Mail Archives: cygwin/2017/04/16/03:55:44

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2017/04/16/03:55:44

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:subject:to:references:from:message-id:date

:mime-version:in-reply-to:content-type

:content-transfer-encoding; q=dns; s=default; b=NYYG8x4QQoRiYP3H

tR7bsKlIJVao+Mn0j7ysnYcd4iuYB1zA4fe0xvcuZsQ0OZF4jsVaiXSTmTbpdSo6

Lydb6cT6O6GOjx4HMoUrMXGlCM0bUwbFxHT9sFT5Nj/IOQP34YkDy3MNYxbMqjbY

80pA+tPjQAUvBMrnEyx6FlmRfXs=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:subject:to:references:from:message-id:date

:mime-version:in-reply-to:content-type

:content-transfer-encoding; s=default; bh=0EteXTh1cNVpivnxlckaLC

IdHMs=; b=ofUAvbCD7OlGCLniJ0cbt4PxnapsOVCQfWhc80yE5SkYoLFJ4tfXW9

OHXtH7MQFzIh9NAv+bP/B4JA6MS8gnKkv08A38RyxrWxfSd0Uqmpz4pgHoL0V6tN

lDioFIbbHq0Py2+cjaBUSwtAfaH4cgq86hARLxnrgjYLCKgtXuqSs=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,SPF_PASS autolearn=no version=3.3.2 spammy=reconfiguring

X-HELO: mail-wm0-f41.google.com

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=C4isXhB7o6vLhQgK/tZP9N3XxalglnUcWijEANKEEw0=; b=Uh8bBPCcJHw6FytndH6Rt/26r4HkjEVpkisUrYoy8QJmAfWG0+tXeXDMQXBNbOpgCa HO2vNcCseout03bq1eRHYBTkvPfV3P47XaG5c+Aaa/zmE+vYGbHaMhB6luvCNNiQ7Knj qan9045gg1zGFnmRR+x78rrNRoIEe3Y6h56bGx7VitNeIakUUNRouzh9GfoN0b2e1bya zuHukGmJT5unTQQpw7oaWAe05cPwuuXYm4pbH48nbRFuQl10DpKoem3KCBldFN4xlypS c+Fy3nTHx82ePRhVn/iDkEaK1aHBxGDt18vV7UOrjWn7elvIOunwD9neh0WRJq0m38zM nMqw==

X-Gm-Message-State: AN3rC/6umAwIZLhh17zJXqIk6iaefBRhiwvXg/kqg9W/QZPonsI0day2 D5mPkek+9NCuy/cW

X-Received: by 10.28.48.70 with SMTP id w67mr4589456wmw.124.1492329323615; Sun, 16 Apr 2017 00:55:23 -0700 (PDT)

Subject: Re: How to create root account to own /var/empty for ssh?

To: cygwin AT cygwin DOT com

References: <58F24188 DOT 3060503 AT tlinx DOT org> <93276a4b-b80f-b39d-ea16-4975a080c9a3 AT gmail DOT com> <58F2918D DOT 2020703 AT tlinx DOT org>

From: Marco Atzeri <marco DOT atzeri AT gmail DOT com>

Message-ID: <66c6d82f-5d0c-3b75-ce0c-f2b7f4212bb3@gmail.com>

Date: Sun, 16 Apr 2017 09:55:19 +0200

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0

MIME-Version: 1.0

In-Reply-To: <58F2918D.2020703@tlinx.org>

X-IsSubscribed: yes

On 15/04/2017 23:33, L A Walsh wrote:
> Marco Atzeri wrote:
>>
>>>
>>> How am I supposed to make ssh happy?
>>>
>>> Thanks!
>>> -l
>>>
>>
>> user separation ?
>>
>> $ ls -ld /var/empty
>> drwxr-xr-x+ 1 cyg_server Administrators 0 Jan  7  2015 /var/empty
>
> Um, could elaborate?  I mean do I just create a user called
> cyg_server, and that makes it sshd happy?  Or how is user
> separation different than having root own the directory?
>
> Also, is it the same separation mentioned in this
> deprecation message?:
>
>>  /sbin/sshd
> /etc/sshd_config line 105: Deprecated option UsePrivilegeSeparation
> /var/empty must be owned by root and not group or world-writable.
>
> ...or has the option been renamed?  FWIW -- this *used* to work on my
> machine until the upgrade.
>
> Thanks again!


