Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
X-Originating-IP: [195.92.67.70]
From: "elfyn mcbratney" <emcb_exposure AT hotmail DOT com>
To: cygwin AT cygwin DOT com
Subject: proposed CYGWIN-SSHD.HOWTO doc
Date: Thu, 10 Oct 2002 09:29:56 +0000
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_NextPart_000_1423_83a_4802"
Message-ID: <F75d0JyZG2U5DKNxBLp0001c7c3@hotmail.com>
X-OriginalArrivalTime: 10 Oct 2002 09:29:56.0760 (UTC) FILETIME=[98BD7980:01C2703F]

------=_NextPart_000_1423_83a_4802
Content-Type: text/plain; format=flowed

Hi,

I have taken a little while this morning to write a doc on how to setup sshd 
as a service under windows nt/2000/xp to help people new to cygwin or people 
experiencing problems. Really want others input and experience in setting it 
up. Maybe be added to the OpenSSH dist. Corinna???

Elfyn



_________________________________________________________________
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx

------=_NextPart_000_1423_83a_4802
Content-Type: text/plain; name="CYGWIN-SSHD.HOWTO.txt"; format=flowed
Content-Transfer-Encoding: 8bit
Content-Disposition: attachment; filename="CYGWIN-SSHD.HOWTO.txt"

proposed HOWTO on setting up CYGWIN sshd as a win32 service (WNt/W2K/WXP)

This document will assist you in getting sshd up and running as a win32
service. Some parts of this doc refer to shell commands 'shell> ???',
these commands need to be run from your cygwin shell, others 'CMD> ???'
need to be run under cmd.exe.

In order to get sshd working corectly as a service there are a few
pre-requests:

1. Setup your CYGWIN environment

  For WNt/W2K/WXP this is done by right-clicking on 'My Computer'
  or double-clicking the 'System' incon in your control panel. In NT
  <= 4.0 it's in the environment tab. in NT >= 5.0 its the environment
  variables section under the advanced tab.

  Your CYGWIN environment variable needs to be set to 'tty' at least and
  if you want chmon/and or chown functionality 'ntsec ntea tty'. The nt*
  options should only be used on NT systems with NTFS partitions housing
  CYGWIN. warning: using the nt* options on 9x/Me systems can create large
  un-removable files on your system... CYGWIN=ntsec ntea tty

  Your PATH environment variable needs to contain the path to CYGWIN's /bin
  mount, referred to here as 'c:\cygwin\bin'. You should append this path
  to the end of your PATH variable... PATH=c:\winnt\system32;c:\cygwin\bin

2. Clean up your /etc/passwd and /etc/group files.

  Your password/group databases should be cleaned up to point to
  correct home directories and shells for given users. I recommend
  editing the usernames so they are more legible under the shell
  and conform the the standard-non-standard unix username or groupname
  length of 8 characters if possible. The username can however be any nice
  username. e.g...

    
Administrator::500:513:Admin,U-(DOMAIN?)/Administrator,S-500:/home/Administrator:/bin/bash

    to

    admin::500:513:Admin,U-DOMAIN/Administrator,S-500:/home/admin:/bin/bash

  If you want to deny a user access based on password you can add a '*'
  in the pw_word field of the file (user:*:uid:@gid:...) or you can restrict
  them in shell-activity by giving them a false shell (/bin/false) or
  one that does not exist (/bin/noshellhere). the former is a good idea
  on guest accounts and usernames like SYSTEM that cannot ligin anyway.

Once you have performed the above pre-requests you are ready to setup sshd
as a service. note: this requires that cygwin be running under a windows
nt variant (NT 4.0/20000/XP).

1. Run /usr/bin/ssh-host-config (append '-y' for auto-setup)

  This will ask you questions about your cygwin setup, whether or not
  to replace existing ssh(d) configuration files and ask you for your
  CYGWIN environment variable contents. A sshd service is also configured
  under LocalSystem account which is what we want for this configuration.

  shell> /usr/bin/ssh-host-config

  It is assumed you answer no to privilege seperation (privsep) as were
  trying to get running as the system user. if not just replace the username
  system below with sshd

2. Set rectrictive permissions on configuration files

  the assumed SYSTEM username is 'system'...

  shell> chmod 600 /etc/ssh_host*_key
  shell> chown system:system /etc/sshd_config
  shell> chown system:system /var/empty
  shell> touch /var/log/sshd.log
  shell> chown system:system /var/log/sshd.log

If all has gone accordingly you have sucessfully setup sshd as a service 
under
CYGWIN. Before we get all excited test it works!

  shell> cygrunsrv -S sshd

  or

  CMD> net start sshd

As long as you do not experience errors you can assume everything has 
worked.
Try logging in to your system 'shell> ssh localhost' using your password, 
also
try to login from other machines or from the net to assure connectivity.

If you get an error, take a look at '/var/log/sshd.log'. This should give 
you
an idea as to whats happend and gone wrong. If you cannot figure out the 
error
from the entries (or no-entries) in the logfile browse the cygwin mailing 
list
to see if anyone else if experiencing the same difficulties and consider
requesting help from others on the list.

Mailing list archives:
http://cygwin.com/ml/cygwin/

Mailing list owner:
cygwin AT cygwin DOT com



------=_NextPart_000_1423_83a_4802
Content-Type: text/plain; charset=us-ascii

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/
------=_NextPart_000_1423_83a_4802--