Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Reply-To: From: "pedal2metal" To: "'Cygwin List'" Subject: RE: sshd under Cygwin Date: Sun, 2 Jan 2005 15:13:44 -0600 Message-ID: <000001c4f10f$f49deb10$6501010a@dragonfly> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" In-Reply-To: <6.2.0.14.0.20050102141849.04e99e08@pop.prospeed.net> Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id j02LGp5Q023965 While I did delete everything when doing a T&E cycle, /var/log/sshd.log /var/empty (dir) /var/run/sshd.pid /etc/ssh* (all keygen, config files) /etc/passwd (removed sshd entry) Removed user (via Control Panel) Removed sshd (via cygrunsrv) .ssh (in User directory) I also verified all Registry entries had no references to ssh after doing this. So I think everytime I did a T&E cycle, it was "clean" from the script's point of view (ssh-host-config). However, there is a subtle acl change that ssh-user-config does to ensure the SYSTEM process can access the user's .ssh contents which I likely did not go back & execute after getting everything to work. This thread seemed particularly relevant: http://www.cygwin.com/ml/cygwin/2003-09/msg00766.html then http://www.cygwin.com/ml/cygwin/2003-09/msg00810.html then http://www.cygwin.com/ml/cygwin/2003-07/msg00684.html Symptomatically, my behavior was identical to http://sources.redhat.com/ml/cygwin/2001-11/msg00844.html which I couldn't find a conclusion for. However, in the "heat of battle" it's easy to skip a step so now I'm trying again to test my luck now that I'm "initiated" into the sshd world :-) & see if I can get multiple users working. thanks & best regards, eric rose email: pedal2metal AT sbcglobal DOT net -----Original Message----- From: Larry Hall [mailto:lh-no-personal-replies-please AT cygwin DOT com] Sent: Sunday, January 02, 2005 1:26 PM To: pedal2metal; cygwin AT cygwin DOT com Subject: RE: sshd under Cygwin At 07:44 AM 1/2/2005, you wrote: >Hello, > After using the following references: > >http://ist.uwaterloo.ca/~kscully/SSH/CygwinSSHD_W2K3.html >http://sources.redhat.com/ml/cygwin/2001-11/msg00844.html >/usr/share/doc/Cygwin/openssh.README >/usr/bin/ssh-host-config >/usr/bin/ssh-user-config > >& plenty of T&E (trial & error), >I was able to get RSA SSH2 keys to work properly. In conclusion, >change the _user to instead of 'system' in both of the >above scripts. I installed the sshd service manually but that was >mainly due to the debug/analysis nature of the work. Shouldn't be >necessary if the _user variable is changed in both scripts. > >Anyhow, this does bring up another question: > How would one get RSA SSH2 keys to work with multiple user logins >since the cygrunsrv/sshd process can only run as 1 user? It would >appear the answer is "Not possible" based on my T&E results. If you want to be able to use multiple user's with sshd, then you must start the service as 'SYSTEM' (or 'sshd_server' for W2K3). There's no need to edit any scripts as you suggest above to get this working. My WAG is that you started 'sshd' from the command line once as the user you were logged in as. This will create files like '/var/log/sshd.log' with permissions for your user as the owner, which won't work if you then try to start the 'sshd' as 'SYSTEM'. -- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 838 Washington Street (508) 893-9889 - FAX Holliston, MA 01746 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/