Mail Archives: cygwin/2001/03/03/12:01:38
------=_NextPart_000_005A_01C0A3D1.296EE640
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
As per a request I not use HTML format, reposting.
----- Original Message -----
From: CyberZombie
To: Cygwin
Sent: Friday, March 02, 2001 7:18 PM
Subject: ssh-host-config change request
Many corporate firewalls don't allow port 22 but do allow other ports
(examples would be 21 and 80). I've gotten tired of having to manually
change my sshd_config and services files every time I reconfig at home...so
I modified ssh-host-config to take an optional port assignment. I have
verified functionality on NT -- will check WindMill tonight.
Corinna -- would you consider adding this to the next release? Thanks...
diff follows and modified ssh-newhost-config is attached:
18a19
> port_number=22
69a71,75
> -p | --port )
> port_number=$1
> shift
> ;;
>
78a85
> echo " --port -p <n> sshd listens on port n."
275c282
< Port 22
---
> Port $port_number
328c335
< # Add port 22/tcp to services
---
> # Add port $port_number/tcp to services
345c352,368
< if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ]
---
> cat > /tmp/sshd_awk.$$ << EOF
> \$1 == "sshd" { next }
> ! finished && \$2 + 0 >= $port_number {
> finished = 1
> if ( \$2 + 0 == $port_number ) {
> # Problem -- non-sshd port assignment already exists.
> } else {
> print "sshd $port_number/tcp
#SSH daemon\r"
> }
> }
> { print \$0 }
> EOF
>
> awk -f /tmp/sshd_awk.$$ < "${_services}" > "${_serv_tmp}"
> rm -f /tmp/sshd_awk.$$
>
> if [ -f "${_serv_tmp}" ]
347,348c370
< awk '{ if ( $2 ~ /^23\/tcp/ ) print "sshd 22/tcp
#SSH daemon\r"; print $0; }' < "${_services}" > "${_serv_tmp}"
< if [ -f "${_serv_tmp}" ]
---
> if [ `egrep -q '^sshd[ \t]' "${_serv_tmp}"; echo $?` -ne 0 ]
349a372,373
> echo "Unable to add sshd to ${_services} as port $port_number already
in use"
> else
357,358d380
< else
< echo "Adding sshd to ${_services} failed\!"
359a382,383
> else
> echo "Adding sshd to ${_services} failed\!"
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple
------=_NextPart_000_005A_01C0A3D1.296EE640
Content-Type: application/octet-stream;
name="ssh-newhost-config.dat"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
filename="ssh-newhost-config.dat"
#!/bin/sh=0A=
#=0A=
# ssh-host-config, Copyright 2000, Red Hat Inc.=0A=
#=0A=
# This file is part of the Cygwin port of OpenSSH.=0A=
=0A=
# Subdirectory where the new package is being installed=0A=
PREFIX=3D/usr=0A=
=0A=
# Directory where the config files are stored=0A=
SYSCONFDIR=3D/etc=0A=
=0A=
# Subdirectory where an old package might be installed=0A=
OLDPREFIX=3D/usr/local=0A=
OLDSYSCONFDIR=3D${OLDPREFIX}/etc=0A=
=0A=
progname=3D$0=0A=
auto_answer=3D""=0A=
port_number=3D22=0A=
=0A=
request()=0A=
{=0A=
if [ "${auto_answer}" =3D "yes" ]=0A=
then=0A=
return 0=0A=
elif [ "${auto_answer}" =3D "no" ]=0A=
then=0A=
return 1=0A=
fi=0A=
=0A=
answer=3D""=0A=
while [ "X${answer}" !=3D "Xyes" -a "X${answer}" !=3D "Xno" ]=0A=
do=0A=
echo -n "$1 (yes/no) "=0A=
read answer=0A=
done=0A=
if [ "X${answer}" =3D "Xyes" ]=0A=
then=0A=
return 0=0A=
else=0A=
return 1=0A=
fi=0A=
}=0A=
=0A=
# Check options=0A=
=0A=
while :=0A=
do=0A=
case $# in=0A=
0)=0A=
break=0A=
;;=0A=
esac=0A=
=0A=
option=3D$1=0A=
shift=0A=
=0A=
case "$option" in=0A=
-d | --debug )=0A=
set -x=0A=
;;=0A=
=0A=
-y | --yes )=0A=
auto_answer=3Dyes=0A=
;;=0A=
=0A=
-n | --no )=0A=
auto_answer=3Dno=0A=
;;=0A=
=0A=
-p | --port )=0A=
port_number=3D$1=0A=
shift=0A=
;;=0A=
=0A=
*)=0A=
echo "usage: ${progname} [OPTION]..."=0A=
echo=0A=
echo "This script creates an OpenSSH host configuration."=0A=
echo=0A=
echo "Options:"=0A=
echo " --debug -d Enable shell's debug output."=0A=
echo " --yes -y Answer all questions with \"yes\" =
automatically."=0A=
echo " --no -n Answer all questions with \"no\" =
automatically."=0A=
echo " --port -p <n> sshd listens on port n."=0A=
echo=0A=
exit 1=0A=
;;=0A=
=0A=
esac=0A=
done=0A=
=0A=
# Check for running ssh/sshd processes first. Refuse to do anything while=0A=
# some ssh processes are still running=0A=
=0A=
if ps -ef | grep -v grep | grep -q ssh=0A=
then=0A=
echo=0A=
echo "There are still ssh processes running. Please shut them down =
first."=0A=
echo=0A=
exit 1=0A=
fi=0A=
=0A=
# Check for ${SYSCONFDIR} directory=0A=
=0A=
if [ -e "${SYSCONFDIR}" -a ! -d "${SYSCONFDIR}" ]=0A=
then=0A=
echo=0A=
echo "${SYSCONFDIR} is existant but not a directory."=0A=
echo "Cannot create global configuration files."=0A=
echo=0A=
exit 1=0A=
fi=0A=
=0A=
# Create it if necessary=0A=
=0A=
if [ ! -e "${SYSCONFDIR}" ]=0A=
then=0A=
mkdir "${SYSCONFDIR}"=0A=
if [ ! -e "${SYSCONFDIR}" ]=0A=
then=0A=
echo=0A=
echo "Creating ${SYSCONFDIR} directory failed"=0A=
echo=0A=
exit 1=0A=
fi=0A=
fi=0A=
=0A=
# Check for an old installation in ${OLDPREFIX} unless ${OLDPREFIX} isn't=0A=
# the same as ${PREFIX}=0A=
=0A=
old_install=3D0=0A=
if [ "${OLDPREFIX}" !=3D "${PREFIX}" ]=0A=
then=0A=
if [ -f "${OLDPREFIX}/sbin/sshd" ]=0A=
then=0A=
echo=0A=
echo "You seem to have an older installation in ${OLDPREFIX}."=0A=
echo=0A=
# Check if old global configuration files exist=0A=
if [ -f "${OLDSYSCONFDIR}/ssh_host_key" ]=0A=
then=0A=
if request "Do you want to copy your config files to your new =
installation?"=0A=
then=0A=
cp -f ${OLDSYSCONFDIR}/ssh_host_key ${SYSCONFDIR}=0A=
cp -f ${OLDSYSCONFDIR}/ssh_host_key.pub ${SYSCONFDIR}=0A=
cp -f ${OLDSYSCONFDIR}/ssh_host_dsa_key ${SYSCONFDIR}=0A=
cp -f ${OLDSYSCONFDIR}/ssh_host_dsa_key.pub ${SYSCONFDIR}=0A=
cp -f ${OLDSYSCONFDIR}/ssh_config ${SYSCONFDIR}=0A=
cp -f ${OLDSYSCONFDIR}/sshd_config ${SYSCONFDIR}=0A=
fi=0A=
fi=0A=
if request "Do you want to erase your old installation?"=0A=
then=0A=
rm -f ${OLDPREFIX}/bin/ssh.exe=0A=
rm -f ${OLDPREFIX}/bin/ssh-config=0A=
rm -f ${OLDPREFIX}/bin/scp.exe=0A=
rm -f ${OLDPREFIX}/bin/ssh-add.exe=0A=
rm -f ${OLDPREFIX}/bin/ssh-agent.exe=0A=
rm -f ${OLDPREFIX}/bin/ssh-keygen.exe=0A=
rm -f ${OLDPREFIX}/bin/slogin=0A=
rm -f ${OLDSYSCONFDIR}/ssh_host_key=0A=
rm -f ${OLDSYSCONFDIR}/ssh_host_key.pub=0A=
rm -f ${OLDSYSCONFDIR}/ssh_host_dsa_key=0A=
rm -f ${OLDSYSCONFDIR}/ssh_host_dsa_key.pub=0A=
rm -f ${OLDSYSCONFDIR}/ssh_config=0A=
rm -f ${OLDSYSCONFDIR}/sshd_config=0A=
rm -f ${OLDPREFIX}/man/man1/ssh.1=0A=
rm -f ${OLDPREFIX}/man/man1/scp.1=0A=
rm -f ${OLDPREFIX}/man/man1/ssh-add.1=0A=
rm -f ${OLDPREFIX}/man/man1/ssh-agent.1=0A=
rm -f ${OLDPREFIX}/man/man1/ssh-keygen.1=0A=
rm -f ${OLDPREFIX}/man/man1/slogin.1=0A=
rm -f ${OLDPREFIX}/man/man8/sshd.8=0A=
rm -f ${OLDPREFIX}/sbin/sshd.exe=0A=
rm -f ${OLDPREFIX}/sbin/sftp-server.exe=0A=
fi=0A=
old_install=3D1=0A=
fi=0A=
fi=0A=
=0A=
# First generate host keys if not already existing=0A=
=0A=
if [ ! -f "${SYSCONFDIR}/ssh_host_key" ]=0A=
then=0A=
echo "Generating ${SYSCONFDIR}/ssh_host_key"=0A=
ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null=0A=
fi=0A=
=0A=
if [ ! -f "${SYSCONFDIR}/ssh_host_rsa_key" ]=0A=
then=0A=
echo "Generating ${SYSCONFDIR}/ssh_host_rsa_key"=0A=
ssh-keygen -t rsa -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' > /dev/null=0A=
fi=0A=
=0A=
if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ]=0A=
then=0A=
echo "Generating ${SYSCONFDIR}/ssh_host_dsa_key"=0A=
ssh-keygen -t dsa -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' > /dev/null=0A=
fi=0A=
=0A=
# Check if ssh_config exists. If yes, ask for overwriting=0A=
=0A=
if [ -f "${SYSCONFDIR}/ssh_config" ]=0A=
then=0A=
if request "Overwrite existing ${SYSCONFDIR}/ssh_config file?"=0A=
then=0A=
rm -f "${SYSCONFDIR}/ssh_config"=0A=
if [ -f "${SYSCONFDIR}/ssh_config" ]=0A=
then=0A=
echo "Can't overwrite. ${SYSCONFDIR}/ssh_config is write =
protected."=0A=
fi=0A=
fi=0A=
fi=0A=
=0A=
# Create default ssh_config from here script=0A=
=0A=
if [ ! -f "${SYSCONFDIR}/ssh_config" ]=0A=
then=0A=
echo "Generating ${SYSCONFDIR}/ssh_config file"=0A=
cat > ${SYSCONFDIR}/ssh_config << EOF=0A=
# This is ssh client systemwide configuration file. See ssh(1) for more=0A=
# information. This file provides defaults for users, and the values can=0A=
# be changed in per-user configuration files or on the command line.=0A=
=0A=
# Configuration data is parsed as follows:=0A=
# 1. command line options=0A=
# 2. user-specific file=0A=
# 3. system-wide file=0A=
# Any configuration value is only changed the first time it is set.=0A=
# Thus, host-specific definitions should be at the beginning of the=0A=
# configuration file, and defaults at the end.=0A=
=0A=
# Site-wide defaults for various options=0A=
=0A=
# Host *=0A=
# ForwardAgent no=0A=
# ForwardX11 no=0A=
# RhostsAuthentication no=0A=
# RhostsRSAAuthentication yes=0A=
# RSAAuthentication yes=0A=
# PasswordAuthentication yes=0A=
# FallBackToRsh no=0A=
# UseRsh no=0A=
# BatchMode no=0A=
# CheckHostIP yes=0A=
# StrictHostKeyChecking yes=0A=
# Port 22=0A=
# Protocol 1,2=0A=
# Cipher blowfish=0A=
# EscapeChar ~=0A=
=0A=
IdentityFile ~/.ssh/identity=0A=
IdentityFile ~/.ssh/id_rsa=0A=
IdentityFile ~/.ssh/id_dsa=0A=
EOF=0A=
fi=0A=
=0A=
# Check if sshd_config exists. If yes, ask for overwriting=0A=
=0A=
if [ -f "${SYSCONFDIR}/sshd_config" ]=0A=
then=0A=
if request "Overwrite existing ${SYSCONFDIR}/sshd_config file?"=0A=
then=0A=
rm -f "${SYSCONFDIR}/sshd_config"=0A=
if [ -f "${SYSCONFDIR}/sshd_config" ]=0A=
then=0A=
echo "Can't overwrite. ${SYSCONFDIR}/sshd_config is write =
protected."=0A=
fi=0A=
fi=0A=
fi=0A=
=0A=
# Create default sshd_config from here script=0A=
=0A=
if [ ! -f "${SYSCONFDIR}/sshd_config" ]=0A=
then=0A=
echo "Generating ${SYSCONFDIR}/sshd_config file"=0A=
cat > ${SYSCONFDIR}/sshd_config << EOF=0A=
# This is the sshd server system-wide configuration file. See sshd(8)=0A=
# for more information.=0A=
=0A=
Port $port_number=0A=
#Protocol 2,1=0A=
#ListenAddress 0.0.0.0=0A=
#ListenAddress ::=0A=
#=0A=
# Uncomment the following lines according to the used authentication=0A=
HostKey /etc/ssh_host_key=0A=
HostKey /etc/ssh_host_rsa_key=0A=
HostKey /etc/ssh_host_dsa_key=0A=
#=0A=
ServerKeyBits 768=0A=
LoginGraceTime 600=0A=
KeyRegenerationInterval 3600=0A=
PermitRootLogin yes=0A=
#=0A=
# Don't read ~/.rhosts and ~/.shosts files=0A=
IgnoreRhosts yes=0A=
# Uncomment if you don't trust ~/.ssh/known_hosts for =
RhostsRSAAuthentication=0A=
#IgnoreUserKnownHosts yes=0A=
StrictModes yes=0A=
X11Forwarding no=0A=
X11DisplayOffset 10=0A=
PrintMotd yes=0A=
KeepAlive yes=0A=
=0A=
# Logging=0A=
SyslogFacility AUTH=0A=
LogLevel INFO=0A=
#obsoletes QuietMode and FascistLogging=0A=
=0A=
RhostsAuthentication no=0A=
#=0A=
# For this to work you will also need host keys in /etc/ssh_known_hosts=0A=
RhostsRSAAuthentication no=0A=
=0A=
# To install for logon to different user accounts change to "no" here=0A=
RSAAuthentication yes=0A=
=0A=
# To disable tunneled clear text passwords, change to no here!=0A=
PasswordAuthentication yes=0A=
PermitEmptyPasswords no=0A=
=0A=
#CheckMail yes=0A=
#UseLogin no=0A=
=0A=
#MaxStartups 10:30:60=0A=
#Banner /etc/issue.net=0A=
#ReverseMappingCheck yes=0A=
=0A=
Subsystem sftp /usr/sbin/sftp-server=0A=
EOF=0A=
fi=0A=
=0A=
# Add port $port_number/tcp to services=0A=
_sys=3D"`uname -a`"=0A=
_nt=3D`expr "$_sys" : "CYGWIN_NT"`=0A=
if [ $_nt -gt 0 ]=0A=
then=0A=
_wservices=3D"${SYSTEMROOT}\\system32\\drivers\\etc\\services"=0A=
_wserv_tmp=3D"${SYSTEMROOT}\\system32\\drivers\\etc\\srv.out.$$"=0A=
else=0A=
_wservices=3D"${WINDIR}\\SERVICES"=0A=
_wserv_tmp=3D"${WINDIR}\\SERV.$$"=0A=
fi=0A=
_services=3D`cygpath -u "${_wservices}"`=0A=
_serv_tmp=3D`cygpath -u "${_wserv_tmp}"`=0A=
=0A=
mount -b -f "${_wservices}" "${_services}"=0A=
mount -b -f "${_wserv_tmp}" "${_serv_tmp}"=0A=
=0A=
cat > /tmp/sshd_awk.$$ << EOF=0A=
\$1 =3D=3D "sshd" { next }=0A=
! finished && \$2 + 0 >=3D $port_number {=0A=
finished =3D 1=0A=
if ( \$2 + 0 =3D=3D $port_number ) {=0A=
# Problem -- non-sshd port assignment already exists.=0A=
} else {=0A=
print "sshd $port_number/tcp =
#SSH daemon\r"=0A=
}=0A=
}=0A=
{ print \$0 }=0A=
EOF=0A=
=0A=
awk -f /tmp/sshd_awk.$$ < "${_services}" > "${_serv_tmp}"=0A=
rm -f /tmp/sshd_awk.$$=0A=
=0A=
if [ -f "${_serv_tmp}" ]=0A=
then=0A=
if [ `egrep -q '^sshd[ \t]' "${_serv_tmp}"; echo $?` -ne 0 ]=0A=
then=0A=
echo "Unable to add sshd to ${_services} as port $port_number =
already in use"=0A=
else=0A=
if mv "${_serv_tmp}" "${_services}"=0A=
then=0A=
echo "Added sshd to ${_services}"=0A=
else=0A=
echo "Adding sshd to ${_services} failed\!"=0A=
fi=0A=
rm -f "${_serv_tmp}"=0A=
fi=0A=
else=0A=
echo "Adding sshd to ${_services} failed\!"=0A=
fi=0A=
=0A=
umount "${_services}"=0A=
umount "${_serv_tmp}"=0A=
=0A=
# Add sshd line to inetd.conf=0A=
if [ -f /etc/inetd.conf ]=0A=
then=0A=
grep -q "^[# \t]*sshd" /etc/inetd.conf || echo "# sshd stream tcp =
nowait root /usr/sbin/sshd -i" >> /etc/inetd.conf=0A=
fi=0A=
=0A=
if [ "${old_install}" =3D "1" ]=0A=
then=0A=
echo=0A=
echo "Note: If you have used sshd as service or from inetd, don't =
forget to"=0A=
echo " change the path to sshd.exe in the service entry or in =
inetd.conf."=0A=
fi=0A=
=0A=
echo=0A=
echo "Host configuration finished. Have fun!"=0A=
------=_NextPart_000_005A_01C0A3D1.296EE640
Content-Type: text/plain; charset=us-ascii
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple
------=_NextPart_000_005A_01C0A3D1.296EE640--
- Raw text -