Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Date: Thu, 20 Oct 2005 11:30:33 -0400
From: Albert Lunde <atlunde AT panix DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: sshd refuses ssh connections
Message-ID: <20051020153033.GA11898@panix.com>
References: <4356C85C DOT 130BF479 AT dessent DOT net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <4356C85C.130BF479@dessent.net>
User-Agent: Mutt/1.5.10i

On Wed, Oct 19, 2005 at 03:27:40PM -0700, Brian Dessent wrote:
> Brian Dessent wrote:
> 
> > No, it's a red herring.  The host keys should be readable only by the
> > process that runs sshd.  This must be SYSTEM in order for impersonation
> > to work.  Thus they should be readable only by SYSTEM, and that is how
> > ssh-host-config sets things up, correctly.  So if you try to run sshd as
> > your normal user account, it will not work.  That's why it's a bad idea
> > to mess around with running sshd from a regular prompt, because you will
> > run into all kinds of permissions/ownership issues unless you know
> > precisely what you're doing.
> 
> The footnote to this is that if you obtain a shell as the SYSTEM user,
> you can run sshd from a prompt in debugging mode without any issues. 
> There is a script somewhere in the mailing list archives, I think it's
> called "sysbash", that achieves this.

One can also do this with the commercial product "Firedaemon"

http://www.firedaemon.com/

which is a generic service control GUI.

-- 
    Albert Lunde 

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/