delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2014/03/17/19:18:53

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:mime-version:in-reply-to:references:date
:message-id:subject:from:to:content-type; q=dns; s=default; b=cM
LZM7xzCYyB1lhbe8IDC5HNmoNKxzOk+ZIv1GBh6Dw6230eJIF2XV1aWRHnLlWf+K
r8cAef9yCMu7GwJwwEVUI3AWasKJzl0dx0vY4halhGuK5p3QeUAijvipssLWMqCT
XtQwSR8xEYcc9HImXRPz3XDPUZdmOdidNWa4amkKY=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:mime-version:in-reply-to:references:date
:message-id:subject:from:to:content-type; s=default; bh=lgxByBxI
CjB45bqF8UTDOV10GzA=; b=l0jCuUeny61VFw6Q8SHh795ACWn8RG7fh2jwh6Jo
VbZxUz/1/7r0fM6IEa2TX3zW5jr0nPDJ2gt6N/IX+JKWkoUbM6Tl2i+iEzz9I+ax
ezbQQUJk+H5qlsArU/ztkWHBCVa7D9+qa9R5i+gUIrP4kiPlPkhZftZnDfD6h6U9
6gI=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=4.2 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SCAM_SUBJECT,SPF_PASS,UNSUBSCRIBE_BODY autolearn=no version=3.3.2
X-HELO: mail-qg0-f43.google.com
MIME-Version: 1.0
X-Received: by 10.224.123.137 with SMTP id p9mr31354350qar.39.1395098308577; Mon, 17 Mar 2014 16:18:28 -0700 (PDT)
In-Reply-To: <CAG9p0OQ3Hr0wVq7eYQRHGwW79U9uAb1_13BqqY4qxuR2m8VMAQ@mail.gmail.com>
References: <5307BB89 DOT 80405 AT cse DOT yorku DOT ca> <5307BDDA DOT 4040309 AT cygwin DOT com> <530B6ED1 DOT 2060003 AT cse DOT yorku DOT ca> <CAG9p0OSzrhsqf+gZjduxU0bxzovPY31kDwH=gJ3ZUtHuj8iBZQ AT mail DOT gmail DOT com> <f5bmwgowkuh DOT fsf AT troutbeck DOT inf DOT ed DOT ac DOT uk> <CAG9p0OT0282=+dGWuOjk2MxMSJX0E6irg-+hD9dE1vfqDLOVyA AT mail DOT gmail DOT com> <CAG9p0OS65OC-5o-wEre+2K7+NQHQE_OzmLW9HAN8bmcYzEoG3A AT mail DOT gmail DOT com> <CAG9p0OQ3Hr0wVq7eYQRHGwW79U9uAb1_13BqqY4qxuR2m8VMAQ AT mail DOT gmail DOT com>
Date: Mon, 17 Mar 2014 19:18:28 -0400
Message-ID: <CAG9p0OT9a9VZ3hx7DzQAKz1Lr2Y0niC21xr4AiYJekpMGJb2Jw@mail.gmail.com>
Subject: Re: Silently configure sshd fails via system account
From: Lord Laraby <lord DOT laraby AT gmail DOT com>
To: Cygwin Mailing List <cygwin AT cygwin DOT com>
X-IsSubscribed: yes 

Okay, I figured out the whole issue. The script suggested
non-privleged user sshd as the service user. I allowed that and the
user was created. However the issues the script messed up are:
1) The account was never activated - "net user sshd /active:yes" had
to be run at the command line.
2) All of the keys had permissions given to user cyg_server (which is
actually another service with different needs).
3) the /var/empty file ownership was changed to sshd (stolen from
cyg_server which also had that assigned home directory.) So, that was
correct but wrong.
4) The /var/log/sshd.log ownership was given to cyg_server (who does
not write to that log.) the cygserver.log is owned by SYSTEM!!! I do
not know why.
5) Permission modes were wrong on every file.

These were all setup by the cygwin script, all I did was answer 'yes'
to each question and provide sshd a password (twice).

This might warrant a check by the maintainer.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019