Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Wed, 9 Nov 2005 12:57:09 +0200
Message-Id: <200511091057.jA9Av9pB016778@beta.mvs.co.il>
From: "Ehud Karni" <ehud AT unix DOT mvs DOT co DOT il>
To: liqiuxing AT hotmail DOT com
Cc: cygwin AT cygwin DOT com
Subject: Re: How to run cygwin sshd as a domain user?
In-reply-to: <BAY104-DAV83700212B0D338CBC0FAABF640@phx.gbl> (message from Xing 	Qiu on Tue, 8 Nov 2005 13:20:25 -0500)
Reply-to: ehud AT unix DOT mvs DOT co DOT il
References: <BAY104-DAV37AC7D57E74B0DE0FAA91BF620 AT phx DOT gbl> <436FF172 DOT 6080702 AT cygwin DOT com> <BAY104-DAV83700212B0D338CBC0FAABF640 AT phx DOT gbl>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-8-i
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

On Tue, 8 Nov 2005 13:20:25 -0500, Xing Qiu <liqiuxing AT hotmail DOT com> wrote:
>
> No, I tried that, and it didn't work.  As far as I understand, cygrunsrv is
> just a wrapper to run some daemon in the background. I simply can't start
> sshd with my own user.  Below are the error messages:
            ^^^^^^^^^^^
>
> $ /usr/sbin/sshd.exe -d
> debug1: sshd version OpenSSH_4.1p1
> Could not load host key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_dsa_key
> Disabling protocol version 1. Could not load host key
> Disabling protocol version 2. Could not load host key
> sshd: no hostkeys available -- exiting.
>
> Here is the result of ls -lh /etc/ssh* :
>
> $ ls -lh /etc/ssh*
> -rwx------  1 SYSTEM SYSTEM      1.3K Nov  4 15:03 /etc/ssh_config
> -rw-------  1 SYSTEM SYSTEM       668 Oct 30 19:37 /etc/ssh_host_dsa_key
> -rw-r--r--  1 SYSTEM SYSTEM       600 Oct 30 19:37 /etc/ssh_host_dsa_key.pub
> -rw-------  1 SYSTEM SYSTEM       525 Oct 30 19:37 /etc/ssh_host_key
> -rw-r--r--  1 SYSTEM SYSTEM       329 Oct 30 19:37 /etc/ssh_host_key.pub
> -rw-------  1 SYSTEM SYSTEM       883 Oct 30 19:37 /etc/ssh_host_rsa_key
> -rw-r--r--  1 SYSTEM SYSTEM       220 Oct 30 19:37 /etc/ssh_host_rsa_key.pub
> -rw-r--r--  1 xqiu   mkgroup-l-d 2.8K Nov  4 15:03 /etc/sshd_config
>
> And if I do what the FAQ tells me to do, I get the following error message:
>
>
> cygrunsrv -I "Xing_sshd" -p /usr/sbin/sshd -a '-D' -u xqiu -w mypasswd
                                                     ^^^^^^^
> ...
>
> $ cygrunsrv -S Xing_sshd
> cygrunsrv: Error starting a service: QueryServiceStatus:  Win32 error 1053:
> The service did not respond to the start or control request in a timely
> fashion.
>
> Should I go ahead change the ownership of /etc/ssh* ?

Yes !  If you want to run it with your own user, you must own the
/etc/ssh*key files (only the ownership is important).

Try it first with "StrictModes" and "UsePrivilegeSeparation" changed
to  "no"  (in /etc/sshd_config).

Ehud.


--
 Ehud Karni           Tel: +972-3-7966-561  /"\
 Mivtach - Simon      Fax: +972-3-7966-667  \ /  ASCII Ribbon Campaign
 Insurance agencies   (USA) voice mail and   X   Against   HTML   Mail
 http://www.mvs.co.il  FAX:  1-815-5509341  / \
 GnuPG: 98EA398D <http://www.keyserver.net/>    Better Safe Than Sorry

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/