Mail Archives: cygwin/2007/08/06/02:08:35
Andrew Schulman <schulman.andrew@...> writes:
>
> > Brian Thanks for the suggestions and I was extreemly interested in trying
your
> > suggestion of running the SSH client as a service. However I have not been
> > successful in setting it up. Although it does install as a service, when
it is
> > started it immediatly stops as unable to authenticate with the other
server.
> > If SSH is run manually there is no issue. Currently going through the logs
> > with verbose on and trying to determine what the issue is.
>
> As Brian suggests, in order to run an ssh client as a service you have to
> give it enough information to authenticate unattended to the server. That
> means you have to give the client one of the following:
>
> - a plaintext password
> - an unencrypted (i.e. empty password) private key file
> - a running ssh-agent that holds the private key
>
> Whatever method you use to authenticate when you login manually, it will
> probably be simplest to give that same information to your ssh client when
> it runs unattended.
>
> All of the above methods carry potential security risks, but the risks can
> be minimized by, for example, using an account with shell access disabled on
> the remote host. For a full discussion of the unattended login problem, see
> chapter 11 of "SSH, The Secure Shell: The Definitive Guide", 2nd ed., by R.
> Silverman and D. Barrett.
>
> A.
>
>
Brian and Andrew thank you for the wealth of information. Brian hit it on the
head in that the service account was being used and the keys weren't being
found. I have fixed this and the service now start with the net start ssh or
the cyrunsrv S ssh commands. The stop also appears to work in that the service
stops, but what I am finding is the process continues to run (appears in the
task manager list)and the next time that net start ssh is issued the following
errors are in the log
bind: Address already in use
channel_setup_fwd_listener: cannot listen to port: 139
Could not request local forwarding.
Cannot bind until the processes are killed also noted, is if I don't kill the
process and just issue another net start ssh, then the number of processes
will continue to increase.
I hope there is a easy way around this as the solution originally provided
offers minimal impact to an existing application. Many thanks again
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -