Mail Archives: cygwin/2005/10/19/15:08:18
Top-posting reformatted.
>>Marc Jourdeuil wrote:
>>
>>>I am trying to setup sshd on cygwin, so ssh works.....
>>>
>>>i followed all instructions from:
>>>http://pigtail.net/LRP/printsrv/cygwin-sshd.html
>>>
>>>the important ones being to set
>>>
>>>variable name is CYGWIN
>>>variable value is ntsec tty
>>>
>>>as an env variable in windows, and
>>>
>>>to append ;c:\cygwin\bin to the win2k Path var.
>>>
>>>ssh -vvv localhost
>>>p4-3000:marcj:{/home/marcj}198 % ssh -vvv localhost
>>>OpenSSH_3.9p1, OpenSSL 0.9.7e 25 Oct 2004
>>>debug1: Reading configuration data /etc/ssh_config
>>>debug2: ssh_connect: needpriv 0
>>>debug1: Connecting to localhost [127.0.0.1] port 22.
>>>debug1: connect to address 127.0.0.1 port 22: Connection refused
>>>ssh: connect to host localhost port 22: Connection refused
>>>
>>>
>>>The process is running:
>>>p4-3000:marcj:{/home/marcj}160 % ps -ef
>>> UID PID PPID TTY STIME COMMAND
>>> marcj 1948 1 con 00:43:18 /usr/bin/bash
>>> SYSTEM 728 1 ? 00:48:33 /usr/bin/cygrunsrv
>>> SYSTEM 480 728 ? 00:48:33 /usr/sbin/sshd
>>> marcj 1748 1948 con 00:53:03 /usr/bin/sh
>>> marcj 2076 1748 con 00:53:03 /usr/X11R6/bin/XWin
>>> marcj 1840 1748 con 00:53:04 /usr/X11R6/bin/wmaker
>>> marcj 1648 1840 con 00:53:04 /usr/X11R6/bin/wmaker
>>> marcj 1600 1648 ? 00:53:17 /usr/bin/xterm
>>> marcj 1564 1600 0 00:53:18 /usr/bin/tcsh
>>> marcj 2148 1 0 00:53:25 /usr/bin/xterm
>>> marcj 2164 2148 1 00:53:25 /usr/bin/tcsh
>>> marcj 2196 2164 1 00:53:44 /usr/bin/ps
>>>
>>>
>>>and the port 22 is listening:
>>>p4-3000:marcj:{/etc}183 % netstat -an
>>>
>>>Active Connections
>>>
>>> Proto Local Address Foreign Address State
>>> TCP 0.0.0.0:22 0.0.0.0:0 LISTENING
>>>
>>>Yet I always get connection refused:
>>>
>>>ssh marcj AT 127 DOT 0 DOT 0 DOT 1
>>>ssh connect to host 127.0.0.1 port 22: connection refused
>>>ssh localhost
>>>ssh: connect to host localhost port 22: Connection refused
>>>
>>>ssh marcj AT 192 DOT 168 DOT 1 DOT 204
>>>ssh: connect to host 192.168.1.204 port 22: Connection refused
>>>
>>>I only have 1 copy of cygwin1.dll - in c:\cygwin\bin
>>>I installed the openssh pkg at the same time that I did the initial
>
> cygwin
>
>>>install. I am just trying
>>>to get sshd working now.
>>>
>>>I have 2 old copies of cygwin: c:\cygwin-old and
>>>H:\Program-Files2\cygwin-not used anymore
>>>
>>>I can't edit
>>>/etc/ssh_config file using cygwin or win2k even though I have admin
>
> rights
>
>>>on pc.
>>>
>>
>><snip sshd config>
>>
>>>I have looked at FAQs, google, archives....
>>>
>>>Not sure where to go from here.
>>>
>>>Marc
>>>
>>
>>Could you stop the service, as described on the page you mention, and
>>then start it manually by doing the following:
>>
>>sshd -D -dd
>>
>>
>>Once this is running, try to ssh to it from another cygwin window.
>>The instance of sshd should process one connection - failed or not.
>>Post the output from sshd so that we can get a better idea of what's
>>happening.
>>
>>As a thought though.. Running any firewalls on that machine? (They
>>/shouldn't/ affect localhost connections, but I don't trust them...
