Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Reply-To: Cygwin List Message-Id: <5.1.0.14.0.20030902203138.01f172c0@127.0.0.1> X-Sender: Date: Tue, 02 Sep 2003 20:34:41 -0400 To: "Dan Adams" , cygwin AT cygwin DOT com From: Larry Hall Subject: Re: sshd setup question In-Reply-To: References: <5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901172200 DOT 01f49928 AT 127 DOT 0 DOT 0 DOT 1> <5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901180444 DOT 01f69c90 AT 127 DOT 0 DOT 0 DOT 1> <5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901200938 DOT 01f7e0c0 AT 127 DOT 0 DOT 0 DOT 1> <5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901214533 DOT 01f6a988 AT 127 DOT 0 DOT 0 DOT 1> <5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901223001 DOT 01f810c8 AT 127 DOT 0 DOT 0 DOT 1> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Again, please attach your '/etc/passwd' and '/etc/group' files and show a transcript of your attempt to set /var/empty persmissions along with the output from 'ls -l /var'. Larry At 11:43 PM 9/1/2003, Dan Adams you wrote: >I followed both of those suggestions. I retried that script and it seems to >generate the key files each time it is run now. As far as that mySQL thing, >I renamed that dll file and will use another program temporarily, until I >can figure this thing out. > >Once I did those two things, I still see an error that looks the same, >although the contents of the sshd.log file is now: > /var/empty must be owned by root and not group or world-writable. > >My main trouble with this is that I seem to be having trouble getting the >permissions for that directory like it says, I can get it chmod'ed to 744 >easily, but I can't seem to get its ownership to root or system either one. >I am using a windows 2000 machine, although that may have been in my >cygcheck file that I sent. Does anyone have a suggestion on how to get this >permission thing set. > >Dan > > >"Larry Hall" wrote in message >news:5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901223001 DOT 01f810c8 AT 127 DOT 0 DOT 0 DOT 1... >> ssh-host-config creates /etc/ssh_host_key*. >> >> From your cygcheck output: >> >> 653k 2003/07/22 C:\Program Files\mysql\bin\cygwinb19.dll - os=4.0 >img=1.0 sys=4.0 >> "cygwinb19.dll" v0.0 ts=1998/7/15 18:50 >> >> This will is trouble waiting to happen. Get rid of this DLL and update >> mysql as required. >> >> Larry >> >> >> At 10:25 PM 9/1/2003, Dan Adams you wrote: >> >> >> >> >I am guessing this questioning might shift a little with my latest >finding. >> >Also, I have attached the cygcheck file thing that was requested at that >> >website. >> > >> >My latest finding is: >> >Could not load host key: /etc/ssh_host_key >> >Could not load host key: /etc/ssh_host_rsa_key >> >Could not load host key: /etc/ssh_host_dsa_key >> >Disabling protocol version 1. Could not load host key >> >Disabling protocol version 2. Could not load host key >> > >> >I found this when looking in the sshd.log file that is in that directory. >> >Relating to the permissions that that gentleman mentioned in his post on >> >this list, those directories (this may not be good though) have the >> >permissions for the system account. Is there anything that speaks about >how >> >to create these keys? >> > >> >Dan >> > >> >"Larry Hall" wrote in message >> >news:5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901214533 DOT 01f6a988 AT 127 DOT 0 DOT 0 DOT 1... >> >> OK, I'm not sure my efforts are paying off here. I'd recommend again >that >> >> you visit . It's hard to figure >things >> >> without a basis of information. However, you'll probably find looking >> >> in the email archives helpful. For instance, I found this with a >simple >> >> search: >> >> >> >> >> >> >> >> Seems to describe your situation to a tee, complete with solution. >Just >> >> one more reason not to use tech.erdelynet.com. Seems your problem is a >> >> common one when following the directions at this site. >> >> >> >> If this doesn't solve your problem, I suggest uninstalling ssh and >> >> reinstalling. Then, stay away from tech.erdelynet.com and just set >> >> things up as the Cygwin doc suggests. Otherwise, bug >tech.erdelynet.com >> >> about it if you insist on using their advice. >> >> >> >> Larry >> >> >> >> >> >> At 09:40 PM 9/1/2003, Dan Adams you wrote: >> >> >The error it gives me when I try to start the service, after using the >> >> >ssh-host-config command to make the service, and using the >cygrunsrv -S >> >sshd >> >> >command is: >> >> >cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error >> >1062: >> >> >The service has not been started. >> >> >I am not sure if this will help at all, but I figured it might. >> >> > >> >> > >> >> >-- >> >> >Dan Adams - dan AT infochi DOT com >> >> >http://www.infochi.com >> >> > >> >> > >> >> >"Dan Adams" wrote in message >> >> >news:bj0ruq$thn$1 AT sea DOT gmane DOT org... >> >> >> You mentioned that it is not reaching the server through ssh, is >there >> >any >> >> >> way I can find out where the problem occurs at? I am using a command >> >line >> >> >of >> >> >> : >> >> >> ssh -p 422 localhost >> >> >> to do this, I am not sure where in the networking the problem might >lie >> >> >at, >> >> >> is there any way that I can find out, or assist you in finding out? >> >> >> >> >> >> The reason I was trying it with inetd, partly because it mentioned >it >> >on >> >> >the >> >> >> website of yours, is because I have it working correctly for a >couple >> >of >> >> >> other services that are part of cygwin. >> >> >> >> >> >> One discrepancy I found between the website and the ssh-host-config >> >file >> >> >> that was installed on my machine is >> >> >> file: >> >> >> chown system.system /var/empty >> >> >> website >> >> >> chown system:system /var/empty >> >> >> >> >> >> How should this be? If you notice the website has a colon on that >line, >> >> >the >> >> >> file has a period on that line. >> >> >> >> >> >> The website I am referring to is: >> >> >http://tech.erdelynet.com/cygwin-sshd.html >> >> >> >> >> >> -- >> >> >> Dan Adams - dan AT infochi DOT com >> >> >> http://www.infochi.com >> >> >> >> >> >> >> >> >> "Larry Hall" wrote in message >> >> >> news:5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901200938 DOT 01f7e0c0 AT 127 DOT 0 DOT 0 DOT 1... >> >> >> > You're not reaching the server. The read of the basic version >> >> >> identification >> >> >> > is failing. If the client and the server can't understand what >> >version >> >> >of >> >> >> > ssh is running on either end, they don't talk. So you're not >> >reaching >> >> >the >> >> >> > server through ssh. >> >> >> > >> >> >> > Sorry I don't know much about setting up ssh under inetd. Is >there a >> >> >> reason >> >> >> > not to set it up as the documentation suggests? I can vouch for >> >things >> >> >> > working that way. >> >> >> > >> >> >> > Larry >> >> >> > >> >> >> > >> >> >> > At 06:38 PM 9/1/2003, Dan Adams you wrote: >> >> >> > >Thanks for the comment about cygrunsrv and the method of removing >> >> >service >> >> >> > >from win2k That worked well >> >> >> > > >> >> >> > >Since I have inetd working well. I have a telnet server and also >a >> >FTP >> >> >> > >server, but neither is available outside of my firewall. I >thought >> >that >> >> >I >> >> >> > >would try and see if I could use the sshd server that I just >setup >> >via >> >> >> the >> >> >> > >inetd thing. When I did this, I got an error message of: >> >> >> > > >> >> >> > >ssh_exchange_identification: read: Connection reset by peer >> >> >> > > >> >> >> > >What would this mean? This is the only error message that I have >> >been >> >> >> > >getting from the ssh deamon when I try and connect, and even >before >> >I >> >> >ran >> >> >> > >that setup script. >> >> >> > > >> >> >> > >Dan Adams - dan AT infochi DOT com >> >> >> > >http://www.infochi.com >> >> >> > > >> >> >> > > >> >> >> > >"Larry Hall" wrote in message >> >> >> > >news:5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901180444 DOT 01f69c90 AT 127 DOT 0 DOT 0 DOT 1... >> >> >> > >> OK, visit and provide the >> >requested >> >> >> > >info. >> >> >> > >> Also, send along (attached too) your /etc/passwd and /etc/group >> >> >files. >> >> >> > >The >> >> >> > >> actual transcript of your attempt to run chown would be helpful >> >too. >> >> >> > >> >> >> >> > >> cygrunsrv -E followed by cygrunsrv -R > >name> >> >> >> will >> >> >> > >> stop and remove a service. >> >> >> > >> >> >> >> > >> Larry >> >> >> > >> >> >> >> > >> >> >> >> > >> At 06:04 PM 9/1/2003, Dan Adams you wrote: >> >> >> > >> >I tried the directions at the site, and when it did the chown >> >> >> > >system.system >> >> >> > >> >/var/empty command. It errors out, saying that the user is >> >unknown. >> >> >It >> >> >> > >seems >> >> >> > >> >to not want to start the service after that point. Any more >> >> >> suggestions. >> >> >> > >> >Also does anyone know how to remove a service from the listong >in >> >> >> Win2k >> >> >> > >once >> >> >> > >> >it is no longer desired. I am hoping to change from telnet/ftp >to >> >> >ssh >> >> >> > >access >> >> >> > >> >which means I would be able to get rid of the service of inetd >> >that >> >> >is >> >> >> in >> >> >> > >my >> >> >> > >> >win2k control panel thing. >> >> >> > >> > >> >> >> > >> >Dan Adams - dan AT infochi DOT com >> >> >> > >> >http://www.infochi.com >> >> >> > >> > >> >> >> > >> > >> >> >> > >> >"Larry Hall" wrote in message >> >> >> > >> >news:5 DOT 1 DOT 0 DOT 14 DOT 0 DOT 20030901172200 DOT 01f49928 AT 127 DOT 0 DOT 0 DOT 1... >> >> >> > >> >> At 05:28 PM 9/1/2003, Krzysztof Duleba you wrote: >> >> >> > >> >> >Dan Adams" wrote >> >> >> > >> >> > >> >> >> > >> >> >> Does anyone know if there is either a script that will >> >automate >> >> >> the >> >> >> > >> >> >process >> >> >> > >> >> >> of setting up an ssh server? Or is there a tutorial setup >> >page? >> >> >> > >> >> > >> >> >> > >> >> >http://tech.erdelynet.com/cygwin-sshd.html >> >> >> > >> >> >> >> >> > >> >> >> >> >> > >> >> And please follow-up with any questions generated from >> >following >> >> >the >> >> >> > >> >> directions at this site with tech.erdelynet.com. The >supported >> >> >> > >> >information >> >> >> > >> >> for setting up Cygwin's OpenSSH distribution is >> >> >> > >> >> /usr/doc/Cygwin/openssh-*.README. It's the only source of >> >> >> information >> >> >> > >> >this >> >> >> > >> >> list will entertain questions about. >> >> >> > >> >> >> >> >> > >> >> Thanks, >> >> >> > >> >> >> >> >> > >> >> >> >> >> > >> >> Larry Hall http://www.rfk.com >> >> >> > >> >> RFK Partners, Inc. (508) 893-9779 - RFK >> >> >Office >> >> >> > >> >> 838 Washington Street (508) 893-9889 - FAX >> >> >> > >> >> Holliston, MA 01746 >> >> >> > >> >> >> >> >> > >> >> >> >> >> > >> > >> >> >> > >> > >> >> >> > >> > >> >> >> > >> > >> >> >> > >> >-- >> >> >> > >> >Unsubscribe info: >http://cygwin.com/ml/#unsubscribe-simple >> >> >> > >> >Problem reports: http://cygwin.com/problems.html >> >> >> > >> >Documentation: http://cygwin.com/docs.html >> >> >> > >> >FAQ: http://cygwin.com/faq/ >> >> >> > >> >> >> >> > >> >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > >-- >> >> >> > >Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple >> >> >> > >Problem reports: http://cygwin.com/problems.html >> >> >> > >Documentation: http://cygwin.com/docs.html >> >> >> > >FAQ: http://cygwin.com/faq/ >> >> >> > >> >> >> > -- >> >> >> > Larry Hall http://www.rfk.com >> >> >> > RFK Partners, Inc. (508) 893-9779 - RFK >Office >> >> >> > 838 Washington Street (508) 893-9889 - FAX >> >> >> > Holliston, MA 01746 >> >> >> > >> >> >> > >> >> >> >> >> >> >> >> >> >> >> >> >> >> > >> >> > >> >> > >> >> > >> >> >-- >> >> >Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple >> >> >Problem reports: http://cygwin.com/problems.html >> >> >Documentation: http://cygwin.com/docs.html >> >> >FAQ: http://cygwin.com/faq/ >> >> >> >> >> > >> > >> > >> > >> > >> > >> >-- >> >Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple >> >Problem reports: http://cygwin.com/problems.html >> >Documentation: http://cygwin.com/docs.html >> >FAQ: http://cygwin.com/faq/ >> >> -- >> Larry Hall http://www.rfk.com >> RFK Partners, Inc. (508) 893-9779 - RFK Office >> 838 Washington Street (508) 893-9889 - FAX >> Holliston, MA 01746 >> >> > > > > >-- >Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple >Problem reports: http://cygwin.com/problems.html >Documentation: http://cygwin.com/docs.html >FAQ: http://cygwin.com/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/