delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2005/07/17/23:05:35

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Reply-To: Cygwin List <cygwin AT cygwin DOT com>
Message-Id: <6.2.1.2.0.20050717223532.05671008@pop.prospeed.net>
Date: Sun, 17 Jul 2005 23:04:47 -0400
To: Eli Barzilay <eli AT barzilay DOT org>, Cygwin List <cygwin AT cygwin DOT com>
From: Larry Hall <lh-no-personal-replies-please AT cygwin DOT com>
Subject: Re: ssh problems
In-Reply-To: <17114.65208.516047.93257@tulare.cs.cornell.edu>
References: <17099 DOT 10669 DOT 464228 DOT 125667 AT tulare DOT cs DOT cornell DOT edu> <6 DOT 2 DOT 1 DOT 2 DOT 0 DOT 20050705221013 DOT 08cdd6b0 AT pop DOT prospeed DOT net> <17099 DOT 18679 DOT 819770 DOT 637448 AT tulare DOT cs DOT cornell DOT edu> <200507091454 DOT 38902 DOT lhall AT rfk DOT com> <17105 DOT 47620 DOT 419723 DOT 654228 AT tulare DOT cs DOT cornell DOT edu> <6 DOT 2 DOT 1 DOT 2 DOT 0 DOT 20050710223821 DOT 03cd7140 AT 127 DOT 0 DOT 0 DOT 1> <17106 DOT 15844 DOT 889622 DOT 893399 AT tulare DOT cs DOT cornell DOT edu> <Pine DOT GSO DOT 4 DOT 61 DOT 0507110927320 DOT 6749 AT slinky DOT cs DOT nyu DOT edu> <Pine DOT GSO DOT 4 DOT 61 DOT 0507102317520 DOT 9496 AT slinky DOT cs DOT nyu DOT edu> <17114 DOT 65208 DOT 516047 DOT 93257 AT tulare DOT cs DOT cornell DOT edu>
Mime-Version: 1.0 

At 08:58 PM 7/17/2005, Eli wrote:
>On Jul 10, Larry Hall wrote:
>> [...]
>> Then there's always running sshd as the user you want to run the
>> builds.  This should eliminate any authentication problems but it
>> does limit the usefulness of sshd since it's now affectively a
>> one-person service, though you could certainly run two sshds, with
>> this "special" sshd running on a different port.
>
>When I try that (after shutting down the existing sshd with cygrunsrv
>-E) I get errors when trying to access private key files in /etc.  How
>do I make them accessible to my user?  Maybe there is some simple way
>to make it so that sshd always runs as me instead of the system thing?
>I don't mind making it a one person service since this is used only by
>my script for our nighly builds (and at this point I'll go with
>anything that works...).


OK.  So try this:

cygrunsrv --stop sshd
cygrunsrv --remove sshd
cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -u eli -w "<your password>" -e "CYGWIN=tty notraverse"

<your password> is the password you use for user 'eli'.  Setting "notraverse"
should not be necessary, since you're running Cygwin 1.5.18 and traverse 
checking has been disabled by default (notraverse) since 1.5.15.  I've 
included it's usage above so you understand how to set it (or any other 
option) for the service if that's what you want.  There's certainly no harm 
in setting a switch to it's default.  You could include ntsec as well, as 
you used to, although it too is now the default.

You'll need to change some permissions.  Try this:

chown eli /etc/ssh*
chown eli /var/log/sshd.log

Then start the service:

cygrunsrv --start sshd

With any luck, that will run.  Note - I haven't tried this myself but it
should be a pretty complete guide.  You'll be the final judge (and test)
though. ;-)


>> But I think it's fair to say that the detailed information you've
>> provided so far on this issue is quite limited.  If you're looking
>> for more help, I think it makes sense to point you to the problem
>> reporting guidelines at:
>> 
>> <http://cygwin.com/problems.html>
>> 
>> Please read these guidelines thoroughly and provide the requested
>> information in any follow-up you make to the list on this issue.
>> Beyond the configuration information requested, the most helpful
>> feedback you could give is a simple example that shows this problem.
>> It's possible that in the preparation of such an example, you
>> actually find the problem yourself.  But, if not, that will provide
>> others with a basis for reproducing and debugging the problem.
>
>cygcheck's output is below as specified on the web page.  


Actually, the strong preference is that you *attach* this information,
not append it.


>This is from
>an ssh session, which shows something weird -- I set the environment
>variable to include "notraverse" in CYGWIN (as suggested by Igor), and
>I do see it when running a bash shell on the machine (via VNC), but
>not through ssh.  I can't really specify an easy way to reproduce the
>problem, since it involves installing DevStudio (7.1, FWIW), and
>trying to invoke it through a public-key based ssh session.


You are apparently setting CYGWIN in your local user environment.  You'd want
to set in it you system environment or use the method I showed above to set
it for just this service.


>On Jul 10, Igor Pechtchanski wrote:
>> [...]
>> Another WAG.
>
>(What is a WAG??)


<http://cygwin.com/acronyms/#WAG>


<snip>

>> Another thing to try is to get a system-owned shell and run
>> DevStudio from it -- I'd guess you'll get the same errors.  That may
>> be problematic to do via VNC, though.
>
>How do I start such a shell?  


Google for "system-owned shell cygwin".  One of the hits is this:

<http://www.cygwin.com/ml/cygwin/2003-09/msg01852.html>



--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746                     


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019