Re: Where can I find the official cygwin openssh documentation?

Sun, 02 Dec 2012 12:43:35 -0800 

On 12/2/2012 2:43 PM, David T-G wrote:

Christopher, et al --

...and then Christopher Faylor said...
%
% On Sun, Dec 02, 2012 at 11:50:08AM -0500, Mike Richardson wrote:
% >I'm trying to set up an openssh server on Windows using cygwin.  I
...
%
% The "recommended" procedure is to follow the defaults when running those
% scripts unless you have specific needs which require something
% different.

I don't know that I need anything different, but I've had trouble with
sshd ever since Vista.  I'm still nailing down the details for a proper
trouble report, but I'm currently wrestling with a Win 7 laptop and have
only gotten as far as running as my privileged "root" account -- which
means I can only log in as root rather than switching.


If you're having trouble with switching the user context, it sounds to
me like you're running 'sshd' as 'root' and that's not going to allow
you to change user context by default.  Details on what's happening in
Windows to permit this can be found in the Users Guide here:

<http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview>

So, you're left with 2 choices:

  1. Rework the permissions of your 'root' user to match that of
     XP's 'SYSTEM' user or the 'cyg_server' user that gets created
     when you run 'ssh-host-config' on post XP OSs plus change all
     the ownerships and permissions on various files and directories
     that 'sshd' accesses to be either 'SYSTEM' or 'cyg_server' (see
     'ssh-host-config' for details).

  2. Just blow away your installation, reinstall, and run 'ssh-host-config'
     and, optionally, 'ssh-user-config', to get things set up properly.

Either should work, though (1) opens a potential security risk by creating
another user on the system with elevated rights.  It also requires you to
understand and configure more yourself.

--
Larry

_____________________________________________________________________

A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply via email to