ssh patches to fix installation issues
Ross Smith II
ross@smithii.com
Wed Oct 23 18:35:00 GMT 2002
Attached are three small patches to the following files:
/bin/ssh-host-config
/bin/ssh-user-config
/usr/doc/Cygwin/openssh-3.4p1-5.README
to fix some installation issues and better explain using sshd in Windows.
The ssh-user-config changes are due to the fact that the default cygwin
umask is 000. Maybe a .bash_profile could be created containing umask 022
when the user's home directory is first created. Just a thought.
This is the culmination of 6 hours of list perusing, and hair pulling, so
it's definitely "field tested".
Hope this helps,
Ross Smith
--- ssh-host-config.orig 2002-07-07 03:07:12.000000000 -0700
+++ ssh-host-config 2002-10-23 16:11:12.000000000 -0700
@@ -164,6 +164,7 @@
if [ $_nt -gt 0 ]
then
chown system.system /var/empty
+ chmod 755 /var/empty
fi
fi
--- ssh-user-config.orig 2002-06-21 13:32:33.000000000 -0700
+++ ssh-user-config 2002-10-23 16:15:24.000000000 -0700
@@ -123,6 +123,8 @@
fi
fi
+chown `whoami` ${pwdhome}
+
if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
then
echo "${pwdhome}/.ssh is existant but not a directory. Cannot create user
identity files."
@@ -139,6 +141,8 @@
fi
fi
+chmod 755 ${pwdhome}/.ssh
+
if [ ! -f "${pwdhome}/.ssh/identity" ]
then
if request "Shall I create an SSH1 RSA identity file for you?"
@@ -196,5 +200,8 @@
fi
fi
+chmod 600 ${pwdhome}/.ssh/*
+chmod 644 ${pwdhome}/.ssh/*.pub ${pwdhome}/.ssh/authorized_keys?
+
echo
echo "Configuration finished. Have fun!"
--- openssh-3.4p1-5.README.orig 2002-10-23 15:20:39.000000000 -0700
+++ openssh-3.4p1-5.README 2002-10-23 16:23:03.000000000 -0700
@@ -123,12 +123,53 @@
- If you want to authenticate via RSA and you want to login to that
machine to exactly one user account you can do so by running sshd
- under that user account. You must change /etc/sshd_config
- to contain the following:
+ under that user account.
+
+ * Change /etc/sshd_config to contain
RSAAuthentication yes
- Moreover it's possible to use rhosts and/or rhosts with
+ * Make sure you have executed the following:
+
+ $ ssh-host-config
+ $ ssh-user-config
+
+ * Due to the fact that cygwin's default umask is 0000, you will need
+ to execute the following (substituting your user name for USERNAME):
+
+ chown USERNAME ~
+ chmod 755 ~ ~/.ssh
+ chmod 600 ~/.ssh/*
+ chmod 644 ~/.ssh/*.pub ~/.ssh/authorized_keys?
+
+ * Reinstall the ssh daemon to run as the user. Execute the following
+ (substituting your user name for USERNAME, and your password for
PASSWORD):
+
+ chmod 666 /var/log/sshd.log /var/empty
+ rm -fr /var/log/sshd.log /var/empty
+ touch /var/log/sshd.log
+ chmod 644 /var/log/sshd.log
+ chmod 755 /var/empty
+ chown USERNAME.None /var/empty /etc/ssh_host_* /var/log/sshd.log
+ cygrunsrv --stop sshd
+ cygrunsrv --remove sshd
+ cygrunsrv --install sshd -e "CYGWIN=glob ntsec binmode" \
+ -u USERNAME \
+ -w "PASSWORD" \
+ -d "sshd" \
+ -p /usr/sbin/sshd.exe \
+ -1 /var/log/sshd.log \
+ -2 /var/log/sshd.log \
+ -a "-e -D"
+ cygrunsrv --start sshd
+
+ * NOTE: The user will not be able to login using their Windows password.
+ They will only be able to login using RSA authentication.
+
+ Therefore, you will need to copy your identity.pub and id_??a.pub
+ files into authorized_keys, and authorized_keys2, respectfully.
+
+ Moreover, it's possible to use rhosts and/or rhosts with
RSA authentication by setting the following in sshd_config:
RhostsAuthentication yes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssh-host-config.diff
Type: application/octet-stream
Size: 240 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20021023/2950524e/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssh-user-config.diff
Type: application/octet-stream
Size: 683 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20021023/2950524e/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssh-3.4p1-5.README.diff
Type: application/octet-stream
Size: 2024 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20021023/2950524e/attachment-0002.obj>
-------------- next part --------------
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list