Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
From: David Highley <dhighley AT highley-recommended DOT com>
Message-Id: <200207120654.g6C6sbRE000309@hemlock.highley-recommended.com>
Subject: Re: Getting sshd Configured on Win2k Platform
To: cygwin AT cygwin DOT com
Date: Thu, 11 Jul 2002 23:54:37 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

"dhighley wrote:"
From dhighley Thu Jul 11 15:58:18 2002
Subject: Re: Getting sshd Configured on Win2k Platform
To: maharig AT idirect DOT net (Harig, Mark A.)
Date: Thu, 11 Jul 2002 15:58:18 -0700 (PDT)
In-Reply-To: <BADF3C947A1BD54FBA75C70C241B0B9E40F0E6 AT ex02 DOT idirect DOT net> from "Harig, Mark A." at Jul 11, 2002 04:18:31 PM
X-Mailer: ELM [version 2.5 PL6]
Content-Length: 1619      


It is working now and from the replies we found two things to fix.

"Harig, Mark A. wrote:"
> 
> 1. Which filesystem are you running on your disk(s): FAT32 or NTFS?
> 
> 2. If you are running NTFS, then you need to specify '-e "CYGWIN=ntsec"'
> to cygrunsrv.

We think there are missing single quotes in the ssh-host-config script.
When the environment parameter is done as in the script:
    -e "CYGWIN=binmode ntsec tty" variables expanded here
the service will not start. If we do the following:
    -e '"CYGWIN=binmode ntsec tty"'
the service will start and different users can login. We also found that
a /etc/group entry was missing which was causing the setgid problem.

> 
> 3. What are the permissions of the directory /home/Administrator?
> 
> 4. Once you get the sshd running, before attempting to ssh to the sshd
> remotely, you should try to ssh locally (i.e., run the ssh client on the
> machine that is running sshd).

We also ran snoop to verify the we have the communication link
encrypted an no information is leaking. For /etc/sshd_config we ended up
with:
     RSAAuthentication yes
     RhostsAuthentication yes
     RhostsRSAAuthentication yes
     PasswordAuthentication yes

We did add ssh to the ${SYSTEMROOT}/system32/drivers/etc/services file.
We did not make any modifications to the Local Security Settings as
discussed in the openssh README file.


-- 


Regards,

David Highley		      Phone: (206) 669-0081
Highley Recommended, Inc.	FAX: (253) 838-8509
2927 SW 339th Street	      Email: dhighley AT highley-recommended DOT com
Federal Way, WA 98023-7732	WEB: http://www.highley-recommended.com



-- 


Regards,

David Highley		      Phone: (206) 669-0081
Highley Recommended, Inc.	FAX: (253) 838-8509
2927 SW 339th Street	      Email: dhighley AT highley-recommended DOT com
Federal Way, WA 98023-7732	WEB: http://www.highley-recommended.com

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/