This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ssh configuration that is pulling my hair out!


In addition to making sure that the SYSTEM account is
in the /etc/passwd file, you can change the
permissions on a few directories (or check them to
make sure that they at least resemble the
following)before running the ssh-host-config routine:

chown -R 544:544 /var
chown -R 18:18 /var/log/sshd.log
chown -R 544:544 /etc/ssh*
chown 18:18 /etc/ssh_host*_key

This is assuming that the SYSTEM account is mapped to
UID 18 and the local Administrator account (or
BuiltInAdministrator) is mapped to UID 544 and GID
544.

You shouldn't have to do this with the more recent
releases of the Cygwin "kernel" and the later versions
of OpenSSH (i.e. 3.7.x), but this has always done the
trick for me in the past.  Oh yeah, I also set the
CYGWIN variable to tty ntsec before running
"ssh-host-config -y", but I believe that you have the
opportunity to set that during the prompting that the
ssh-host-config routine provides.

If you get errors changing group and user ownership by
hand, make sure that the account that you are logged
into the cygwin shell with is at least part of the
local "Administrators" group within the /etc/group
file (i.e. 544).  It may not hurt to run mkpasswd -l >
/etc/passwd and mkgroup -l > /etc/group to make sure
that your local accounts are setup in the password and
group files respectively.  As a last resort recheck
the NT permissions on the directory that you installed
cygwin on.  Make sure that you have Full Control on
that directory and its subdirectories by either being
part of whatever group(s) already have access, or by
explicitly granting that access to yourself and
propagating the acls down the directory hierarchy.

Hope that this helps ....

>Hello,
>I'm trying to setup sshd and I'm getting to success
at >all.  Here's my 
>situation.  I've followed the instructions at 
>http://tech.erdelynet.com/cygwin-sshd.html and when I
>run 
>*ssh-host-config -y* I get this error message.

>To start the service, call `net start sshd' or
>`cygrunsrv -S sshd'.
>chown: changing ownership of `/etc/ssh_config':
>Permission denied
>chown: changing ownership of `/etc/ssh_host_dsa_key':
>Permission denied
>chown: changing ownership of
>`/etc/ssh_host_dsa_key.pub': Permission 
>denied
>chown: changing ownership of `/etc/ssh_host_key':
>Permission denied
>chown: changing ownership of `/etc/ssh_host_key.pub':
>Permission denied
>chown: changing ownership of `/etc/ssh_host_rsa_key':
>Permission denied
>chown: changing ownership of
>`/etc/ssh_host_rsa_key.pub': Permission 
>denied
>chown: changing ownership of `/etc/sshd_config':
>Permission denied
>chown: changing ownership of `/var/empty': Permission
>denied
>chown: changing ownership of `/var/log/sshd.log':
>Permission denied

>When I attempt to run the service I get this error
>message in the logs

The description for Event ID ( 0 ) in Source ( sshd )
cannot be found. 
The local computer may not have the necessary registry
information or 
message DLL files to display messages from a remote
computer. The 
following information is part of the event: sshd : PID
1968 : starting 
service `sshd' failed: execv: 1, Operation not
permitted.

I'm running on a Windows 2000 Pro box but it is part
of a domain but I 
installed cygwin as a local user to the box.  I don't
have 
administration permissions but the user account has
admin privs for the 
local box.  I tried the suggestions from this earlier
post at 
http://sources.redhat.com/ml/cygwin/2003-10/msg00319.html.
 But no 
luck.  I was able to run the sshd from a command
prompt but I was 
unable 
to log on doing "ssh localhost" and using a known
account.  Any 
suggestions?   Thanks!

Jose Torres

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]