X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=NYYG8x4QQoRiYP3H tR7bsKlIJVao+Mn0j7ysnYcd4iuYB1zA4fe0xvcuZsQ0OZF4jsVaiXSTmTbpdSo6 Lydb6cT6O6GOjx4HMoUrMXGlCM0bUwbFxHT9sFT5Nj/IOQP34YkDy3MNYxbMqjbY 80pA+tPjQAUvBMrnEyx6FlmRfXs= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; s=default; bh=0EteXTh1cNVpivnxlckaLC IdHMs=; b=ofUAvbCD7OlGCLniJ0cbt4PxnapsOVCQfWhc80yE5SkYoLFJ4tfXW9 OHXtH7MQFzIh9NAv+bP/B4JA6MS8gnKkv08A38RyxrWxfSd0Uqmpz4pgHoL0V6tN lDioFIbbHq0Py2+cjaBUSwtAfaH4cgq86hARLxnrgjYLCKgtXuqSs= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,SPF_PASS autolearn=no version=3.3.2 spammy=reconfiguring X-HELO: mail-wm0-f41.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=C4isXhB7o6vLhQgK/tZP9N3XxalglnUcWijEANKEEw0=; b=Uh8bBPCcJHw6FytndH6Rt/26r4HkjEVpkisUrYoy8QJmAfWG0+tXeXDMQXBNbOpgCa HO2vNcCseout03bq1eRHYBTkvPfV3P47XaG5c+Aaa/zmE+vYGbHaMhB6luvCNNiQ7Knj qan9045gg1zGFnmRR+x78rrNRoIEe3Y6h56bGx7VitNeIakUUNRouzh9GfoN0b2e1bya zuHukGmJT5unTQQpw7oaWAe05cPwuuXYm4pbH48nbRFuQl10DpKoem3KCBldFN4xlypS c+Fy3nTHx82ePRhVn/iDkEaK1aHBxGDt18vV7UOrjWn7elvIOunwD9neh0WRJq0m38zM nMqw== X-Gm-Message-State: AN3rC/6umAwIZLhh17zJXqIk6iaefBRhiwvXg/kqg9W/QZPonsI0day2 D5mPkek+9NCuy/cW X-Received: by 10.28.48.70 with SMTP id w67mr4589456wmw.124.1492329323615; Sun, 16 Apr 2017 00:55:23 -0700 (PDT) Subject: Re: How to create root account to own /var/empty for ssh? To: cygwin AT cygwin DOT com References: <58F24188 DOT 3060503 AT tlinx DOT org> <93276a4b-b80f-b39d-ea16-4975a080c9a3 AT gmail DOT com> <58F2918D DOT 2020703 AT tlinx DOT org> From: Marco Atzeri Message-ID: <66c6d82f-5d0c-3b75-ce0c-f2b7f4212bb3@gmail.com> Date: Sun, 16 Apr 2017 09:55:19 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <58F2918D.2020703@tlinx.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes On 15/04/2017 23:33, L A Walsh wrote: > Marco Atzeri wrote: >> >>> >>> How am I supposed to make ssh happy? >>> >>> Thanks! >>> -l >>> >> >> user separation ? >> >> $ ls -ld /var/empty >> drwxr-xr-x+ 1 cyg_server Administrators 0 Jan 7 2015 /var/empty > > Um, could elaborate? I mean do I just create a user called > cyg_server, and that makes it sshd happy? Or how is user > separation different than having root own the directory? > > Also, is it the same separation mentioned in this > deprecation message?: > >> /sbin/sshd > /etc/sshd_config line 105: Deprecated option UsePrivilegeSeparation > /var/empty must be owned by root and not group or world-writable. > > ...or has the option been renamed? FWIW -- this *used* to work on my > machine until the upgrade. > > Thanks again! usage: ssh-host-config [OPTION]... Options: --debug -d Enable shell's debug output. --yes -y Answer all questions with "yes" automatically. --no -n Answer all questions with "no" automatically. --cygwin -c Use "options" as value for CYGWIN environment var. --name -N sshd windows service name. --port -p sshd listens on port n. --user -u privileged user for service, default 'cyg_server'. --pwd -w Use "pwd" as password for privileged user. --privileged On Windows XP, require privileged user instead of LocalSystem for sshd service. Hi, long time I am not reconfiguring the sshd server, but ssh-host-config should propose by default the user separation and propose the creation of cyg_server user for that scope. Regards Marco -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple