[ANNOUNCEMENT] Updated: csih-0.1.3-1

Charles Wilson cygwin@cwilson.fastmail.fm
Thu Apr 3 04:52:00 GMT 2008 

Attached is an updated implementation of ssh-host-config that uses csih. 
It seems to work pretty well for the various tests I've put it through, 
although it REQUIRES csih-0.1.3.

(However, the -w/--pwd option doesn't operate correctly, unless you have 
patched csih. This problem isn't awful: it's just as if the -w option 
were ignored, and you get asked for the password instead)

If you are on WinServer2003/2008 or Vista, this should use/create a 
privileged user. If you already have one (sshd_server, cron_server, or 
cyg_server), then it will use that. If you don't already have one, then 
it will create 'cyg_server' -- or ask you for a name.

If you are on an older windows (but still NT or better), it will use 
LocalSystem, unless you invoke ssh-host-config with the '--privileged' 
option -- in which case behavior is like Vista & friends, above.

IF you have installed the [test] inetutils-1.5 packages (with support 
for xinetd-style /etc/inetd.d/* fragments), then this ssh-host-config 
will NOT add a [commented-out] ssh entry to /etc/inetd.config; instead 
it will use the attached /etc/default file and create 
/etc/inetd.d/sshd-inetd.  (Assuming you save the attached file as 
/etc/defaults/etc/inetd.d/sshd-inetd)

If you're still using the [current] inetutils-1.3.2-* packages, then 
ssh-host-config behavior is as before: it will munge the /etc/inetd.conf 
file.

Side note: interactions with inetd and init

IF
   a) you use inetd (or xinetd) to invoke sshd, instead of installing 
sshd as a service
   b) you are on 2003/2008/Vista where sshd MUST be run from a 
privileged user, (or you are on NT/2k/XP, but you want to 'play' with 
--privileged)

Then inetd/xinetd must be run from that privileged user account (because 
slave daemons inherit inetd's user -- or inetd's user must be privileged 
anyway in order to switch user context to the desired/specified user.)

Furthermore, if the above is all true AND you launch inetd or xinetd 
itself from sysvinit's init process, then /init/ must be run from a 
[the?] privileged account as well. Unfortunately, init-config does not 
support this behavior out of the box, so you have to manually install 
the init service (and don't forget to chown /etc/inittab, /etc/rc, and 
/var/log/init.log)

--
Chuck


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ssh-host-config
URL: <http://cygwin.com/pipermail/cygwin/attachments/20080403/4c76957d/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: csih-changes-for-sshd
URL: <http://cygwin.com/pipermail/cygwin/attachments/20080403/4c76957d/attachment-0001.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: etc_defaults_etc_inetd.d_sshd-inetd
URL: <http://cygwin.com/pipermail/cygwin/attachments/20080403/4c76957d/attachment-0002.ksh>
-------------- next part --------------
--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

More information about the Cygwin mailing list