usage: ssh-host-config [OPTION]...
Options:
     --debug  -d            Enable shell's debug output.
     --yes    -y            Answer all questions with "yes" automatically.
     --no     -n            Answer all questions with "no" automatically.
     --cygwin -c <options>  Use "options" as value for CYGWIN 
environment var.
     --name   -N <name>     sshd windows service name.
     --port   -p <n>        sshd listens on port n.
     --user   -u <account>  privileged user for service, default 
'cyg_server'.
     --pwd    -w <passwd>   Use "pwd" as password for privileged user.
     --privileged           On Windows XP, require privileged user
                            instead of LocalSystem for sshd service.


Hi,
long time I am not reconfiguring the sshd server, but
ssh-host-config should propose by default the user separation
and propose the creation of cyg_server user for that scope.

Regards
Marco





--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=NYYG8x4QQoRiYP3H
	tR7bsKlIJVao+Mn0j7ysnYcd4iuYB1zA4fe0xvcuZsQ0OZF4jsVaiXSTmTbpdSo6
	Lydb6cT6O6GOjx4HMoUrMXGlCM0bUwbFxHT9sFT5Nj/IOQP34YkDy3MNYxbMqjbY
	80pA+tPjQAUvBMrnEyx6FlmRfXs=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=0EteXTh1cNVpivnxlckaLC
	IdHMs=; b=ofUAvbCD7OlGCLniJ0cbt4PxnapsOVCQfWhc80yE5SkYoLFJ4tfXW9
	OHXtH7MQFzIh9NAv+bP/B4JA6MS8gnKkv08A38RyxrWxfSd0Uqmpz4pgHoL0V6tN
	lDioFIbbHq0Py2+cjaBUSwtAfaH4cgq86hARLxnrgjYLCKgtXuqSs=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-1.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,SPF_PASS autolearn=no version=3.3.2 spammy=reconfiguring
X-HELO:	mail-wm0-f41.google.com
X-Google-DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=C4isXhB7o6vLhQgK/tZP9N3XxalglnUcWijEANKEEw0=; b=Uh8bBPCcJHw6FytndH6Rt/26r4HkjEVpkisUrYoy8QJmAfWG0+tXeXDMQXBNbOpgCa HO2vNcCseout03bq1eRHYBTkvPfV3P47XaG5c+Aaa/zmE+vYGbHaMhB6luvCNNiQ7Knj qan9045gg1zGFnmRR+x78rrNRoIEe3Y6h56bGx7VitNeIakUUNRouzh9GfoN0b2e1bya zuHukGmJT5unTQQpw7oaWAe05cPwuuXYm4pbH48nbRFuQl10DpKoem3KCBldFN4xlypS c+Fy3nTHx82ePRhVn/iDkEaK1aHBxGDt18vV7UOrjWn7elvIOunwD9neh0WRJq0m38zM nMqw==
X-Gm-Message-State:	AN3rC/6umAwIZLhh17zJXqIk6iaefBRhiwvXg/kqg9W/QZPonsI0day2 D5mPkek+9NCuy/cW
X-Received:	by 10.28.48.70 with SMTP id w67mr4589456wmw.124.1492329323615; Sun, 16 Apr 2017 00:55:23 -0700 (PDT)
Subject:	Re: How to create root account to own /var/empty for ssh?
To:	cygwin AT cygwin DOT com
References:	<58F24188 DOT 3060503 AT tlinx DOT org> <93276a4b-b80f-b39d-ea16-4975a080c9a3 AT gmail DOT com> <58F2918D DOT 2020703 AT tlinx DOT org>
From:	Marco Atzeri <marco DOT atzeri AT gmail DOT com>
Message-ID:	<66c6d82f-5d0c-3b75-ce0c-f2b7f4212bb3@gmail.com>
Date:	Sun, 16 Apr 2017 09:55:19 +0200
User-Agent:	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version:	1.0
In-Reply-To:	<58F2918D.2020703@tlinx.org>
X-IsSubscribed:	yes