delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2002/10/24/05:25:30

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <CCD084B0E779D411A70300508B66222605A32B63@exchukahis02.experian.co.uk>
From: "Morrison, John" <John DOT Morrison AT uk DOT experian DOT com>
To: cygwin AT cygwin DOT com
Cc: cygwin-apps AT cygwin DOT com
Subject: RE: ssh patches to fix installation issues
Date: Thu, 24 Oct 2002 10:32:04 +0100
MIME-Version: 1.0

The default umask has been changed, but the new /etc/profile
won't have overwrote your old one.

J.

> From: Ross Smith II [mailto:ross AT smithii DOT com]
> 
> Attached are three small patches to the following files:
> 
> /bin/ssh-host-config
> /bin/ssh-user-config
> /usr/doc/Cygwin/openssh-3.4p1-5.README
> 
> to fix some installation issues and better explain using sshd 
> in Windows.
> 
> The ssh-user-config changes are due to the fact that the 
> default cygwin
> umask is 000. Maybe a .bash_profile could be created 
> containing umask 022
> when the user's home directory is first created.  Just a thought.
> 
> This is the culmination of 6 hours of list perusing, and hair 
> pulling, so
> it's definitely "field tested".
> 
> Hope this helps,
> 
> Ross Smith
> 
> --- ssh-host-config.orig	2002-07-07 03:07:12.000000000 -0700
> +++ ssh-host-config	2002-10-23 16:11:12.000000000 -0700
> @@ -164,6 +164,7 @@
>    if [ $_nt -gt 0 ]
>    then
>      chown system.system /var/empty
> +    chmod 755 /var/empty
>    fi
>  fi
> 
> --- ssh-user-config.orig	2002-06-21 13:32:33.000000000 -0700
> +++ ssh-user-config	2002-10-23 16:15:24.000000000 -0700
> @@ -123,6 +123,8 @@
>    fi
>  fi
> 
> +chown `whoami` ${pwdhome}
> +
>  if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
>  then
>    echo "${pwdhome}/.ssh is existant but not a directory. 
> Cannot create user
> identity files."
> @@ -139,6 +141,8 @@
>    fi
>  fi
> 
> +chmod 755 ${pwdhome}/.ssh
> +
>  if [ ! -f "${pwdhome}/.ssh/identity" ]
>  then
>    if request "Shall I create an SSH1 RSA identity file for you?"
> @@ -196,5 +200,8 @@
>    fi
>  fi
> 
> +chmod 600 ${pwdhome}/.ssh/*
> +chmod 644 ${pwdhome}/.ssh/*.pub ${pwdhome}/.ssh/authorized_keys?
> +
>  echo
>  echo "Configuration finished. Have fun!"
> 
> --- openssh-3.4p1-5.README.orig	2002-10-23 
> 15:20:39.000000000 -0700
> +++ openssh-3.4p1-5.README	2002-10-23 16:23:03.000000000 -0700
> @@ -123,12 +123,53 @@
> 
>  - If you want to authenticate via RSA and you want to login to that
>    machine to exactly one user account you can do so by running sshd
> -  under that user account. You must change /etc/sshd_config
> -  to contain the following:
> +  under that user account.
> +
> +  * Change /etc/sshd_config to contain
> 
>    RSAAuthentication yes
> 
> -  Moreover it's possible to use rhosts and/or rhosts with
> +  * Make sure you have executed the following:
> +
> +    $ ssh-host-config
> +    $ ssh-user-config
> +
> +  * Due to the fact that cygwin's default umask is 0000, you 
> will need
> +    to execute the following (substituting your user name 
> for USERNAME):
> +
> +	chown USERNAME ~
> +	chmod 755 ~ ~/.ssh
> +	chmod 600 ~/.ssh/*
> +	chmod 644 ~/.ssh/*.pub ~/.ssh/authorized_keys?
> +
> +  * Reinstall the ssh daemon to run as the user. Execute the 
> following
> +    (substituting your user name for USERNAME, and your password for
> PASSWORD):
> +
> +	chmod 666 /var/log/sshd.log /var/empty
> +	rm -fr /var/log/sshd.log /var/empty
> +	touch /var/log/sshd.log
> +	chmod 644 /var/log/sshd.log
> +	chmod 755 /var/empty
> +	chown USERNAME.None /var/empty /etc/ssh_host_* /var/log/sshd.log
> +	cygrunsrv --stop sshd
> +	cygrunsrv --remove sshd
> +	cygrunsrv --install sshd -e "CYGWIN=glob ntsec binmode" \
> +	   -u USERNAME \
> +	   -w "PASSWORD" \
> +	   -d "sshd" \
> +	   -p /usr/sbin/sshd.exe \
> +	   -1 /var/log/sshd.log \
> +	   -2 /var/log/sshd.log \
> +	   -a "-e -D"
> +	cygrunsrv --start sshd
> +
> +  * NOTE: The user will not be able to login using their 
> Windows password.
> +    They will only be able to login using RSA authentication.
> +
> +    Therefore, you will need to copy your identity.pub and id_??a.pub
> +    files into authorized_keys, and authorized_keys2, respectfully.
> +
> +  Moreover, it's possible to use rhosts and/or rhosts with
>    RSA authentication by setting the following in sshd_config:
> 
>    RhostsAuthentication yes
> 


=======================================================================
Information in this email and any attachments are confidential, and may
not be copied or used by anyone other than the addressee, nor disclosed
to any third party without our permission.  There is no intention to
create any legally binding contract or other commitment through the use
of this email.

Experian Limited (registration number 653331).  
Registered office: Talbot House, Talbot Street, Nottingham NG1 5HF

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019