Mail Archives: cygwin/2006/06/22/18:38:01
I installed Cygwin on XP yesterday to get ssh and rsync servers running.
I have done this before and shared my experiences on this list earlier
as well. Specially the bit about the Zone Alarm causing a problem to
connect to the WIndows machine via ssh after reboots. Here are the steps
I followed, hopefully this will help others too. Comments and advise or
explanations are welcome.
NOTE: make sure you are logged in as an administrator before installing
and setting up the following stuff.
#------------------------------------------------------------#
Installling Minimal (sort of) Cygwin:
#------------------------------------------------------------#
Download the installer file from http://cygwin.com/setup.exe (okay to
save it on Desktop)
Double click on setup.exe to start installation of Cygwin and follow the
prompts with the following choices:
-> Install from Internet
->NEXT
-> Choose root dir: c:\cygwin
->All Users
->Unix/Binary
->NEXT
->choose dir to download files which will be used for installation. Sort
of like a temp dir. Chose C:\tmp\cygwin-downloads or any other of your
choice
->NEXT
->Direct Connection
->NEXT
Here your firewall, if you have one, will ask if you want to allow
setup.exe to connect to the internet. In my case, ZoneAlarm asked if
Setup should be allowed internet connection. Allowed.
->Choose a site from "Available Download Sites"
->NEXT
->Package lists will be shown
Leave the default packages are they are. But add the following by
clicking on "Skip" column for these packages until that columns lists
the version that will be installed (see Step 2b at
http://pigtail.net/LRP/printsrv/cygwin-sshd.html ):
Admin:
cron
cygrunsrv
syslog-ng
Archive:
unzip
zip
Editors:
vim
Net:
openssh
rsync
Web:
wget (it is a handy tool)
->NEXT (it will then start downloading the package files)
->at the end, it will ask if you want icons on desktop and start menu.
Answer yes.
You will get a Cgywin icon on your desktop. Double click on it and a
prompt will appear. All is well. Close that window.
In Environment variable window(See Step 3 at
http://pigtail.net/LRP/printsrv/cygwin-sshd.html for illustration), add
a new System Variable: CYGWIN and give it a value of ntsec.
Then add the cygwin path,;c:\cygwin\bin, to Environment path variable.
See Step 4 of the above web site for illustration.
Make Cygwin see users' information: Open the Cygwin terminal (double
click on the Cygwin icon you got on your desktop) and give these
commands ("$" below means the below):
$ mkpasswd --local > /etc/passwd
$ mkgroup --local > /etc/group
Cygwin is all setup now.
#------------------------------------------------------------#
Setting up SSH Server:
#------------------------------------------------------------#
Setup and get sshd running by giving the following commands in the
Cygwin terminal:
$ cygrunsrv --stop sshd
$ cygrunsrv --remove sshd
$ ssh-host-config <-- (see more info below)
$ cygrunsrv --start sshd
The third command above will give an output as shown below. Answer "yes"
as shown in the prompts here:
++++++++++++++++++++++++++++++++++++++++++++++++++++++
Privilege separation is set to yes by default since OpenSSH 3.3.
However, this requires a non-privileged account called 'sshd'.
For more info on privilege separation read
/usr/share/doc/openssh/README.privsep
.
Should privilege separation be used? (yes/no) yes
Generating /etc/sshd_config file
Warning: The following functions require administrator privileges!
Do you want to install sshd as service?
(Say "no" if it's already installed as service) (yes/no) yes
Which value should the environment variable CYGWIN have when
sshd starts? It's recommended to set at least "ntsec" to be
able to change user context without password.
Default is "ntsec". CYGWIN=binmode tty ntsec
The service has been installed under LocalSystem account.
To start the service, call `net start sshd' or `cygrunsrv -S sshd'.
Host configuration finished. Have fun!
++++++++++++++++++++++++++++++++++++++++++++++++++++++
Now, edit /cygwin.bat (in notepad or in vi editor) to add the CYGWIN env
variable line as shown below (I am not sure why all these values are
needed, if someone can explain in detail, it would be great):
------------------
$ less /cygwin.bat
@echo off
CYGWIN=binmode tty ntsec
c:
chdir c:\cygwin\bin
bash --login -i
------------------
Now you can ssh to other machines on your network. If you try to do so,
your firewall, if you have one, will ask if sshd should be allowed to
connect to the internet, say yes and make sure your firewall remembers
this choice -- make it permanent.
However, if you have zone alarm running, then after rebooting sshd won't
be available, Zone alarm will block all its traffic unless it is run
before zone alarm starts. To solve this, make sshd a dependency of
vsmon (the zone alarm service) and tcpip service (no point in having
sshd running unless tcpip is also running):
------------------
root AT localhost ~
$ cygrunsrv -E sshd <-- this command stops the service
root AT localhost ~
$ cygrunsrv -R sshd <-- this command removes the service
root AT localhost ~
$ cygrunsrv -I sshd -p /usr/sbin/sshd -f "Cygwin SSH Daemon" -a'-D' -e
'CYGWIN=binmode ntsec tty' -y tcpip -y vsmon
(the above is a one long single line command. note the single quotes)
root AT localhost ~
$ cygrunsrv -S sshd <-- this command starts the service
------------------
Now, when you reboot the computer, you will be able to ssh to the
Windows computer without any problems from zone alarm.
#------------------------------------------------------------#
RSYNC:
#------------------------------------------------------------#
Rsync service is not running by default. So no need to try to stop the
service unless you know it is already running. You can use
"cygrunsrv --list" command to see if it is already installed. Stop it
if it is by "cygrunsrv -E rsync" command. Then use the following
commands to set it up:
--------------------------------------------------------
root AT localhost ~
$ cygrunsrv -I "rsyncd" -p /usr/bin/rsync -a '--daemon --no-detach'
( if /etc/rsyncd.conf already doesn't exist, see the note below, use the
following command to create an empty file)
$ touch /etc/rsyncd.conf
$ cygrunsrv -S "rsyncd" <-- starts the service
--------------------------------------------------------
Note: If you do not have an /etc/rsyncd.conf file, upon trying to start
the rsyncd service you will get this error:
$ cygrunsrv -S rsyncd
cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error 1062:
The service has not been started.
If you create an empty /etc/rsyncd.conf, rsync will be happy and will
run smoothly.
Finally, allow your firewall to remember that rsync should be allowed
outside connections.
Good luck,
->HS
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -