will be placed in the " +#~| "certificate request." +#~ msgid "" +#~ "Please enter the organization name (often a company) that should be used " +#~ "in the certificate request." +#~ msgstr "" +#~ "Por favor, informe a unidade organizacional (ou seja, seção ou " +#~ "departamento) para a qual este certificado deverá ser criado. Esse nome " +#~ "será inserido na requisição de certificado." + +#, fuzzy +#~| msgid "" +#~| "Please enter the organizational unit (e.g. section) that the X509 " +#~| "certificate should be created for. This name will be placed in the " +#~| "certificate request." +#~ msgid "" +#~ "Please enter the organizational unit name (often a department) that " +#~ "should be used in the certificate request." +#~ msgstr "" +#~ "Por favor, informe a unidade organizacional (ou seja, seção ou " +#~ "departamento) para a qual este certificado deverá ser criado. Esse nome " +#~ "será inserido na requisição de certificado." + +#, fuzzy +#~| msgid "" +#~| "Please enter the common name (e.g. the host name of this machine) for " +#~| "which the X509 certificate should be created for. This name will be " +#~| "placed in the certificate request." +#~ msgid "" +#~ "Please enter the common name (such as the host name of this machine) that " +#~ "should be used in the certificate request." +#~ msgstr "" +#~ "Por favor, informe o nome comum (ou seja, o nome do host dessa máquina) " +#~ "para o qual o certificado X509 deverá ser criado. Esse nome será inserido " +#~ "na requisição de certificado." + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "o quando antes, \"depois do NFS\", \"depois do PCMCIA\"" + +#, fuzzy +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Com os níveis de inicialização atuais do Debian (quase todos os serviços " +#~ "iniciando no nível 20) é impossível para o Openswan sempre iniciar no " +#~ "momento correto. Existem três possibilidades para quando iniciar o " +#~ "Openswan : antes ou depois dos serviços NFS e depois dos serviços PCMCIA. " +#~ "A resposta correta depende se sua configuração específica." + +#, fuzzy +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Caso você não possua sua àrvore /usr montada via NFS (você somente monta " +#~ "outras àrvores não vitais via NFS ou não usa àrvores montadas via NFS) e " +#~ "não use um cartão de rede PCMCIA, a melhor opção é iniciar o Openswan o " +#~ "quando antes, permitindo dessa forma que os pontos de montagem NFS " +#~ "estejam protegidos por IPSec. Nesse caso (ou caso você não compreenda ou " +#~ "não se importe com esse problema), responda \"o quando antes\" para esta " +#~ "pergunta (o que é o padrão)." + +#, fuzzy +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Caso você possua sua àrvore /usr montada via NFS e não use um cartão de " +#~ "rede PCMCIA, você precisará iniciar o Openswan depois do NFS de modo que " +#~ "todos os arquivos necessários estejam disponíveis. Nesse caso, responda " +#~ "\"depois do NFS\" para esta pergunta. Por favor, note que a montagem NFS " +#~ "de /usr não poderá ser protegida pelo IPSec nesse caso." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Caso você use um cartão de rede PCMCIA para suas conexões IPSec você " +#~ "precisará somente optar por iniciar o Opensan depois dos serviços PCMCIA. " +#~ "Responda \"depois do PCMCIA\" nesse caso. Esta é também a maneira correta " +#~ "de obter chaves de um servidor DNS sendo executado localmente e com " +#~ "suporte a DNSSec." + +#, fuzzy +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "O Openswan suporta encriptação oportunística (OE), a qual armazena " +#~ "informações de autenticação IPSec (por exemplo, chaves públicas RSA) em " +#~ "registros DNS (preferivelmente seguros). Até que esse suporte esteja " +#~ "largamento sendo utilizado, ativá-lo irá causar uma signficante lentidão " +#~ "para cada nova conexão de saída. Iniciando a partir da versão 2.0, o " +#~ "Openswan, da forma como é distribuído pelos desenvolvedores oficiais, é " +#~ "fornecido com o suporte a OE habilitado por padrão e, portanto, " +#~ "provavelmente irá quebrar suas conexões existentes com a Internet (por " +#~ "exemplo, sua rota padrão) tão logo o pluto (o daemon de troca de chaves " +#~ "do Openswan) seja iniciado." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Por favor, informe se você deseja habilitar o suporte a OE. Em caso de " +#~ "dúvidas, não habilite esse suporte." + +#~ msgid "x509, plain" +#~ msgstr "x509, pura" + +#, fuzzy +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Qual tipo de par de chaves RSA você deseja criar ?" + +#, fuzzy +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "É possível criar um par de chaves RSA pública/privada pura (plain) para " +#~ "uso com o Openswan ou para criar um arquivo de certificado X509 que irá " +#~ "conter a chave RSA pública e adicionalmente armazenar a chave privada " +#~ "correspondente." + +#, fuzzy +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Caso você queira somente construir conexões IPsec para hosts e também " +#~ "executar o Openswan, pode ser um pouco mais fácil usar pares de chaves " +#~ "RSA puros (plain). Mas caso você queira se conectar a outras " +#~ "implementações IPSec, você precisará de um certificado X509. É também " +#~ "possível criar um certificado X509 aqui e extrair a chave pública em " +#~ "formato puro (plain) caso o outro lado execute o Openswan sem suporte a " +#~ "certificados X509." + +#, fuzzy +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Um certificado X509 é recomendado, uma vez que o mesmo é mais flexível e " +#~ "este instalador é capaz de simplificar a complexa criação do certificado " +#~ "X509 e seu uso com o Openswan." + +#, fuzzy +#~ msgid "Please choose the when to start strongSwan:" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "At which level do you wish to start strongSwan ?" +#~ msgstr "Em que nível você deseja iniciar o Openswan ?" + +#~ msgid "2048" +#~ msgstr "2048" diff --git a/debian/po/ru.po b/debian/po/ru.po new file mode 100644 index 000000000..e3e3ffb09 --- /dev/null +++ b/debian/po/ru.po @@ -0,0 +1,473 @@ +# translation of ru.po to Russian +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the strongswan package. +# +# Yuri Kozlov <yuray@komyakino.ru>, 2009, 2010. +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.4.0-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-09 12:15+0200\n" +"PO-Revision-Date: 2010-06-25 19:08+0400\n" +"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n" +"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n" +"Language: ru\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" +"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Заменена система управления уровнями выполнения" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"В предыдущих версиях пакета strongSwan предлагался выбор между тремя " +"уровнями запуска/останова. Из-за изменений стандартной процедуры запуска в " +"системе это больше не требуется и ненужно. В новых установках, а также в " +"старых, работающих на любом уровне, будут выбраны разумные уровни по " +"умолчанию. Если выполнятся обновление предыдущей версии и вы изменяли " +"параметры запуска strongSwan, прочитайте инструкции из файла NEWS.Debian о " +"том, как изменить соответствующую настройку." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Перезапустить strongSwan прямо сейчас?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such " +"a strongSwan tunnel to connect for this update, restarting is not " +"recommended." +msgstr "" +"Рекомендуется перезапустить strongSwan, так как при наличии исправлений " +"безопасности они не заработают, пока служба не будет перезапущена. " +"Большинство людей всё равно перезапускают службу, поэтому обычно лучше это " +"сделать. Однако это может привести к кратковременному разрыву существующих " +"соединений, поэтому если вы сейчас используете туннель strongSwan для " +"подключения перезапуск не рекомендуется." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Запустить службу strongSwan IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Для поддержки 1-й версии протокола обмена ключами Интернет должна быть " +"запущена служба pluto." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Запустить службу strongSwan IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Для поддержки 2-й версии протокола обмена ключами Интернет должна быть " +"запущена служба charon." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Использовать существующий сертификат X.509 для этого узла?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Сертификат X.509 для этого узла может быть автоматически создан или " +"импортирован. Он может использоваться для аутентификации IPSec соединений с " +"другими узлами, и это является предпочтительным способом создания безопасных " +"соединений IPSec. Также для аутентификации соединения можно использовать " +"общие секреты (одинаковые пароли на обоих концах туннеля), но при большом " +"количестве соединений аутентификация по ключам легче в администрировании и " +"она более безопасна." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Или же вы можете ответить отрицательно и позже вернуться к этому вопросу " +"запустив команду \"dpkg-reconfigure ostrongswan\"." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "создать" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "импортировать" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "Методы, использующие сертификат X.509 для аутентификации данного узла:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"Возможно создать новый сертификат X.509, заданный пользователем, или " +"импортировать существующий открытый и закрытый ключи из файла(ов) PEM для " +"аутентификации соединений IPsec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Если вы выберете создание нового сертификата X.509, то сначала вам будет " +"задано несколько вопросов, на которые нужно ответить до начала создания. " +"Учтите, что если вы хотите подписать открытый ключ в действующем центре " +"сертификации, то вам ненужно выбирать создание самоподписанного сертификата, " +"и все ответы должны точно удовлетворять требованиям ЦС, иначе запрос " +"сертификата может быть отклонён." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Если вы хотите импортировать существующий открытый и закрытый ключи, то вам " +"будет предложено указать имена файлов с ними (которые могут быть одинаковы, " +"если обе части хранятся в одном файле). Также вы можете указать имя файла, " +"где хранится открытый ключ(и) центра сертификации, но этот файл не может " +"совпадать с предыдущими. Заметим, что формат сертификатов X.509 должен быть " +"PEM и что закрытый ключ не должен быть зашифрован, иначе процедура импорта " +"завершится неудачно." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Имя файла сертификата X.509 в формате PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Введите полный путь к файлу, содержащему ваш сертификат X.509 в формате PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Имя файла сертификата X.509 в формате PEM с закрытым ключом:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Введите путь к файлу, содержащему закрытый ключ RSA для вашего сертификата " +"X.509 в формате PEM. Это может быть тот же файл, что и для сертификата X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Имя файла сертификата X.509 в формате PEM для RootCA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Также вы можете ввести расположение файла с сертификатом корневого центра " +"сертификации X.509, используемого для подписи вашего сертификата в формате " +"PEM. Если у вас его нет или вы не хотите его использовать, то оставьте поле " +"пустым. Заметим, что невозможно хранить RootCA в одном файле с вашим " +"открытым или закрытым ключом сертификата X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Длина создаваемого ключа RSA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Введите длину необходимую длину ключа RSA. Она должна быть не менее 1024 " +"бит, так как меньшая не считается безопасной, и вам, вероятно, не нужно " +"задавать значение более 4096, так как это только замедлит процесс " +"аутентификации и, в настоящее время, не очень рационально." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Создать самоподписанный сертификат X.509?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Процесс установки умеет создавать автоматически только самоподписанные " +"сертификаты X.509, так как иначе требуется работа центра сертификации для " +"подписи запроса сертификата. Созданный самоподписанный сертификат сразу " +"можно использовать для подключения к другим машинам с IPSec, которые " +"поддерживают сертификаты X.509 для аутентификации соединений IPSec. Однако, " +"если вы хотите воспользоваться новыми возможностями PKI из strongSwan, то " +"все ваши сертификаты X.509 должны быть подписаны единым сертификационным " +"центром для создания доверительного пути." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Если вы ответите отрицательно, то будет создан только закрытый ключ RSA, а " +"также запрос для сертификата, который вам нужно подписать в центре " +"сертификации." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Код страны для запроса сертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Введите двухбуквенный код страны, где расположен сервер (например, \"RU\" в " +"России)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"Здесь нужно ввести правильный код страны согласно ISO-3166, так как OpenSSL " +"откажется генерировать сертификаты в противном случае. Пустое значение " +"разрешено для любого поля сертификата X.509 кроме этого." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Название области или округа для запроса сертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Укажите полное название области или округа, в котором находится сервер " +"(например, \"Moscow region\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Название места для запроса сертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Укажите название места, где располагается сервер (например город, \"Sergiev " +"Posad\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Название организации для запроса сертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Укажите название организации, которой принадлежит сервер (например, \"Debian" +"\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "" +"Название структурной единицы организации для запроса сертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Название структурной единицы организации для запроса сертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Общеизвестное название для запроса сертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" +"Укажите общеизвестное название (например, имя данного компьютера), например, " +"\"gateway.example.org\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "Адрес электронной почты для запроса сертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Укажите адрес электронной почты (человека или организации) для включения в " +"запрос сертификата." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Включить поддержку гибкого шифрования?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Эта версия strongSwan поддерживает гибкое шифрование (opportunistic " +"encryption, OE), при котором информация об аутентификации IPSec хранится в " +"записях DNS. Пока это широко не станет распространено, данная поддержка " +"приведёт к значительной задержке при каждом новом исходящем соединении." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Включайте гибкое шифрование, если вам это действительно нужно. Это может " +"прервать соединение с интернетом (маршрут по умолчанию) при запуске службы " +"pluto." diff --git a/debian/po/sv.po b/debian/po/sv.po new file mode 100644 index 000000000..c93658ffd --- /dev/null +++ b/debian/po/sv.po @@ -0,0 +1,481 @@ +# translation of strongswan_sv.po to Swedish +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# Martin gren <martin.agren@gmail.com>, 2008, 2009, 2010. +msgid "" +msgstr "" +"Project-Id-Version: strongswan_sv\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-09 12:15+0200\n" +"PO-Revision-Date: 2010-06-26 16:51+0200\n" +"Last-Translator: Martin gren <martin.agren@gmail.com>\n" +"Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n" +"Language: sv\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: swe\n" +"X-Poedit-Country: swe\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Gammal krnivhantering har ersatts" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Tidigare versioner av paketet strongswan erbjd ett val mellan tre olika " +"start-/stoppniver. P grund av ndringar i systemuppstartproceduren r " +"detta inte lngre ndvndigt eller anvndbart. Fr alla nya installationer, " +"svl som gamla installationer som kr i ngot av de frdefinierade lgena, " +"kommer rimliga standardvrden nu sttas. Om du uppgraderar frn en tidigare " +"version och ndrade dina uppstartsparametrar fr strongSwan, br du ta en " +"titt p NEWS.Debian fr instruktioner om hur du kan ndra din installation " +"p motsvarande stt." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Starta om strongSwan nu?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such " +"a strongSwan tunnel to connect for this update, restarting is not " +"recommended." +msgstr "" +"Att starta om strongSwan rekommenderas eftersom en eventuell " +"skerhetsrttning inte kommer anvndas frrn demonen startas om. De flesta " +"frvntar att servern startas om, s detta r normalt en bra ide. Detta kan " +"dock stnga existerande anslutningar och sedan ta upp dem igen, s om du " +"anvnder en strongSwan-tunnel fr att genomfra den hr uppdateringen r en " +"omstart inte rekommenderad." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Starta strongSwans IKEv1-demon?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pluto-demonen mste kras fr att stdja version 1 av Internet Key Exchange-" +"protokollet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Starta strongSwans IKEv2-demon?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Charon-demonen mste kras fr att stdja version 2 av Internet Key Exchange-" +"protokollet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Vill du anvnda ett X.509-certifikat fr den hr vrden?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Ett X.509-certifikat fr den hr vrden kan skapas eller importeras " +"automatiskt. Det kan anvndas fr att autentisera IPsec-anslutningar till " +"andra vrdar och r det rekommenderade sttet fr att bygga upp skra IPsec-" +"anslutningar. Den andra mjligheten skulle vara att anvnda delade " +"skerheter (lsenord som r samma p bda sidor av tunneln) fr " +"autentisering av en anslutning, men fr ett strre antal anslutningar r " +"nyckelbaserad autentisering lttare att administrera och skrare." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Alternativt kan du avfrda det hr valet och anvnda kommandot \"dpkg-" +"reconfigure strongswan\" fr att komma tillbaka vid ett senare tillflle." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "skapa" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "importera" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" +"Metoder fr anvndning av ett X.509-certifikat fr autentisering av den hr " +"vrden:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"Det r mjligt att skapa ett nytt X.509-certifikat med anvndar-definierade " +"instllningar eller att importera existerande publika och privata nycklar " +"lagrade i PEM-fil(er) fr autentisering av IPsec-anslutningar." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Om du vljer att skapa ett nytt X.509-certifikat kommer du frst f svara p " +"ngra frgor innan genereringen kan startas. Kom ihg att du, om du vill att " +"den publika nyckeln ska signeras av existerande certifikatsutstllare (CA), " +"inte ska vlja att skapa ett sjlvsignerat certifikat och att alla svar " +"precis mste motsvara de krav CA:n stller. Annars kan certifikatsfrfrgan " +"komma att avsls." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Om du vill importera existerande publika och privata nycklar kommer du " +"ombeds ange deras filnamn (som kan vara identiska om bda delarna sparas " +"tillsammans i en fil). Du kan ven ange ett filnamn dr CA:n publika nyckel " +"finns, men denna fil kan inte vara samma som de tidigare. Notera ocks att " +"formatet fr X.509-certifikaten mste vara PEM och att den privata nyckeln " +"inte fr vara krypterad fr att den ska kunna importeras." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Namn p filen med ditt X.509-certifikat i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" +"Ange platsen fr den fil som innehller ditt X.509-certifikat i PEM-format." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Namn p filen med din privata X.509-nyckel i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Ange platsen fr den fil som innehller den privata RSA-nyckel som matchar " +"ditt X.509-certifikat i PEM-format. Detta kan vara samma fil som innehller " +"X.509-certifikatet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Namn p filen med rot-CA:ns X.509-certifikat i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Du kan nu, om du vill, ange platsen fr den fil som innehller ett X.509-" +"certifikat fr den rot-CA som anvnts fr att signera ditt certifikat i PEM-" +"format. Lmna fltet tomt om du inte har ngot sdant certifikat eller om du " +"inte vill anvnda det. Observera att det inte r mjligt att lagra rot-CA:n " +"i samma fil som ditt X.509-certifikat eller den privata nyckeln." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Ange vilken lngd den skapade RSA-nyckeln ska ha:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Ange lngden p den skapade RSA-nyckeln. Den br inte vara kortare n 1024 " +"bitar eftersom det anses oskert. Du behver troligtvis inte mer n 4096 " +"bitar eftersom det gr autentiseringen lngsammare och anses innebra en " +"ondigt stor skerhetsmarginal fr tillfllet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Vill du skapa ett sjlvsignerat X.509-certifikat?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Endast sjlvsignerade X.509-certifikat kan skapas automatiskt eftersom det " +"annars krvs en CA fr att signera certifikatsfrfrgan. Om du vljer att " +"skapa ett sjlvsignerat certifikat, kan du genast anvnda det fr att " +"ansluta till andra IPsec-vrdar som stdjer X.509-certifikat fr " +"autentisering av IPsec-anslutningar. Anvndning av strongSwans PKI-" +"funktioner krver dock att alla certifikat har signerats av en och samma CA " +"fr att skapa en tillitskedja." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Om du inte vljer att skapa ett sjlvsignerat certifikta, kommer endast den " +"privata RSA-nyckeln och certifikatsfrfrgan att skapas. Du mste df " +"certifikatsfrfrn signerad av din certifikatsutstllare." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Landskod fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Ange den kod om tv bokstver som identifierar landet som servern str i " +"(exempelvis \"SE\" fr Sverige)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"OpenSSL kommer vgra generera ett certifikat svida det hr vrdet inte r " +"en giltig landskod enligt ISO-3166; ett tomt flt r giltigt p andra " +"stllen i X.509-certifikat, men inte hr." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Region eller ln fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Ange namnet p den region eller den stat som servern str i (exempelvis " +"\"Skne ln\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Lokaliteten fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "Ange den lokalitet servern str i (ofta en stad, ssom \"Malm\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisationsnamn fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Ange namnet p den organisation servern tillhr (exempelvis \"Debian\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisationsenhet fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Ange den organisationsenhet servern tillhr (exempelvis \"skerhetsgruppen" +"\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Namn p X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "Ange namnet p den hr vrden (exempelvis \"gateway.example.org\")." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "E-postadress fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Ange e-postadressen till den person eller organisation som r ansvarig fr " +"X.509-certifikatet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Vill du aktivera opportunistisk kryptering?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Denna version av strongSwan stdjer opportunistisk kryptering (OE), som " +"lagrar IPSec-autentiseringsinformation i DNS-registret. Till dess detta " +"anvnds i stor utstrckning, kommer aktivering av det att orsaka betydande " +"frdrjningar fr varje ny utgende anslutning." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Du ska bara aktivera opportunistisk kryptering om du r sker p att du vill " +"ha det. Det kan bryta internetanslutningen (standardvgen) nr pluto-demonen " +"startas." diff --git a/debian/po/templates.pot b/debian/po/templates.pot new file mode 100644 index 000000000..59fbb9d6c --- /dev/null +++ b/debian/po/templates.pot @@ -0,0 +1,381 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"Language-Team: LANGUAGE <LL@li.org>\n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" diff --git a/debian/po/vi.po b/debian/po/vi.po new file mode 100644 index 000000000..180377b5f --- /dev/null +++ b/debian/po/vi.po @@ -0,0 +1,458 @@ +# Vietnamese translation for StrongSwan. +# Copyright © 2010 Free Software Foundation, Inc. +# Clytie Siddall <clytie@riverland.net.au>, 2005-2010. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.4.0-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2010-08-16 14:23+0200\n" +"PO-Revision-Date: 2010-10-03 19:22+1030\n" +"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n" +"Language-Team: Vietnamese <vi-VN@googlegroups.com>\n" +"Language: vi\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=1; plural=0;\n" +"X-Generator: LocFactoryEditor 1.8\n" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Old runlevel management superseded" +msgstr "Quản lý cấp chạy cũ đã được thay thế" + +#. Type: note +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Previous versions of the strongSwan package gave a choice between three " +"different Start/Stop-Levels. Due to changes in the standard system startup " +"procedure, this is no longer necessary or useful. For all new installations " +"as well as old ones running in any of the predefined modes, sane default " +"levels will now be set. If you are upgrading from a previous version and " +"changed your strongSwan startup parameters, then please take a look at NEWS." +"Debian for instructions on how to modify your setup accordingly." +msgstr "" +"Các phiên bản trước của gói strongSwan đã cho phép chọn trong ba cấp Chạy/" +"Dừng. Do thay đổi trong thủ tục khởi chạy tiêu chuẩn, không còn có thể làm " +"như thế, nó cũng không còn có ích. Cho mọi bản cài đặt mới, cũng như bản cài " +"đặt cũ nào đang chạy trong một của những chế độ xác định sẵn này, một cấp " +"mặc định thích hợp sắp được lập. Nếu bạn đang nâng cấp từ một phiên bản " +"trước và đã sửa đổi tham số khởi chạy nào của strongSwan, hãy xem tập tin " +"tin tức « NEWS.Debian » để tìm hướng dẫn về cách sửa đổi thiết lập cho phù " +"hợp." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Khởi chạy lại strongSwan ngay bây giờ ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, since if there is a security fix, it " +"will not be applied until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However, this might take down " +"existing connections and then bring them back up, so if you are using such a " +"strongSwan tunnel to connect for this update, restarting is not recommended." +msgstr "" +"Khuyên bạn khởi chạy lại strongSwan, vì sự sửa chữa bảo mật nào không phải " +"được áp dụng đến khi trình nền khởi chạy. Phần lớn các người trông đợi trình " +"nền khởi chạy thì nói chung nó là một ý kiến tốt. Tuy nhiên nó có thể tắt " +"rồi bật lại kết nối đã có, vì thế nếu bạn đang sử dụng (v.d.) một đường hầm " +"strongSwan để kết nối đến bản cập nhật này, không nên khởi chạy lại vào lúc " +"này." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Khởi chạy trình nền IKEv1 của strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Đồng thời cũng cần phải chạy trình nền pluto, để hỗ trợ phiên bản 1 của giao " +"thức Trao Đổi Khoá Internet (IKE)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Khởi chạy trình nền IKEv2 của strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Đồng thời cũng cần phải chạy trình nền charon, để hỗ trợ phiên bản 2 của " +"giao thức Trao Đổi Khoá Internet (IKE)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Use an X.509 certificate for this host?" +msgstr "Dùng chứng nhận X.509 cho máy này ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"An X.509 certificate for this host can be automatically created or imported. " +"It can be used to authenticate IPsec connections to other hosts and is the " +"preferred way of building up secure IPsec connections. The other possibility " +"would be to use shared secrets (passwords that are the same on both sides of " +"the tunnel) for authenticating a connection, but for a larger number of " +"connections, key based authentication is easier to administer and more " +"secure." +msgstr "" +"Một chứng nhận X.509 có thể được tự động tạo hoặc nhập cho máy này. Chứng " +"nhận này có thể được sử dụng để xác thực kết nối IPsec đến máy khác: nó là " +"phương pháp ưa thích để xây dựng kết nối IPsec bảo mật. Tuỳ chọn khác là sử " +"dụng điều bí mật chia sẻ (cùng một mật khẩu ở hai bên đường hầm) để xác thực " +"kết nối, nhưng mà cho nhiều kết nối dễ hơn quản lý sự xác thức dựa vào khoá, " +"và phương pháp này bảo mật hơn." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"Alternatively you can reject this option and later use the command \"dpkg-" +"reconfigure strongswan\" to come back." +msgstr "" +"Hoặc bạn có thể từ chối tuỳ chọn này, và chạy câu lệnh « dpkg-reconfigure " +"strongswan » về sau để trở về tiến trình cấu hình này." + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "create" +msgstr "tạo" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:7001 +msgid "import" +msgstr "nhập" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "Methods for using a X.509 certificate to authenticate this host:" +msgstr "Phương pháp sử dụng chứng nhận X.509 để xác thực máy này:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"It is possible to create a new X.509 certificate with user-defined settings " +"or to import an existing public and private key stored in PEM file(s) for " +"authenticating IPsec connections." +msgstr "" +"Có thể tạo một chứng nhận X.509 mới với thiết lập được người dùng xác định, " +"hoặc có thể nhập một cặp khoá (công và riêng) đã có theo tập tin PEM, để xác " +"thực kết nối IPsec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you choose to create a new X.509 certificate you will first be asked a " +"number of questions which must be answered before the creation can start. " +"Please keep in mind that if you want the public key to get signed by an " +"existing Certificate Authority you should not select to create a self-signed " +"certificate and all the answers given must match exactly the requirements of " +"the CA, otherwise the certificate request may be rejected." +msgstr "" +"Nếu bạn chọn tạo một chứng nhận X.509 mới thì đầu tiên bạn được hỏi một số " +"câu bắt buộc phải trả lời trước khi có thể bắt đầu tạo chứng nhận. Ghi nhớ " +"rằng nếu bạn muốn có khoá công được ký bởi một CA (nhà cầm quyền cấp chứng " +"nhận) đã tồn tại, bạn không nên chọn tạo một chứng nhận tự ký, và tất cả các " +"đáp ứng bạn làm phải tương ứng chính xác với yêu cầu của CA, không thì yêu " +"cầu chứng nhận có thể bị từ chối." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:7002 +msgid "" +"If you want to import an existing public and private key you will be " +"prompted for their filenames (which may be identical if both parts are " +"stored together in one file). Optionally you may also specify a filename " +"where the public key(s) of the Certificate Authority are kept, but this file " +"cannot be the same as the former ones. Please also be aware that the format " +"for the X.509 certificates has to be PEM and that the private key must not " +"be encrypted or the import procedure will fail." +msgstr "" +"Nếu bạn muốn nhập một cặp khoá công và riêng đã có, bạn sẽ được nhắc nhập " +"(các) tên tập tin (mà có thể là trùng nếu cả hai khoá được giữ trong cùng " +"một tập tin). Tuỳ chọn bạn cũng có thể ghi rõ một tên tập tin chứa (các) " +"khoá công của CA, nhưng mà tập tin này phải khác với tập tin nhập trước. " +"Cũng ghi nhớ rằng định dạng của chứng nhận X.509 phải là PEM, và khoá riêng " +"không thể được mật mã, không thì tiến trình nhập không thành công." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your PEM format X.509 certificate:" +msgstr "Tên tập tin của chứng nhận X.509 dạng PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the location of the file containing your X.509 certificate in " +"PEM format." +msgstr "Hãy nhập vị trí của tập tin chứa chứng nhận X.509 dạng PEM của bạn." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your PEM format X.509 private key:" +msgstr "Tên tập tin cỳa khoá riêng X.509 dạng PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Hãy nhập vị trí của tập tin chứa khoá RSA riêng tương ứng với chứng nhận " +"X.509, cả hai theo định dạng PEM. (Đây có thể là cùng một tập tin với tập " +"tin chứa chứng nhận X.509.)" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "File name of your PEM format X.509 RootCA:" +msgstr "Tên tập tin của RootCA X.509 dạng PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Optionally you can now enter the location of the file containing the X.509 " +"Certificate Authority root used to sign your certificate in PEM format. If " +"you do not have one or do not want to use it please leave the field empty. " +"Please note that it's not possible to store the RootCA in the same file as " +"your X.509 certificate or private key." +msgstr "" +"Tuỳ chọn bạn bây giờ có thể nhập vị trí của tập tin chứa gốc nhà cầm quyền " +"cấp chứng nhận X.509 được dùng để ký chứng nhận theo định dạng PEM của bạn. " +"Không có hoặc không muốn sử dụng nó thì bỏ trống trường này. Ghi chú rằng " +"không thể giữ RootCA trong cùng một tập tin với chứng nhận X.509 hoặc khoá " +"riêng của bạn." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Please enter which length the created RSA key should have:" +msgstr "Gõ chiều dài dự định của khoá RSA cần tạo :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 4096 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Hãy nhập chiều dài của khoá RSA cần tạo. Ít hơn 1024 bit được thấy là không " +"an toàn, và lớn hơn 4096 bit chỉ làm chậm tiến trình xác thực và chưa cần " +"thiết." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Tạo một chứng nhận X.509 tự ký ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a Certificate Authority is needed to sign the certificate request. " +"If you choose to create a self-signed certificate, you can use it " +"immediately to connect to other IPsec hosts that support X.509 certificate " +"for authentication of IPsec connections. However, using strongSwan's PKI " +"features requires all certificates to be signed by a single Certificate " +"Authority to create a trust path." +msgstr "" +"Chỉ chứng nhận X.509 tự ký có thể được tự động tạo, vì bằng cách khác một CA " +"cần thiết để ký yêu cầu chứng nhận. Nếu bạn chọn tạo một chứng nhận tự ký, " +"bạn có thể sử dụng nó ngay lập tức để kết nối tới máy IPsec khác có hỗ trợ " +"chứng nhận X.509 để xác thực kết nối IPsec. Tuy nhiên, tính năng PKI của " +"strongSwan yêu cầu tất cả các chứng nhận được ký bởi cùng một CA, để tạo một " +"đường dẫn tin cậy." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"If you do not choose to create a self-signed certificate, only the RSA " +"private key and the certificate request will be created, and you will have " +"to sign the certificate request with your Certificate Authority." +msgstr "" +"Nếu bạn không chọn tạo một chứng nhận tự ký thì chỉ khoá riêng RSA và yêu " +"cầu chứng nhận sẽ được tạo, và bạn cần phải ký yêu cầu chứng nhận bằng CA." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Country code for the X.509 certificate request:" +msgstr "Mã quốc gia cho yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the two-letter code for the country the server resides in (such " +"as \"AT\" for Austria)." +msgstr "" +"Hãy nhập mã hai chữ cho quốc gia chứa máy phục vụ (v.d. « VI » cho Việt Nam)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"OpenSSL will refuse to generate a certificate unless this is a valid " +"ISO-3166 country code; an empty field is allowed elsewhere in the X.509 " +"certificate, but not here." +msgstr "" +"Không có mã quốc gia ISO-3166 đúng thì OpenSSL từ chối tạo chứng nhận. Có " +"thể bỏ trống trường ở một số nơi khác trong chứng nhận X.509 mà không phải ở " +"đây." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Tên của bảng hay tỉnh cho yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the full name of the state or province the server resides in " +"(such as \"Upper Austria\")." +msgstr "" +"Hãy nhập tên đầy đủ của bang hay tỉnh chứa máy phục vụ (v.d. « Nghệ An »)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Tên vùng cho yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the locality the server resides in (often a city, such as " +"\"Vienna\")." +msgstr "" +"Hãy nhập vùng chứa máy phục vụ (thường là một thành phố, v.d. « Nhà Trắng »)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Tên tổ chức cho yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organization the server belongs to (such as \"Debian\")." +msgstr "" +"Hãy nhập tổ chức sở hữu máy phục vụ (v.d. « Debian » hoặc « Dự án MOST »)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Tên đơn vị tổ chức cho yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the organizational unit the server belongs to (such as " +"\"security group\")." +msgstr "" +"Hãy nhập tên đơn vị của tổ chức sở hữu máy phục vụ (v.d. « nhóm địa phương " +"hoá »)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Common Name for the X.509 certificate request:" +msgstr "Tên chung cho yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the Common Name for this host (such as \"gateway.example.org\")." +msgstr "Hãy nhập Tên Chung cho máy này (v.d. « cổng_ra.vị_dụ.org »)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Email address for the X.509 certificate request:" +msgstr "Địa chỉ thư cho yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"Please enter the email address of the person or organization responsible for " +"the X.509 certificate." +msgstr "" +"Hãy nhập địa chỉ thư điện tử của người hoặc tổ chức chịu trách nhiệm về yêu " +"cầu chứng nhận này." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "Enable opportunistic encryption?" +msgstr "Bật mật mã cơ hội chủ nghĩa ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Phiên bản strongSwan này hỗ trợ mật mã cơ hội chủ nghĩa (OE) mà cất giữ " +"thông tin xác thực IPSec trong mục ghi DNS. Chức năng này chưa phổ biến thì " +"vẫn còn làm trễ mỗi kết nối mới gửi đi." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:20001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Chưa chắc thì không nên hiệu lực chức năng mật mã cơ hội chủ nghĩa. Nó cũng " +"có thể đóng kết nối Internet (đường dẫn mặc định) do trình nền pluto khởi " +"chạy." diff --git a/debian/rules b/debian/rules new file mode 100755 index 000000000..e3eb7b5c8 --- /dev/null +++ b/debian/rules @@ -0,0 +1,182 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# GNU copyright 1997 to 1999 by Joey Hess. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +export DH_OPTIONS + +# this is a security-critical package, set all the options we can +export DEB_BUILD_HARDENING=1 + +CONFIGUREARGS := --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ + --libexecdir=/usr/lib \ + --enable-ldap --enable-curl \ + --with-capabilities=libcap \ + --enable-smartcard --enable-pkcs11 \ + --with-default-pkcs11=/usr/lib/opensc-pkcs11.so \ + --enable-mediation --enable-medsrv --enable-medcli \ + --enable-openssl --enable-agent \ + --enable-ctr --enable-ccm --enable-gcm --enable-addrblock \ + --enable-eap-radius --enable-eap-identity --enable-eap-md5 \ + --enable-eap-gtc --enable-eap-aka --enable-eap-mschapv2 \ + --enable-eap-tls --enable-eap-ttls --enable-eap-tnc \ + --enable-sql --enable-integrity-test \ + --enable-ha --enable-dhcp --enable-farp \ + --enable-led \ + --enable-test-vectors --enable-nat-transport + # --with-user=strongswan --with-group=nogroup \ + # --enable-kernel-pfkey --enable-kernel-klips \ + # And for --enable-eap-sim we would need the library, which we don't + # have right now. + # Don't --enable-cisco-quirks, because some other IPsec implementations + # (most notably the Phion one) have problems connecting when pluto + # sends these Cisco options. + +DEB_BUILD_ARCH_CPU ?=$(shell dpkg-architecture -qDEB_BUILD_ARCH_CPU) + +ifeq (,$(filter noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O2 +endif +ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + MAKEFLAGS += -j$(NUMJOBS) +endif +# the padlock plugin only makes sense on i386 +# but it actually doesn't do much, so maybe we don't need it +ifeq ($(DEB_BUILD_ARCH_CPU),i386) + CONFIGUREARGS += --enable-padlock +endif + +# And only enable network-manager building if the libraries are present +# (they will be when the build-deps are fulfilled, but this makes it easier +# to do backports where the network-manager libs can not be installed, and +# thus to just ignore build-deps). +ifeq ($(shell test -d /usr/include/libnm-glib/ && echo yes),yes) + CONFIGUREARS += --enable-nm +endif + +build: build-stamp +build-stamp: + dh_testdir + ./configure $(CONFIGUREARGS) + $(MAKE) CC="$(CC)" CFLAGS="$(CFLAGS)" + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp + + [ ! -f Makefile ] || $(MAKE) distclean + #-$(MAKE) -C programs/fswcert/ clean + # after a make clean, no binaries _should_ be left, but .... + -find $(CURDIR) -name "*.o" | xargs --no-run-if-empty rm + + # Really clean (#356716) + # This is a hack: should be better implemented + rm -f lib/libstrongswan/libstrongswan.a || true + rm -f lib/libstrongswan/liboswlog.a || true + + # just in case something went wrong + rm -f $(CURDIR)/debian/ipsec.secrets + + # and make sure that template are up-to-date + debconf-updatepo + + dh_clean + +install: build-stamp + dh_testdir + dh_testroot + dh_installdirs + $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp + + # install files from debian/tmp into proper package dirs + dh_install --list-missing + # special handling for padlock, as it is only built on i386 +ifeq ($(DEB_BUILD_ARCH_CPU),i386) + install $(CURDIR)/debian/tmp/usr/lib/ipsec/plugins/libstrongswan-padlock.so* $(CURDIR)/debian/libstrongswan/usr/lib/ipsec/plugins/ +endif + # and special handling for network-manager files - only install when build + install -d $(CURDIR)/debian/tmp/usr/lib/ipsec/plugins/libstrongswan-nm.so* $(CURDIR)/debian/strongswan-nm/usr/lib/ipsec/plugins/ + + # and additional files not covered by upstream makefile... + install --mode=0600 $(CURDIR)/debian/ipsec.secrets.proto $(CURDIR)/debian/strongswan-starter/etc/ipsec.secrets + # also "patch" ipsec.conf to include the debconf-managed file + echo >> $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + echo "include /var/lib/strongswan/ipsec.conf.inc" >> $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + # and to enable both IKEv1 and IKEv2 by default + sed -r 's/^[ \t]+# *plutostart=(yes|no) */\tplutostart=yes/;s/^[ \t]+# *charonstart=(yes|no) */\tcharonstart=yes/' < $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf > $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf.tmp + mv $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf.tmp $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + # set permissions on ipsec.secrets + chmod 600 $(CURDIR)/debian/strongswan-starter/etc/ipsec.secrets + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + chmod 700 -R $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/private/ + # don't know why they come with +x set by default... + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/policies/* + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/examples/* + + # this is handled by update-rc.d + rm -rf $(CURDIR)/debian/strongswan-starter/etc/rc?.d + + # delete var/lock/subsys and var/run to satisfy lintian + rm -rf $(CURDIR)/debian/openswan/var/lock + rm -rf $(CURDIR)/debian/openswan/var/run + + dh_installdocs -pstrongswan -n + # change the paths in the installed doc files (but only in regular + # files, not in links to the outside of the build tree !) + # TODO: check if we still need this + ( cd $(CURDIR)/debian/strongswan/; \ + for f in `grep "/usr/local/" --recursive --files-with-match *`; \ + do \ + if [ -f $$f -a ! -L $$f ]; then \ + cp $$f $$f.old; \ + sed 's/\/usr\/local\//\/usr\//' $$f.old > $$f; \ + rm $$f.old; \ + fi; \ + done ) + + # the logcheck ignore files + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.paranoid $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.paranoid/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.server/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.workstation/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.violations.ignore $(CURDIR)/debian/libstrongswan/etc/logcheck/violations.ignore.d/strongswan + + # more lintian cleanups + find $(CURDIR)/debian/*strongswan*/ -name ".cvsignore" | xargs --no-run-if-empty rm -f + find $(CURDIR)/debian/*strongswan*/ -name "/.svn/" | xargs --no-run-if-empty rm -rf + +binary-common: + dh_testdir + dh_testroot + dh_installdirs + dh_installinit --name=ipsec + dh_installdebconf + dh_installchangelogs NEWS + dh_installdocs README + dh_link + dh_strip --dbg-package=strongswan-dbg + dh_compress + dh_fixperms -X etc/ipsec.secrets -X etc/ipsec.d + dh_lintian + dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary-indep: + $(MAKE) -f debian/rules binary-common DH_OPTIONS=-i + +binary-arch: install + $(MAKE) -f debian/rules binary-common DH_OPTIONS=-a + +binary-%: build-stamp install + make -f debian/rules binary-common DH_OPTIONS=-p$* + +binary: binary-indep binary-arch +.PHONY: clean binary-indep binary-arch diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 000000000..163aaf8d8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/strongswan-ikev1.install b/debian/strongswan-ikev1.install new file mode 100644 index 000000000..8d4a824ca --- /dev/null +++ b/debian/strongswan-ikev1.install @@ -0,0 +1,4 @@ +usr/lib/ipsec/pluto usr/lib/ipsec/ +usr/lib/ipsec/_pluto_adns usr/lib/ipsec/ +usr/lib/ipsec/whack usr/lib/ipsec/ +usr/share/man/man8/pluto.8 usr/share/man/man8/ diff --git a/debian/strongswan-ikev2.install b/debian/strongswan-ikev2.install new file mode 100644 index 000000000..5bf3cdd1b --- /dev/null +++ b/debian/strongswan-ikev2.install @@ -0,0 +1,11 @@ +usr/lib/libcharon.so* usr/lib/ +usr/lib/ipsec/charon usr/lib/ipsec/ +usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-socket*.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-eap*.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-agent.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-curl.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-ldap.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-medsrv.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-medcli.