X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Message-ID: <96c450350712230448q14dc0ac3s34e85de08d9b6e9f@mail.gmail.com>
Date: Sun, 23 Dec 2007 06:48:27 -0600
From: "Kevin Hilton" <kevhilton AT gmail DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: Struggling to setup sshd with Windows Vista
In-Reply-To: <96c450350712230222s3549d224m75974cd082bf71a3@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <96c450350712230222s3549d224m75974cd082bf71a3 AT mail DOT gmail DOT com>
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Just another thing that I have noticed:

$ /usr/sbin/sshd -d -d -d -D
debug2: load_server_config: filename /etc/sshd_config
debug2: load_server_config: done config len = 210
debug2: parse_server_config: config /etc/sshd_config len 210
debug3: /etc/sshd_config:13 setting Port 22
debug3: /etc/sshd_config:21 setting Protocol 2
debug3: /etc/sshd_config:42 setting StrictModes no
debug3: /etc/sshd_config:96 setting UsePrivilegeSeparation yes
debug3: /etc/sshd_config:110 setting Subsystem sftp     /usr/sbin/sftp-server
debug1: sshd version OpenSSH_4.7p1
debug3: Not a RSA1 key file /etc/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
/var/empty must be owned by root and not group or world-writable.

Who should be the owner of /var/empty.  Right now I have:
drwxr-xr-x+  2 SYSTEM SYSTEM       0 Dec 22 22:40 empty

On Dec 23, 2007 4:22 AM, Kevin Hilton <kevhilton AT gmail DOT com> wrote:
> Where to start??
>
> I attempting to setup the sshd within Windows Vista.  For this OS
> documentation seems scant.
> openssh version OpenSSH_4.7p1, OpenSSL 0.9.8g 19 Oct 2007
>
> At this point I dont care about priviledge separation.  I can use it,
> or not.  I attempted to setup the daemon using ssh-host-config and
> answered yes to using privledge separation.
> Now Im stuck since I cant undo the process.
>
> Im find the /usr/share/doc/openssh/README.privsep file not to be all
> that helpful
>
>
> Currently Im getting the following:
> $ net start sshd
> System error 1069 has occurred.
>
> The service did not start due to a logon failure.
>
> With /var/log/sshd.log Im finding:
> Privilege separation user sshd does not exist
>
> Here is my setup:
> $ ssh-host-config
> Overwrite existing /etc/ssh_config file? (yes/no) yes
> Generating /etc/ssh_config file
> Overwrite existing /etc/sshd_config file? (yes/no) yes
> Privilege separation is set to yes by default since OpenSSH 3.3.
> However, this requires a non-privileged account called 'sshd'.
> For more info on privilege separation read /usr/share/doc/openssh/README.privsep
> .
>
> Should privilege separation be used? (yes/no) yes
> Generating /etc/sshd_config file
>
> Host configuration finished. Have fun!
>
> $ more /etc/passwd
> SYSTEM:*:18:544:,S-1-5-18::
> Administrators:*:544:544:,S-1-5-32-544::
> Administrator:unused_by_nt/2000/xp:500:513:U-Darien\Administrator,S-1-5-21-22494
> 56148-3830241392-4138796912-500:/home/Administrator:/bin/bash
> Guest:unused_by_nt/2000/xp:501:513:U-Darien\Guest,S-1-5-21-2249456148-3830241392
> -4138796912-501:/home/Guest:/bin/bash
> IUSR_NMPR:unused_by_nt/2000/xp:1000:513:IUSR_NMPR,U-Darien\IUSR_NMPR,S-1-5-21-22
> 49456148-3830241392-4138796912-1000:/home/IUSR_NMPR:/bin/bash
> klal:unused_by_nt/2000/xp:1001:513:U-Darien\klal,S-1-5-21-2249456148-3830241392-
> 4138796912-500:/home/klal:/bin/bash
> sshd:unused_by_nt/2000/xp:1002:513:sshd privsep,U-Darien\sshd,S-1-5-21-224945614
> 8-3830241392-4138796912-1002:/var/empty:/bin/false
>
> Its obvious I need to do something more with the sshd user?? What do I do?
>



-- 
Kevin Hilton

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/