Message-Id: <200603020600.k2260UOq023298@delorie.com>
X-Spam-Check-By: sourceware.org
X-DN-AuthenticatedSender: KHP4FFR6EFCRWRUHUHPAUL9TY3J7M6YN-EfYTik0VuLYzt8UPvmY4qQuqfocTvnyVUYOkrst+0/KxPLdgstrCcxSjakLEceyoOjxQsoP4Cy0=---
From: "Siegfried Heintze" <siegfried AT heintze DOT com>
To: <cygwin AT cygwin DOT com>
Subject: RE: OpenSSH for Non Administrators
Date: Wed, 1 Mar 2006 23:00:12 -0700
MIME-Version: 1.0
Content-Type: text/plain; 	charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <Pine.GSO.4.63.0602281623070.13972@access1.cims.nyu.edu>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

I looked in http://www.openssh.com/faq.html#1.1 as reference by
c:/cygwin/usr/share/doc/openssh/README and I'm having trouble finding the
document that explains how to set ssh up as a service on a windows server.
Can someone please point me to the correct document?
c:/cygwin/usr/share/doc/openssh/README said to refer to the INSTALL document
but I see no such in c:/cygwin/usr/share/doc/openssh. Is my installation
incomplete?

There seems to be a lot of information in "man sshd" and "info sshd" but I
could not find where it explains to start it up as a service. No wait: it
says it is normally started in /etc/rc but my cygwin installation has no
such directory. Don't I have to do something with cygrunsrv or some such
utility? Where is the documentation on ssh-host-config that Damian is using
below? I tried man and info with no luck.

Can cygwin ssh be used with the -X option to open an X session on a windows
server? 

Can cygwin ssh be used with VNC to open a VNC session on a remote server? I
have successfully open a session using plain "RealVNC" server on the windows
server (from red hat 8) and would like to do it securely with ssh.

Thanks,
Siegfried

-----Original Message-----
From: cygwin-owner AT cygwin DOT com [mailto:cygwin-owner AT cygwin DOT com] On Behalf Of
Igor Peshansky
Sent: Tuesday, February 28, 2006 2:27 PM
To: Damian Sobieralski
Cc: cygwin AT cygwin DOT com
Subject: Re: OpenSSH for Non Administrators

On Tue, 28 Feb 2006, Damian Sobieralski wrote:

> My apologies if this has asked before.  I researched as much as I could
> on my own. I hope a kind soul can direct me to a useful resource.
>
>  I installed Cygwin on a Windows 2003 Server with OpenSSH 4.2p1-1.
> After installing I ran ssh-host-config and chose privilege separation.
>
> "privilege separation" -> Yes
> "create local user sshd_server" -> Yes
> "install sshd as a service" -> Yes
> CYGWIN="  -> ntsec
>
>  I synced the users and passwords with:
>
> mkpasswd   --local   >   /etc/passwd
> mkgroup   --local    >   /etc/group

I'm guessing this is your problem right here.  Which user did you do this
as?  If you did this as yourself, it could be that these files are only
readable by the Administrators group, which explains why those users can
log in.  Either those, or some other file needed for the login...
Perhaps the shell (/bin/sh or /bin/bash)?

What does "ls -l /etc/{passwd,group} /bin/sh /bin/bash" print?

>  Now the weird thing is that I am able to log in (ssh in).  I'm part of
> the administrator group.  I set up another user as a "normal" user and
> they are not able to authenticate and get in.  If I promote this user to
> be part of the administrator group he/she is able to get in.
>
>  I read this thread and noticed a poster stated if one read the readme
> in /usr/share/doc/Cygwin that this should cover all I need to know.  I
> did read it and I am not seeing where I made the mistake.  Can anyone
> assist me on where I am making a mistake?
>
> http://www.cygwin.com/ml/cygwin/2005-10/msg01043.html

It would also help if you followed

> Problem reports:       http://cygwin.com/problems.html

just in case you have some other peculiarity on your system.
HTH,
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_	    pechtcha AT cs DOT nyu DOT edu |
igor AT watson DOT ibm DOT com
ZZZzz /,`.-'`'    -.  ;-;;,_		Igor Peshansky, Ph.D. (name
changed!)
     |,4-  ) )-,_. ,\ (  `'-'		old name: Igor Pechtchanski
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends
compte."
"But no -- you are no fool; you call yourself a fool, there's proof enough
in
that!" -- Rostand, "Cyrano de Bergerac"

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/