X-Recipient: archive-cygwin AT delorie DOT com DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org DCC193887023 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1586391483; bh=bnL5C17t3RnsIFBgF8R3DK2Rni01zuos534MBaMxJJg=; h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=l5nfaSEwDFDwt18EN4g3i7AncdrcKuvW/F/Laqu+YgojLMX8+LRV0nhTHWKhI8iX5 Kht88MIfyf+hNYQZyOD/V1mjeDzQWgXrncpTAW2qYNPZgWanzSvLQTKDq4EOkliq8p K9+ntStcVO4Fja2iCjNv5hyq9WcCY4ijGHqAxDQc= X-Original-To: cygwin AT cygwin DOT com Delivered-To: cygwin AT cygwin DOT com DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 2BE873887016 X-Authority-Analysis: v=2.3 cv=LKf9vKe9 c=1 sm=1 tr=0 a=95A0EdhkF1LMGt25d7h1IQ==:117 a=95A0EdhkF1LMGt25d7h1IQ==:17 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=IkcTkHD0fZMA:10 a=SMorJkV_YP8A:10 a=cl8xLZFz6L8A:10 a=6HqDtAOVJbB4yl3i5loA:9 a=QEXdDO2ut3YA:10 To: cygwin AT cygwin DOT com Subject: Re: Using ARM GNU GCC with Cygwin X-PHP-Originating-Script: 501:rcmail.php MIME-Version: 1.0 Date: Wed, 08 Apr 2020 17:17:56 -0700 Organization: Cygwin Mailing List In-Reply-To: <5b9feca8-01c8-d2a2-f020-5350ebc51783@acm.org> References: <51717d4a9c861fd90b5f9a58b84b308a AT mail DOT kylheku DOT com> <38a47b9b-f43a-3727-2205-f02f0dbd48d0 AT gmail DOT com> <867844f7772cbc73326eeb57b85a0ab8 AT mail DOT kylheku DOT com> <5b9feca8-01c8-d2a2-f020-5350ebc51783 AT acm DOT org> Message-ID: X-Sender: 920-082-4242 AT kylheku DOT com User-Agent: Roundcube Webmail/0.9.2 X-CMAE-Envelope: MS4wfOmtpZLLho8smSOm7hz7o60nQ9McwCRgjH+8fa+F5E6spEadTfpPu23ikQpLnif9HJIpLeubjVJNOYJftPMrPUv47KOP1R+I3Kthq0Ln3yuIRGX6B0d3 JJ8n4P+yWIjnBjyjtHCf2RNSorQWzPizQqsG+9LVdR5AuQCXTJI2sFjMtyiXDFiXe39eTBvlGykyZ4fN8c7BceWtMLcHDz0DCN4= X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, FROM_STARTS_WITH_NUMS, KAM_DMARC_STATUS, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: cygwin AT cygwin DOT com X-Mailman-Version: 2.1.29 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Kaz Kylheku via Cygwin Reply-To: Kaz Kylheku <920-082-4242 AT kylheku DOT com> Content-Type: text/plain; charset="utf-8"; Format="flowed" Errors-To: cygwin-bounces AT cygwin DOT com Sender: "Cygwin" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by delorie.com id 0390IWcZ014079 On 2020-04-08 13:58, David Rothenberger wrote: > On 4/8/2020 1:50 PM, Kaz Kylheku via Cygwin wrote: >> On 2020-04-04 11:58, Åke Rehnman via Cygwin wrote: >> I have a major use case for Cygwin for providing remote access >> to Windows. Using a non-Cygwin utility called "RunAsService.EXE", >> I turned a Cygwin Bash script into a Windows service. This Bash >> script loops around and makes a SSH connection to a host >> in a domain that I control, setting up a tunnel for port 3389 >> (RDP). From that domain, I can then remote desktop into the >> Windows system. Basically I can deploy this solution on any >> Windows machine on any network where outbound SSH is allowed, and >> have remote access to it. > > You might want to look at the "autossh" Cygwin package. It handles > exactly this use case and can be registered as a Windows service > without any non-Cygwin utilities. Hi David, thanks for bringing this to my attention. That seems to use something called cygrunsrv, which is what I should have used for that script (and will be sure to do upon the next opportunity of using it again). > Just look at > > /usr/share/doc/autossh/README.Cygwin > > after you install the package for details about the service. > > I've been using this for years for the purpose you've described and > it's been working great. I'm reading the documentation and basically my 25 line script has all the features, including exponential backoff for restarting a failed connection. I'm not terribly in favor of formal packages that can be replaced by a shell scripts that fit into an 80x25 window. Here it is: #!/bin/bash PATH=/bin:/usr/bin THISDIR=/cygdrive/C/Cygwin/.ssh DEST=xxxx AT xxxx sleep_exp=0 while true ; do time_before=$(date +%s) ssh -i $THISDIR/id_rsa -vv -R :3389:127.0.0.2:3389 \ -o UserKnownHostsFile=$THISDIR/known_hosts \ -o PasswordAuthentication=no \ -o ServerAliveInterval=60 \ -o ServerAliveCountMax=3 \ $DEST rdp 2> /.ssh/log time_now=$(date +%s) if [ $(( time_now - time_before )) -le 600 ] ; then sleep_exp=$(( sleep_exp >= 9 ? sleep_exp : sleep_exp + 1 )) else sleep_exp=0 fi sleep $(( ((1 << sleep_exp) + 15) / 16 )) done Why do we execute a command called "rdp" on the remote host? Because the home directory of the account that is used has the following shell script as its login shell: #!/bin/bash if [ $# -ne 2 ] || [ "$1" != "-c" ] ; then echo interactive login not permitted echo "$@" >> ~/.log exit 1 fi case "$2" in rdp ) while true ; do sleep 3600 ; done ;; * ) echo that command is not allowed exit 1 ;; esac This is necessary because the Windows machine has a password-unprotected private key that it uses to log in to this. The service automatically starts if the Windows is rebooted, without requiring any password. Anyone with access to the Windows machine (such as an IT admin) who finds this stuff could use that key to SSH to that account on that host. -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple