delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2003/05/10/09:55:43

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <20030510135534.10318.qmail@web40405.mail.yahoo.com>
Date: Sat, 10 May 2003 15:55:34 +0200 (CEST)
From: =?iso-8859-1?q?richard=20dje?= <djensam AT yahoo DOT com>
Subject: HELP: sshd/multi-user how-to
To: cygwin AT cygwin DOT com
MIME-Version: 1.0 

Hi,


I'm trying to setup a cvs server on cygwin over ssh.

I have cygwin v1.3.22.1 installed on a win2k box.
I also installed the latest version of openSSH, and all related packages.

I also learned that one need to create a windows account for each user
willing to connect to the server.

In order to do some testing i just created 2 accounts on the windows
machine,say USER1 and USER2.

To enable connections through ssh one need to correctly setup 'sshd'. For that
USER1 ran 'ssh-host-config', since /etc/ssh_host_* files must be
read/write-able by only one account. Normally that user should have been
'root'. Browsing the web, i saw that it was not that simple
on cygwin (Please correct me if i am wrong).

Files
/etc/ssh_host_key,
/etc/ssh_host_rsa_key,
/etc/ssh_host_dsa_key

should not be group and world-accessible.

I then launched the following two commands
$ mkpasswd -l > /etc/passwd
$ mkgroup -l > /etc/group

Their content looks OK.

I then gathered USER1 and USER2 ssh2-rsa publickeys and put them in
their respective $HOME/.ssh/authorized_keys2 (on the server machine).

The windows machine was then booted on USER1 account in order to be able
to start 'sshd' by means of '/etc/rc.d/init.d/sshd start'

Connecting remotely to USER1 account by the following command worked just fine
$ ssh -v USER1 AT server_ip_address

But trying to do the same for USER2 by using
$ ssh -v USER2 AT ser_ip_address
just failed, since i am asked to provide a password.
The above command output showed me that the ssh2-rsa publickey auth just
failed.


QUESTION:
- Is the above configuration feasible ?
  assuming USER1 is a poweruser,
  USER2, USER3, ..., USERN are simple user.
  
- Does cygwin/cvs works fine in server mode using 'ext' protocol (ssh) ?
- Security-wise is (cygwin/cvs server / ssh) a good choice ?


Thank You In Advance for your feedback and or help. :-)
regards,
-Richard


___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019