Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
From: "Stephen C. Biggs" <s_c_biggs AT bigfoot DOT com>
To: cygwin AT cygwin DOT com
Date: Fri, 2 Aug 2002 15:29:03 -0700
MIME-Version: 1.0
Subject: SSH and Cygwin
Message-ID: <3D4AA53F.16860.A2FF6C@localhost>
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body

Greetings all.

I have a few issues running SSHD under cygwin.

I have got it mostly to work and it looks good, but there are at least two security issues that I am concerned about.

The first is when someone accesses my SSH server, the server sends back an environment that includes LOGONSERVER, HOMEDRIVE, 
HOMEPATH, SYSTEMDRIVE, and SYSTEMROOT. 

Since this is to a remote client, I do not want them to know any of the details of my server, and this lays it wide open.  Is there a way to 
stop these environment variables from being exported to the remote client?  I am putting users in a chroot jail (more about that below) and 
even though I unset these variables in the script, they still get set on the client.   

Another related issue is that I have a different computer name from the name that remote clients use and wish to have the public name 
sent back in the environment variables such as USERDOMAIN and HOSTNAME.  Right now, I reset them to what I want in the profile I 
execute as part of the chroot. Is this the only way to do it?  Running cygrunsrv with -e "USERDOMAIN=publicname" has no effect, but it 
works for COMPUTERNAME.

As to the chroot issue, I went with the procedure in 
http://sources.redhat.com/ml/cygwin/2002-07/msg02070.html but fleshed it out 
so it would work, and it does, but a disturbing issue is that when a remote client logs on, I have to have a globally accessible home 
directory in my /etc/passwd file and have that directory exist. Then, the server places the client in that home directory before the script 
can get control to chroot to the jail.  This is a millisecond security issue but still a window.

Thanks for any assistance.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/