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-attr*.so* usr/lib/ipsec/plugins/ diff --git a/debian/strongswan-starter.config b/debian/strongswan-starter.config new file mode 100644 index 000000000..cb9de0964 --- /dev/null +++ b/debian/strongswan-starter.config @@ -0,0 +1,46 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +# disable for now, until we can deal with the don't-edit-conffiles situation +#db_input high strongswan/ikev1 || true +#db_input high strongswan/ikev2 || true + +db_input medium strongswan/restart || true + +db_input high strongswan/enable-oe || true + +db_get strongswan/install_x509_certificate +if [ "$RET" = "true" ]; then + db_input high strongswan/how_to_get_x509_certificate || true + db_go || true + + db_get strongswan/how_to_get_x509_certificate + if [ "$RET" = "create" ]; then + # create a new certificate + db_input medium strongswan/rsa_key_length || true + db_input high strongswan/x509_self_signed || true + # we can't allow the country code to be empty - openssl will + # refuse to create a certificate this way + countrycode="" + while [ -z "$countrycode" ]; do + db_input medium strongswan/x509_country_code || true + db_go || true + db_get strongswan/x509_country_code + countrycode="$RET" + done + db_input medium strongswan/x509_state_name || true + db_input medium strongswan/x509_locality_name || true + db_input medium strongswan/x509_organization_name || true + db_input medium strongswan/x509_organizational_unit || true + db_input medium strongswan/x509_common_name || true + db_input medium strongswan/x509_email_address || true + db_go || true + elif [ "$RET" = "import" ]; then + # existing certificate - use it + db_input critical strongswan/existing_x509_certificate_filename || true + db_input critical strongswan/existing_x509_key_filename || true + db_input critical strongswan/existing_x509_rootca_filename || true + db_go || true + fi +fi diff --git a/debian/strongswan-starter.dirs b/debian/strongswan-starter.dirs new file mode 100644 index 000000000..ca35d4a43 --- /dev/null +++ b/debian/strongswan-starter.dirs @@ -0,0 +1,10 @@ +/etc +/etc/ipsec.d +/etc/ipsec.d/cacerts +/etc/ipsec.d/ocspcerts +/etc/ipsec.d/crls +/etc/ipsec.d/private +/etc/ipsec.d/policies +/etc/init.d +/var/lock/subsys +/var/lib/strongswan diff --git a/debian/strongswan-starter.install b/debian/strongswan-starter.install new file mode 100644 index 000000000..84bb69868 --- /dev/null +++ b/debian/strongswan-starter.install @@ -0,0 +1,27 @@ +# starter +usr/lib/ipsec/starter usr/lib/ipsec/ +usr/lib/ipsec/_copyright usr/lib/ipsec/ +usr/sbin/ipsec usr/sbin/ +etc/ipsec.d etc/ +etc/ipsec.conf etc/ +usr/share/man/man8/ipsec.8 usr/share/man/man8/ +usr/share/man/man8/_copyright.8 usr/share/man/man8/ +usr/share/man/man8/starter.8 usr/share/man/man8/ +usr/share/man/man5/ipsec.conf.5 usr/share/man/man5/ +usr/share/man/man5/ipsec.secrets.5 usr/share/man/man5/ +# updown +usr/lib/ipsec/plugins/libstrongswan-updown.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/_updown usr/lib/ipsec/ +usr/lib/ipsec/_updown_espmark usr/lib/ipsec/ +usr/share/man/man8/_updown.8 usr/share/man/man8/ +usr/share/man/man8/_updown_espmark.8 usr/share/man/man8/ +# tools +usr/lib/ipsec/scepclient usr/lib/ipsec/ +usr/lib/ipsec/openac usr/lib/ipsec/ +usr/lib/ipsec/pki usr/lib/ipsec/ +usr/lib/ipsec/pool usr/lib/ipsec/ +usr/share/man/man8/scepclient.8 usr/share/man/man8/ +usr/share/man/man8/openac.8 usr/share/man/man8/ +# stroke +usr/lib/ipsec/stroke usr/lib/ipsec/ +usr/lib/ipsec/plugins/libstrongswan-stroke.so* usr/lib/ipsec/plugins/ diff --git a/debian/strongswan-starter.ipsec.init b/debian/strongswan-starter.ipsec.init new file mode 100644 index 000000000..484a4e0b3 --- /dev/null +++ b/debian/strongswan-starter.ipsec.init @@ -0,0 +1,164 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: vpn +# Required-Start: $network $local_fs +# Required-Stop: $network $local_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Strongswan IPsec services +### END INIT INFO + +# Author: Rene Mayrhofer <rene@mayrhofer.eu.org> + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="strongswan IPsec services" +NAME=ipsec +STARTER=/usr/sbin/$NAME +PIDFILE1=/var/run/pluto.pid +PIDFILE2=/var/run/charon.pid +PLUTO=/usr/lib/ipsec/pluto +CHARON=/usr/lib/ipsec/charon +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$STARTER" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + + # test if either charon or pluto are currently running (PIDFILE1 or PIDFILE2) + if [ -e $PLUTO ]; then + start-stop-daemon --start --quiet --pidfile $PIDFILE1 --exec $STARTER --test > /dev/null \ + || return 1 + fi + if [ -e $CHARON ]; then + start-stop-daemon --start --quiet --pidfile $PIDFILE2 --exec $STARTER --test > /dev/null \ + || return 1 + fi + + $STARTER start || return 2 +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + # give the proper signal to stop + $STARTER stop || return 2 + + RETVAL=0 + # but kill if that didn't work + if [ -e $PIDFILE1 ]; then + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE1 --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + fi + if [ -e $PIDFILE2 ]; then + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE2 --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + fi + + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + if [ -e $PLUTO ]; then + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $PLUTO + [ "$?" = 2 ] && return 2 + fi + if [ -e $CHARON ]; then + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $CHARON + [ "$?" = 2 ] && return 2 + fi + + # strongswan is known to leave PID files behind when something goes wrong, cleanup here + rm -f $PIDFILE1 $PIDFILE2 + # and just to make sure they are really really dead at this point... + killall -9 $PLUTO 2>/dev/null + killall -9 $CHARON 2>/dev/null + + return "$RETVAL" +} + +do_reload() { + $STARTER reload + return 0 +} + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + status) + $STARTER status || exit $? + ;; + reload|force-reload) + log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + log_end_msg $? + ;; + restart) + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 + exit 3 + ;; +esac + +: diff --git a/debian/strongswan-starter.lintian-overrides b/debian/strongswan-starter.lintian-overrides new file mode 100644 index 000000000..02731f348 --- /dev/null +++ b/debian/strongswan-starter.lintian-overrides @@ -0,0 +1,4 @@ +# as here private data is stored we need tighter perms here +strongswan-starter: non-standard-dir-perm etc/ipsec.d/private/ 0700 != 0755 +strongswan-starter: non-standard-file-perm etc/ipsec.secrets 0600 != 0644 +strongswan-starter: non-standard-dir-perm var/lib/openswan/ 0700 != 0755 diff --git a/debian/strongswan-starter.postinst b/debian/strongswan-starter.postinst new file mode 100644 index 000000000..32bf86ffc --- /dev/null +++ b/debian/strongswan-starter.postinst @@ -0,0 +1,327 @@ +#! /bin/bash +# postinst script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * <postinst> `configure' <most-recently-configured-version> +# * <old-postinst> `abort-upgrade' <new version> +# * <conflictor's-postinst> `abort-remove' `in-favour' <package> +# <new-version> +# * <deconfigured's-postinst> `abort-deconfigure' `in-favour' +# <failed-install-package> <version> `removing' +# <conflicting-package> <version> +# for details, see /usr/share/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# * <deconfigured's-postinst> `abort-deconfigure' `in-favour' +# <failed-install-package> <version> `removing' +# <conflicting-package> <version> +# for details, see /usr/share/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +CONF_FILE=/var/lib/strongswan/ipsec.conf.inc +SECRETS_FILE=/var/lib/strongswan/ipsec.secrets.inc + +Warn () +{ + echo "$*" >&2 +} + +Error () +{ + Warn "Error: $*" +} + +insert_private_key_filename() { + if ! ( [ -e $SECRETS_INC_FILE ] && egrep -q ": RSA $1" $SECRETS_INC_FILE ); then + echo ": RSA $1" >> $SECRETS_INC_FILE + fi +} + +make_x509_cert() { + if [ $# -ne 12 ]; then + echo "Error in creating X.509 certificate" + exit 1 + fi + + case $5 in + false) + certreq=$4.req + selfsigned="" + ;; + true) + certreq=$4 + selfsigned="-x509" + ;; + *) + echo "Error in creating X.509 certificate" + exit 1 + ;; + esac + + echo -e "$6\n$7\n$8\n$9\n${10}\n${11}\n${12}\n\n\n" | \ + /usr/bin/openssl req -new -outform PEM -out $certreq \ + -newkey rsa:$1 -nodes -keyout $3 -keyform PEM \ + -days $2 $selfsigned >/dev/null +} + +enable_daemon_start() { + daemon=$1 + protocol=$2 + + echo -n "Enabling ${protocol} support by pluto ... " + if [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=yes\w*$" $CONF_FILE; then + echo "already enabled" + elif [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=no\w*$" $CONF_FILE; then + sed "s/${daemon}start=no/${daemon}start=yes/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ -e $CONF_FILE ] && egrep -q "^\w+#\w*${daemon}start=(yes|no)\w*$" $CONF_FILE; then + sed "s/^\w+#\w*${daemon}start=(yes|no)\w*$/\t${daemon}start=yes/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo -e "\t${daemon}start=yes" > $CONF_FILE + else + echo "ERROR: unknown or nonexistant ${daemon}start= directive, please fix manually!" + fi +} + +disable_daemon_start() { + daemon=$1 + protocol=$2 + + echo -n "Disabling ${protocol} support by pluto ... " + if [ -e $CONF_FILE ] && ( egrep -q "^\w+${daemon}start=no\w*$" $CONF_FILE || + egrep -q "^\w+#\w*${daemon}start=(yes|no)\w*$" $CONF_FILE ); then + echo "already disabled" + elif [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=yes\w*$" $CONF_FILE; then + sed "s/${daemon}start=yes/${daemon}start=no/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo -e "\t${daemon}start=yes" > $CONF_FILE + else + echo "ERROR: unknown or nonexistant ${daemon}start= directive, please fix manually!" + fi +} + +setup_strongswan_user() { + if ! getent passwd strongswan >/dev/null; then + adduser --quiet --system --no-create-home --home /var/lib/strongswan --shell /usr/sbin/nologin strongswan + fi +} + +. /usr/share/debconf/confmodule + +case "$1" in + configure) + db_get strongswan/install_x509_certificate + if [ "$RET" = "true" ]; then + db_get strongswan/how_to_get_x509_certificate + if [ "$RET" = "create" ]; then + # extract the key from a (newly created) x509 certificate + host=`hostname` + newkeyfile="/etc/ipsec.d/private/${host}Key.pem" + newcertfile="/etc/ipsec.d/certs/${host}Cert.pem" + if [ -e $newcertfile -o -e $newkeyfile ]; then + Error "$newcertfile or $newkeyfile already exists." + Error "Please remove them first an then re-run dpkg-reconfigure to create a new keypair." + else + # create a new certificate + db_get strongswan/rsa_key_length + keylength=$RET + db_get strongswan/x509_self_signed + selfsigned=$RET + db_get strongswan/x509_country_code + countrycode=$RET + if [ -z "$countrycode" ]; then countrycode="."; fi + db_get strongswan/x509_state_name + statename=$RET + if [ -z "$statename" ]; then statename="."; fi + db_get strongswan/x509_locality_name + localityname=$RET + if [ -z "$localityname" ]; then localityname="."; fi + db_get strongswan/x509_organization_name + orgname=$RET + if [ -z "$orgname" ]; then orgname="."; fi + db_get strongswan/x509_organizational_unit + orgunit=$RET + if [ -z "$orgunit" ]; then orgunit="."; fi + db_get strongswan/x509_common_name + commonname=$RET + if [ -z "$commonname" ]; then commonname="."; fi + db_get strongswan/x509_email_address + email=$RET + if [ -z "$email" ]; then email="."; fi + make_x509_cert $keylength 1500 "$newkeyfile" "$newcertfile" "$selfsigned" "$countrycode" "$statename" "$localityname" "$orgname" "$orgunit" "$commonname" "$email" + chmod 0600 "$newkeyfile" + umask 077 + insert_private_key_filename "$newkeyfile" + echo "Successfully created x509 certificate." + fi + elif [ "$RET" = "import" ]; then + # existing certificate - use it + db_get strongswan/existing_x509_certificate_filename + certfile=$RET + db_get strongswan/existing_x509_key_filename + keyfile=$RET + db_get strongswan/existing_x509_rootca_filename + cafile=$RET + + if [ ! "$certfile" ] || [ ! "$keyfile" ]; then + Error "Either the certificate or the key filename is not specified." + elif ! ( ( [ -f "$certfile" ] || [ -L "$certfile" ] ) && ( [ -f "$keyfile" ] || [ -L "$keyfile" ] ) && ( [ "$cafile" = "" ] || ( [ -f "$cafile" ] || [ -L "$cafile" ] ) ) ); then + Error "Either the certificate or the key"${cafile:+ or the rootca}" file is not a regular file or symbolic link." + elif [ ! "`grep 'BEGIN CERTIFICATE' $certfile`" ] || [ ! "`grep 'BEGIN RSA PRIVATE KEY' $keyfile`" ] || ( [ "$cafile" != "" ] && [ ! "`grep 'BEGIN CERTIFICATE' $cafile`" ] ); then + Error "Either the certificate or the key"${cafile:+ or the rootca}" file is not a valid PEM type file." + elif [ "$cafile" ] && ( [ "$certfile" = "$cafile" ] || [ "$keyfile" = "$cafile" ]); then + Error "The certificate or the key file contains the rootca - unable to import automatically." + elif [ "`grep 'BEGIN CERTIFICATE' $certfile | wc -l`" -gt 1 ]; then + Error "The certificate file contains more than one certificate - unable to import automatically." + elif [ "`grep 'ENCRYPTED' $keyfile`" ]; then + Error "The key file contains an encrypted key - unable to import automatically." + else + newcertfile="/etc/ipsec.d/certs/$(basename "$certfile")" + newkeyfile="/etc/ipsec.d/private/$(basename "$keyfile")" + if [ "$cafile" ]; then + newcafile="/etc/ipsec.d/private/$(basename "$cafile")" + else + newcafile="" + fi + + if [ -e "$newcertfile" ] || [ -e "$newkeyfile" ] || ( [ "$newcafile" != "" ] && [ -e "$newcafile" ] ); then + Error "$newcertfile or $newkeyfile"${newcafile:+ or $newcafile}" already exists." + Error "Please remove them first and then re-run dpkg-reconfigure to extract an existing keypair"${newcafile:+ and a rootca}"." + else + openssl x509 -in $certfile -out $newcertfile 2>/dev/null + umask 077 + openssl rsa -passin pass:"" -in $keyfile -out $newkeyfile 2>/dev/null + chmod 0600 "$newkeyfile" + insert_private_key_filename "$newkeyfile" + cp "$cafile" /etc/ipsec.d/cacerts + echo "Successfully integrated existing x509 certificate." + fi + fi + fi + db_set strongswan/install_x509_certificate false + fi + + # lets see if we are already using dependency based booting or the correct runlevel parameters + if ! ( [ "`find /etc/init.d/ -name '.depend.*'`" ] || [ "$runlevels" = "0K841K842S163S164S165S166K84" ] ); then + db_fset strongswan/runlevel_changes seen false + db_input high strongswan/runlevel_changes || true + db_go + + # if the admin did not change the runlevels which got installed by older packages we can modify them + if [ "$runlevels" = "0K346K34SS41" ] || [ "$runlevels" = "0K301K302S153S154S155S156K30" ] || [ "$runlevels" = "0K191K192S213S214S215S216K19" ]; then + update-rc.d -f ipsec remove + fi + + update-rc.d ipsec defaults 16 84 > /dev/null + fi + + db_get strongswan/enable-oe + if [ "$RET" != "true" ]; then + echo -n "Disabling opportunistic encryption (OE) in config file ... " + if [ -e $CONF_FILE ] && egrep -q "include /etc/ipsec.d/examples/no_oe.conf$" $CONF_FILE; then + # also update to new-style config + sed 's/.*include \/etc\/ipsec.d\/examples\/no_oe.conf/#include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo -n "converted old config line to new format" + fi + if [ -e $CONF_FILE ] && egrep -q "^include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + sed 's/include \/etc\/ipsec.d\/examples\/oe.conf/#include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo "#include /etc/ipsec.d/examples/oe.conf" > $CONF_FILE + else + echo "already disabled" + fi + else + echo -n "Enabling opportunistic encryption (OE) in config file ... " + if [ -e $CONF_FILE ] && egrep -q "include /etc/ipsec.d/examples/no_oe.conf$" $CONF_FILE; then + # also update to new-style config + sed 's/.*include \/etc\/ipsec.d\/examples\/no_oe.conf/include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo -n "converted old config line to new format" + fi + if [ -e $CONF_FILE ] && egrep -q "^include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + echo "already enabled" + elif [ -e $CONF_FILE ] && egrep -q "^#.*include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + sed 's/#.*include \/etc\/ipsec.d\/examples\/oe.conf/include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo "include /etc/ipsec.d/examples/oe.conf" > $CONF_FILE + else + cat <<EOF >> $CONF_FILE +#Enable Opportunistic Encryption +include /etc/ipsec.d/examples/oe.conf +EOF + echo "done" + fi + fi + + # disabled for now, until we can solve the don't-edit-conffiles issue + #db_get strongswan/ikev1 + #if [ "$RET" != "true" ]; then + # enable_daemon_start "pluto" "IKEv1" + #else + # disable_daemon_start "pluto" "IKEv1" + #fi + #db_get strongswan/ikev2 + #if [ "$RET" != "true" ]; then + # enable_daemon_start "charon" "IKEv2" + #else + # disable_daemon_start "charon" "IKEv2" + #fi + + # create user for strongswan to change its uid into + # disabled until this can be kept in sync with build-time uid + #setup_strongswan_user + + if [ -z "$2" ]; then + # no old configured version - start strongswan now + invoke-rc.d ipsec start || true + else + # does the user wish strongswan to restart? + db_get strongswan/restart + if [ "$RET" = "true" ]; then + invoke-rc.d ipsec restart || true # sure, we'll restart it for you + fi + fi + + db_stop + + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + *) + echo "postinst called with unknown argument '$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically + +#DEBHELPER# + +exit 0 diff --git a/debian/strongswan-starter.postrm b/debian/strongswan-starter.postrm new file mode 100644 index 000000000..455687a3c --- /dev/null +++ b/debian/strongswan-starter.postrm @@ -0,0 +1,48 @@ +#! /bin/sh +# postrm script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * <postrm> `remove' +# * <postrm> `purge' +# * <old-postrm> `upgrade' <new-version> +# * <new-postrm> `failed-upgrade' <old-version> +# * <new-postrm> `abort-install' +# * <new-postrm> `abort-install' <old-version> +# * <new-postrm> `abort-upgrade' <old-version> +# * <disappearer's-postrm> `disappear' <r>overwrit>r> <new-version> +# for details, see /usr/share/doc/packaging-manual/ + +case "$1" in + purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + + # update the menu system +# if [ -x /usr/bin/update-menus ]; then update-menus; fi + + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 0 + +esac + +if [ "$1" = "purge" ] ; then + update-rc.d ipsec remove >/dev/null + #if which deluser >/dev/null 2>&1; then + # deluser --quiet strongswan > /dev/null || true + #fi + + rm -rf /etc/ipsec.d/ + rm -rf /var/run/pluto/ +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + + diff --git a/debian/strongswan-starter.prerm b/debian/strongswan-starter.prerm new file mode 100644 index 000000000..c1ba063d6 --- /dev/null +++ b/debian/strongswan-starter.prerm @@ -0,0 +1,40 @@ +#! /bin/sh +# prerm script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * <prerm> `remove' +# * <old-prerm> `upgrade' <new-version> +# * <new-prerm> `failed-upgrade' <old-version> +# * <conflictor's-prerm> `remove' `in-favour' <package> <new-version> +# * <deconfigured's-prerm> `deconfigure' `in-favour' +# <package-being-installed> <version> `removing' +# <conflicting-package> <version> +# for details, see /usr/share/doc/packaging-manual/ + +case "$1" in + upgrade) + ;; + remove|deconfigure) + invoke-rc.d ipsec stop || true +# install-info --quiet --remove /usr/info/strongswan.info.gz + ;; + failed-upgrade) + ;; + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + diff --git a/debian/strongswan-starter.templates b/debian/strongswan-starter.templates new file mode 100644 index 000000000..f36a76388 --- /dev/null +++ b/debian/strongswan-starter.templates @@ -0,0 +1,194 @@ +# These templates have been reviewed by the debian-l10n-english +# team +# +# If modifications/additions/rewording are needed, please ask +# debian-l10n-english@lists.debian.org for advice. +# +# Even minor modifications require translation updates and such +# changes should be coordinated with translators and reviewers. + +Template: strongswan/runlevel_changes +Type: note +_Description: Old runlevel management superseded + Previous versions of the strongSwan package gave a choice between + three different Start/Stop-Levels. Due to changes in the standard system + startup procedure, this is no longer necessary or useful. For all new + installations as well as old ones running in any of the predefined modes, + sane default levels will now be set. If you are upgrading from a previous + version and changed your strongSwan startup parameters, then please take a + look at NEWS.Debian for instructions on how to modify your setup accordingly. + +Template: strongswan/restart +Type: boolean +Default: true +_Description: Restart strongSwan now? + Restarting strongSwan is recommended, since if there is a security fix, it + will not be applied until the daemon restarts. Most people expect the daemon + to restart, so this is generally a good idea. However, this might take down + existing connections and then bring them back up, so if you are using such + a strongSwan tunnel to connect for this update, restarting is not recommended. + +Template: strongswan/ikev1 +Type: boolean +Default: true +_Description: Start strongSwan's IKEv1 daemon? + The pluto daemon must be running to support version 1 of the Internet Key + Exchange protocol. + +Template: strongswan/ikev2 +Type: boolean +Default: true +_Description: Start strongSwan's IKEv2 daemon? + The charon daemon must be running to support version 2 of the Internet Key + Exchange protocol. + +Template: strongswan/install_x509_certificate +Type: boolean +Default: false +_Description: Use an X.509 certificate for this host? + An X.509 certificate for this host can be automatically created or imported. + It can be used to authenticate IPsec connections to other hosts + and is the preferred way of building up secure IPsec connections. The other + possibility would be to use shared secrets (passwords that are the same on + both sides of the tunnel) for authenticating a connection, but for a larger + number of connections, key based authentication is easier to administer and + more secure. + . + Alternatively you can reject this option and later use the command + "dpkg-reconfigure strongswan" to come back. + +Template: strongswan/how_to_get_x509_certificate +Type: select +__Choices: create, import +Default: create +_Description: Methods for using a X.509 certificate to authenticate this host: + It is possible to create a new X.509 certificate with user-defined settings + or to import an existing public and private key stored in PEM file(s) for + authenticating IPsec connections. + . + If you choose to create a new X.509 certificate you will first be asked + a number of questions which must be answered before the creation can start. + Please keep in mind that if you want the public key to get signed by + an existing Certificate Authority you should not select to create a + self-signed certificate and all the answers given must match exactly the + requirements of the CA, otherwise the certificate request may be rejected. + . + If you want to import an existing public and private key you will be + prompted for their filenames (which may be identical if both parts are stored + together in one file). Optionally you may also specify a filename where the + public key(s) of the Certificate Authority are kept, but this file cannot + be the same as the former ones. Please also be aware that the format for the + X.509 certificates has to be PEM and that the private key must not be encrypted + or the import procedure will fail. + +Template: strongswan/existing_x509_certificate_filename +Type: string +_Description: File name of your PEM format X.509 certificate: + Please enter the location of the file containing your X.509 certificate in + PEM format. + +Template: strongswan/existing_x509_key_filename +Type: string +_Description: File name of your PEM format X.509 private key: + Please enter the location of the file containing the private RSA key + matching your X.509 certificate in PEM format. This can be the same file + that contains the X.509 certificate. + +Template: strongswan/existing_x509_rootca_filename +Type: string +_Description: File name of your PEM format X.509 RootCA: + Optionally you can now enter the location of the file containing the X.509 + Certificate Authority root used to sign your certificate in PEM format. If you + do not have one or do not want to use it please leave the field empty. Please + note that it's not possible to store the RootCA in the same file as your X.509 + certificate or private key. + +Template: strongswan/rsa_key_length +Type: string +Default: 2048 +_Description: Please enter which length the created RSA key should have: + Please enter the length of the created RSA key. It should not be less than + 1024 bits because this should be considered unsecure and you will probably + not need anything more than 4096 bits because it only slows the + authentication process down and is not needed at the moment. + +Template: strongswan/x509_self_signed +Type: boolean +Default: true +_Description: Create a self-signed X.509 certificate? + Only self-signed X.509 certificates can be created + automatically, because otherwise a Certificate Authority is needed to sign + the certificate request. If you choose to create a self-signed certificate, + you can use it immediately to connect to other IPsec hosts that support + X.509 certificate for authentication of IPsec connections. However, using + strongSwan's PKI features requires all certificates to be signed by a single + Certificate Authority to create a trust path. + . + If you do not choose to create a self-signed certificate, only the RSA + private key and the certificate request will be created, and you will + have to sign the certificate request with your Certificate Authority. + +Template: strongswan/x509_country_code +Type: string +Default: AT +_Description: Country code for the X.509 certificate request: + Please enter the two-letter code for the country the server resides in + (such as "AT" for Austria). + . + OpenSSL will refuse to generate a certificate unless this is a valid + ISO-3166 country code; an empty field is allowed elsewhere in the X.509 + certificate, but not here. + +Template: strongswan/x509_state_name +Type: string +Default: +_Description: State or province name for the X.509 certificate request: + Please enter the full name of the state or province the server resides in + (such as "Upper Austria"). + +Template: strongswan/x509_locality_name +Type: string +Default: +_Description: Locality name for the X.509 certificate request: + Please enter the locality the server resides in (often a city, such + as "Vienna"). + +Template: strongswan/x509_organization_name +Type: string +Default: +_Description: Organization name for the X.509 certificate request: + Please enter the organization the server belongs to (such as "Debian"). + +Template: strongswan/x509_organizational_unit +Type: string +Default: +_Description: Organizational unit for the X.509 certificate request: + Please enter the organizational unit the server belongs to (such as + "security group"). + +Template: strongswan/x509_common_name +Type: string +Default: +_Description: Common Name for the X.509 certificate request: + Please enter the Common Name for this host (such as + "gateway.example.org"). + +Template: strongswan/x509_email_address +Type: string +Default: +_Description: Email address for the X.509 certificate request: + Please enter the email address of the person or organization + responsible for the X.509 certificate. + +Template: strongswan/enable-oe +Type: boolean +Default: false +_Description: Enable opportunistic encryption? + This version of strongSwan supports opportunistic encryption (OE), which stores + IPSec authentication information in + DNS records. Until this is widely deployed, activating it will + cause a significant delay for every new outgoing connection. + . + You should only enable opportunistic encryption if you are sure you want it. + It may break the Internet connection (default route) as the pluto daemon + starts. diff --git a/debian/strongswan.docs b/debian/strongswan.docs new file mode 100644 index 000000000..297170db8 --- /dev/null +++ b/debian/strongswan.docs @@ -0,0 +1,2 @@ +README +CREDITS diff --git a/debian/svn-deblayout b/debian/svn-deblayout new file mode 100644 index 000000000..51fb3b726 --- /dev/null +++ b/debian/svn-deblayout @@ -0,0 +1,8 @@ +buildArea=/home/rene/amw/src/packages/build-area +origDir=/home/rene/amw/src/packages/tarballs +origUrl=svn+ssh://svn.gibraltar.at/srv/svn/debian-packages/trunk/debian/tarballs +tagsUrl=svn+ssh://svn.gibraltar.at/srv/svn/debian-packages/tags/strongswan +trunkDir=/home/rene/amw/src/packages/strongswan +trunkUrl=svn+ssh://svn.gibraltar.at/srv/svn/debian-packages/trunk/debian/strongswan +upsCurrentUrl=svn+ssh://svn.gibraltar.at/srv/svn/debian-packages/branches/source-dist/debian/strongswan +upsTagUrl=svn+ssh://svn.gibraltar.at/srv/svn/debian-packages/tags/strongswan diff --git a/debian/use-bash1.diff b/debian/use-bash1.diff new file mode 100644 index 000000000..6d0c922df --- /dev/null +++ b/debian/use-bash1.diff @@ -0,0 +1,4 @@ +1c1 +< #! /bin/sh +--- +> #!/bin/bash diff --git a/debian/use-bash2.diff b/debian/use-bash2.diff new file mode 100644 index 000000000..ccee7f27e --- /dev/null +++ b/debian/use-bash2.diff @@ -0,0 +1,4 @@ +1c1 +< #!/bin/sh +--- +> #!/bin/bash diff --git a/debian/watch b/debian/watch new file mode 100644 index 000000000..812049178 --- /dev/null +++ b/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://download.strongswan.org/strongswan-([\d.]+)\.tar\.bz2 |