delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2002/11/28/10:56:28

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
To: cygwin AT cygwin DOT com
X-Injected-Via-Gmane: http://gmane.org/
Path: not-for-mail
From: Marc Girod <girod AT shire DOT ntc DOT nokia DOT com>
Subject: Re: sshd installation on NT 5.0
Date: 28 Nov 2002 17:40:26 +0200
Organization: Nokia Network
Lines: 74
Message-ID: <1yadjt4s9h.fsf@farin.ntc.nokia.com>
References: <3500515B75D9D311948800508BA37955950978 AT EX-LONDON> <1yk7izzcc0 DOT fsf AT farin DOT ntc DOT nokia DOT com> <1ybs4bz95c DOT fsf AT farin DOT ntc DOT nokia DOT com> <20021127100943 DOT G1398 AT cygbert DOT vinschen DOT de> <1y7kezz5qi DOT fsf AT farin DOT ntc DOT nokia DOT com> <1y3cpnz4l0 DOT fsf AT farin DOT ntc DOT nokia DOT com> <1yy97fxozs DOT fsf AT farin DOT ntc DOT nokia DOT com> <20021127121512 DOT J1398 AT cygbert DOT vinschen DOT de> <1yu1i3xlem DOT fsf AT farin DOT ntc DOT nokia DOT com> <20021127164842 DOT M1398 AT cygbert DOT vinschen DOT de>
NNTP-Posting-Host: esnat01x.nokia.com
Mime-Version: 1.0
X-Trace: main.gmane.org 1038497895 28878 192.100.124.27 (28 Nov 2002 15:38:15 GMT)
X-Complaints-To: usenet AT main DOT gmane DOT org
NNTP-Posting-Date: Thu, 28 Nov 2002 15:38:15 +0000 (UTC)
Mail-Copies-To: never
User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.5 

>>>>> "CV" == Corinna Vinschen <corinna-cygwin AT cygwin DOT com> writes:

CV> Things to check:

CV> - /usr/sbin/sshd.exe, /bin/cygwin1.dll, /bin/cygcrypto.dll, /bin/cygz.dll 
CV>   executable for everyone?

$ ls -l /usr/sbin/sshd.exe /bin/cygwin1.dll /bin/cygcrypto.dll /bin/cygz.dll
-rwxrwxrwx    1 Administ None       657920 Nov  9 11:58 /bin/cygcrypto.dll
-rwxrwxrwx    1 Administ None       940360 Nov 23 05:20 /bin/cygwin1.dll
-rwxrwxrwx    1 Administ None        50688 Mar 12  2002 /bin/cygz.dll
-rwxrwxrwx    1 Administ None       305664 Nov  9 11:20 /usr/sbin/sshd.exe

A bit liberal, maybe... Usually -r-xr-xr-x should be enough? (Also below)

CV> - /etc readable for everyone but only writable by the owner?

$ ls -ld /etc
drwxrwxrwx    6 Administ None         4096 Nov 28 14:11 /etc

CV> - /etc/passwd, /etc/group readable for everyone?

$ ls -l /etc/passwd /etc/group
-rwxrwxrwx    1 Administ None          468 Nov 26 17:12 /etc/group
-rwxrwxrwx    1 Administ None         2904 Nov 26 17:20 /etc/passwd

CV> - /etc/passwd and /etc/group contain uid/gid 18 entry for SYSTEM, both
CV>   with SID in either pw_gecos or gr_passwd field?

$ grep -E '\<18\>' /etc/passwd /etc/group
/etc/passwd:SYSTEM:*:18:544:,S-1-5-18::
/etc/group:SYSTEM:S-1-5-18:18:8:

Not sure about the positions...

CV> - /etc/passwd contains sshd entry?

$ grep -E '\<sshd\>' /etc/passwd
sshd:unused_by_nt/2000/xp:1021:513:sshd privsep,U-HEITSB03LAB\sshd,S-1-5-21-1935655697-1409082233-1801674531-1021:/var/empty:/bin/false

CV> - /etc/ssh* owned by SYSTEM?

$ ls -l /etc/ssh*
-rw-rw-rw-    1 NOSP_Adm None         1049 Nov 27 12:42 /etc/ssh_config
-rw-------    1 NOSP_Adm None          668 Nov 27 12:42 /etc/ssh_host_dsa_key
-rw-r--r--    1 NOSP_Adm None          612 Nov 27 12:42 /etc/ssh_host_dsa_key.pub
-rw-------    1 NOSP_Adm None          537 Nov 27 12:42 /etc/ssh_host_key
-rw-r--r--    1 NOSP_Adm None          341 Nov 27 12:42 /etc/ssh_host_key.pub
-rw-------    1 NOSP_Adm None          887 Nov 27 12:42 /etc/ssh_host_rsa_key
-rw-r--r--    1 NOSP_Adm None          232 Nov 27 12:42 /etc/ssh_host_rsa_key.pub
-rw-rw-rw-    1 NOSP_Adm None         2142 Nov 27 12:42 /etc/sshd_config

Changed to SYSTEM:SYSTEM

CV> - /etc/ssh*key files only writable by owner SYSTEM?

$ ls -l /etc/ssh*key
-rw-------    1 SYSTEM   SYSTEM        668 Nov 27 12:42 /etc/ssh_host_dsa_key
-rw-------    1 SYSTEM   SYSTEM        537 Nov 27 12:42 /etc/ssh_host_key
-rw-------    1 SYSTEM   SYSTEM        887 Nov 27 12:42 /etc/ssh_host_rsa_key

CV> - /var/empty owned by SYSTEM?
CV> - /var/empty permissions only writable by owner SYSTEM?

$ ls -ld /var/empty
drwxr-xr-x    2 SYSTEM   SYSTEM          0 Nov 26 17:19 /var/empty

And yes, it started...
Thank You very much!

-- 
Marc Girod        P.O. Box 323        Voice:  +358-71 80 25581
Nokia NBI         00045 NOKIA Group   Mobile: +358-50 38 78415
Takomo 1 / 4c27   Finland             Fax:    +358-71 80 61604



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019