>>
>>
>>Chris
>>
Marc Jourdeuil wrote:
> I successfully stopped sshd.
>
> /usr/sbin/sshd -D -dd
> debug2: load_server_config: filename /etc/sshd_config
> debug2: load_server_config: done config len = 187
> debug2: parse_server_config: config /etc/sshd_config len 187
> debug1: sshd version OpenSSH_3.9p1
> Could not load host key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_dsa_key
> Disabling protocol version 1. Could not load host key
> Disabling protocol version 2. Could not load host key
> sshd: no hostkeys available -- exiting.
Well, this is definitely why it's not working.
>
> ran this again
> ssh-host-config
> Overwrite existing /etc/ssh_config file? (yes/no) yes
> Generating /etc/ssh_config file
> Overwrite existing /etc/sshd_config file? (yes/no) yes
> Privilege separation is set to yes by default since OpenSSH 3.3.
> However, this requires a non-privileged account called 'sshd'.
> For more info on privilege separation read
> /usr/share/doc/openssh/README.privsep.
>
> Should privilege separation be used? (yes/no) yes
> Generating /etc/sshd_config file
>
> Host configuration finished. Have fun!
>
Hrm.. I'm sure this is supposed to generate the host keys... (I'm sure
someone will correct me if I'm wrong, but I could have sworn that it did
for me..)
> p4-3000:marcj:{/usr/sbin}230 % /usr/sbin/sshd -D -dd
> debug2: load_server_config: filename /etc/sshd_config
> debug2: load_server_config: done config len = 187
> debug2: parse_server_config: config /etc/sshd_config len 187
> debug1: sshd version OpenSSH_3.9p1
> Could not load host key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_dsa_key
> Disabling protocol version 1. Could not load host key
> Disabling protocol version 2. Could not load host key
> sshd: no hostkeys available -- exiting.
>
> /etc/
> -rwxr-xr-x 1 marcj None 1159 Oct 19 13:57 ssh_config
> -rw------- 1 SYSTEM None 668 Oct 19 00:43 ssh_host_dsa_key
> -rw-r--r-- 1 SYSTEM None 603 Oct 19 00:43 ssh_host_dsa_key.pub
> -rw------- 1 SYSTEM None 528 Oct 19 00:43 ssh_host_key
> -rw-r--r-- 1 SYSTEM None 332 Oct 19 00:43 ssh_host_key.pub
> -rw------- 1 SYSTEM None 883 Oct 19 00:43 ssh_host_rsa_key
> -rw-r--r-- 1 SYSTEM None 223 Oct 19 00:43 ssh_host_rsa_key.pub
> -rw-r--r-- 1 marcj None 2807 Oct 19 13:58 sshd_config
>
The host key permissions seem fine to me.. Though for me the configs are
owned by SYSTEM as well - that said, that may be related to an
incomplete user list on the machine I checked - it doesn't seem all that
keen on pulling the full list from our domain server, but that's another
issue.
>
> inetd is not running, should it? I have ssh in /etc/services. I have no
> /etc/inetd.conf file. Should I?
> telnet localhost does nothing.
No, you don't need identd. /etc/services is just a list of what services
use what ports.
Telnet shouldn't work regardless - you should never run telnet anymore.
>
> I wasn't running any firewall before. I restarted zonealarm, but that
> doesn't seem to be a factor right now.
> It might be later, when I try from another PC.
>
It probably would, unless you tell ZA to allow all incoming traffic on
port 22, but at the moment that won't help.
Try this (though I give no guarantee's that it will fix anything)
rm /etc/ssh_host*
ssh-host-config
It *should* regenerate the host keys if you do this (and should say as
much right away).
Assuming it does, try the same as above afterwards.
If it works, then you'll be able to do:
cygrunsrv --start sshd
at which point you'll be sorted.
Chris
--
Spinning complacently in the darkness, covered and blinded by a blanket
of little lives, false security has lulled the madness of this world
into a slumber. Wake up! An eye is upon you, staring straight down and
keenly through, seeing all that you are and everything that you will
never be. Yes, an eye is upon you, an eye ready to blink. So face
forward, with arms wide open and mind reeling. Your future has
arrived... Are you ready to go?
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -