Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Reply-To: Cygwin List Message-Id: <6.2.1.2.0.20050717223532.05671008@pop.prospeed.net> Date: Sun, 17 Jul 2005 23:04:47 -0400 To: Eli Barzilay , Cygwin List From: Larry Hall Subject: Re: ssh problems In-Reply-To: <17114.65208.516047.93257@tulare.cs.cornell.edu> References: <17099 DOT 10669 DOT 464228 DOT 125667 AT tulare DOT cs DOT cornell DOT edu> <6 DOT 2 DOT 1 DOT 2 DOT 0 DOT 20050705221013 DOT 08cdd6b0 AT pop DOT prospeed DOT net> <17099 DOT 18679 DOT 819770 DOT 637448 AT tulare DOT cs DOT cornell DOT edu> <200507091454 DOT 38902 DOT lhall AT rfk DOT com> <17105 DOT 47620 DOT 419723 DOT 654228 AT tulare DOT cs DOT cornell DOT edu> <6 DOT 2 DOT 1 DOT 2 DOT 0 DOT 20050710223821 DOT 03cd7140 AT 127 DOT 0 DOT 0 DOT 1> <17106 DOT 15844 DOT 889622 DOT 893399 AT tulare DOT cs DOT cornell DOT edu> <17114 DOT 65208 DOT 516047 DOT 93257 AT tulare DOT cs DOT cornell DOT edu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" At 08:58 PM 7/17/2005, Eli wrote: >On Jul 10, Larry Hall wrote: >> [...] >> Then there's always running sshd as the user you want to run the >> builds. This should eliminate any authentication problems but it >> does limit the usefulness of sshd since it's now affectively a >> one-person service, though you could certainly run two sshds, with >> this "special" sshd running on a different port. > >When I try that (after shutting down the existing sshd with cygrunsrv >-E) I get errors when trying to access private key files in /etc. How >do I make them accessible to my user? Maybe there is some simple way >to make it so that sshd always runs as me instead of the system thing? >I don't mind making it a one person service since this is used only by >my script for our nighly builds (and at this point I'll go with >anything that works...). OK. So try this: cygrunsrv --stop sshd cygrunsrv --remove sshd cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -u eli -w "" -e "CYGWIN=tty notraverse" is the password you use for user 'eli'. Setting "notraverse" should not be necessary, since you're running Cygwin 1.5.18 and traverse checking has been disabled by default (notraverse) since 1.5.15. I've included it's usage above so you understand how to set it (or any other option) for the service if that's what you want. There's certainly no harm in setting a switch to it's default. You could include ntsec as well, as you used to, although it too is now the default. You'll need to change some permissions. Try this: chown eli /etc/ssh* chown eli /var/log/sshd.log Then start the service: cygrunsrv --start sshd With any luck, that will run. Note - I haven't tried this myself but it should be a pretty complete guide. You'll be the final judge (and test) though. ;-) >> But I think it's fair to say that the detailed information you've >> provided so far on this issue is quite limited. If you're looking >> for more help, I think it makes sense to point you to the problem >> reporting guidelines at: >> >> >> >> Please read these guidelines thoroughly and provide the requested >> information in any follow-up you make to the list on this issue. >> Beyond the configuration information requested, the most helpful >> feedback you could give is a simple example that shows this problem. >> It's possible that in the preparation of such an example, you >> actually find the problem yourself. But, if not, that will provide >> others with a basis for reproducing and debugging the problem. > >cygcheck's output is below as specified on the web page. Actually, the strong preference is that you *attach* this information, not append it. >This is from >an ssh session, which shows something weird -- I set the environment >variable to include "notraverse" in CYGWIN (as suggested by Igor), and >I do see it when running a bash shell on the machine (via VNC), but >not through ssh. I can't really specify an easy way to reproduce the >problem, since it involves installing DevStudio (7.1, FWIW), and >trying to invoke it through a public-key based ssh session. You are apparently setting CYGWIN in your local user environment. You'd want to set in it you system environment or use the method I showed above to set it for just this service. >On Jul 10, Igor Pechtchanski wrote: >> [...] >> Another WAG. > >(What is a WAG??) >> Another thing to try is to get a system-owned shell and run >> DevStudio from it -- I'd guess you'll get the same errors. That may >> be problematic to do via VNC, though. > >How do I start such a shell? Google for "system-owned shell cygwin". One of the hits is this: -- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 838 Washington Street (508) 893-9889 - FAX Holliston, MA 01746 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/