This is the mail archive of the
cygwin
mailing list for the Cygwin project.
RE: Windows hardening and system paths
- From: "Mikkel Rostock" <mikkel at nsales dot dk>
- To: <cygwin at cygwin dot com>
- Date: Thu, 18 Aug 2005 11:20:20 +0200
- Subject: RE: Windows hardening and system paths
Hello again,
I have installed Cygwin on Windows Server 2003, with the purpose of using
SSH in Windows. Cygwin is installed with the initial option (in setup) to
use UNIX file format and install for All Users.
I have installed the following packages:
. (1.10-1) cygrunsrv: NT/W2K service initiator
. (4.1p1-2) openssh: The OpenSSH server and client programs
. (0.9.8-2) openssl: The OpenSSL runtime environment
. (0.9.7g-1) openssl097: The OpenSSL 0.9.7 runtime environment
> what program you're trying to run as a service
The service that fails to start is Cygwin sshd.
> whether you set the permissions and ownership of files correctly
I haven't changed permissions for any files, since usually when I install it
on Windows XP this is not necessary.
> created the proper user accounts
The service is set to use LocalSystem account
> nor the contents of the event log or the /var/log/*.log files;
Sshd.log contains this:
----------------------------------------------------------------------------
Could not load host key: /etc/ssh_host_key
Could not load host key: /etc/ssh_host_rsa_key
Could not load host key: /etc/ssh_host_dsa_key
Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
----------------------------------------------------------------------------
> nor your cygcheck output
Cygcheck output:
----------------------------------------------------------------------------
Cygwin Configuration Diagnostics
Current System Time: Thu Aug 18 10:33:28 2005
Windows 2000 Server Ver 5.0 Build 2195 Service Pack 4
Running in Terminal Service session
Path: D:\Cygwin\usr\local\bin
D:\Cygwin\bin
D:\Cygwin\bin
D:\Cygwin\usr\X11R6\bin
c:\WINNT\system32
c:\WINNT
c:\WINNT\System32\Wbem
c:\Program Files\UMS
c:\PROGRA~1\UMS\Director\bin
.\
c:\PROGRA~1\Comshare\SHARED~1
c:\Admintools\dllCacheBackup
Output from D:\Cygwin\bin\id.exe (nontsec)
UID: 500(PyrUser) GID: 513(None)
0(root) 513(None)
544(Administrators) 545(Users)
1004(DeciWeb Users) 1058(Support)
1130(Tivoli_Admin_Privileges)
Output from D:\Cygwin\bin\id.exe (ntsec)
UID: 500(PyrUser) GID: 513(None)
0(root) 513(None)
544(Administrators) 545(Users)
1004(DeciWeb Users) 1058(Support)
1130(Tivoli_Admin_Privileges)
SysDir: C:\WINNT\system32
WinDir: C:\WINNT
USER = `PyrUser'
PWD = `/home/PyrUser'
HOME = `/home/PyrUser'
MAKE_MODE = `unix'
Use `-r' to scan registry
a: fd N/A N/A
c: hd NTFS 4094Mb 72% CP CS UN PA FC
d: hd NTFS 30616Mb 15% CP CS UN PA FC DATA
y: cd N/A N/A
. /cygdrive user binmode,cygdrive
D:\Cygwin / system binmode
D:\Cygwin/bin /usr/bin system binmode
D:\Cygwin/lib /usr/lib system binmode
. /cygdrive system binmode,cygdrive
Found: D:\Cygwin\bin\awk.exe
Found: D:\Cygwin\bin\bash.exe
Found: D:\Cygwin\bin\cat.exe
Found: D:\Cygwin\bin\cp.exe
Not Found: cpp (good!)
Found: D:\Cygwin\bin\find.exe
Found: c:\Admintools\dllCacheBackup\find.exe
Not Found: gcc
Not Found: gdb
Found: D:\Cygwin\bin\grep.exe
Not Found: ld
Found: D:\Cygwin\bin\ls.exe
Not Found: make
Found: D:\Cygwin\bin\mv.exe
Found: D:\Cygwin\bin\rm.exe
Found: D:\Cygwin\bin\sed.exe
Found: D:\Cygwin\bin\sh.exe
Found: D:\Cygwin\bin\tar.exe
56k 2005/07/09 D:\Cygwin\bin\cygbz2-1.dll
18k 2004/07/06 D:\Cygwin\bin\cygcharset-1.dll
7k 2003/10/19 D:\Cygwin\bin\cygcrypt-0.dll
858k 2005/04/11 D:\Cygwin\bin\cygcrypto-0.9.7.dll
1042k 2005/07/07 D:\Cygwin\bin\cygcrypto-0.9.8.dll
40k 2005/07/10 D:\Cygwin\bin\cygform-8.dll
45k 2001/04/25 D:\Cygwin\bin\cygform5.dll
35k 2002/01/09 D:\Cygwin\bin\cygform6.dll
48k 2003/08/09 D:\Cygwin\bin\cygform7.dll
28k 2003/07/20 D:\Cygwin\bin\cyggdbm-3.dll
30k 2003/08/11 D:\Cygwin\bin\cyggdbm-4.dll
19k 2003/03/22 D:\Cygwin\bin\cyggdbm.dll
15k 2003/07/20 D:\Cygwin\bin\cyggdbm_compat-3.dll
15k 2003/08/11 D:\Cygwin\bin\cyggdbm_compat-4.dll
17k 2001/06/28 D:\Cygwin\bin\cyghistory4.dll
29k 2003/08/10 D:\Cygwin\bin\cyghistory5.dll
24k 2005/06/26 D:\Cygwin\bin\cyghistory6.dll
991k 2004/07/06 D:\Cygwin\bin\cygiconv-2.dll
22k 2001/12/13 D:\Cygwin\bin\cygintl-1.dll
37k 2003/08/10 D:\Cygwin\bin\cygintl-2.dll
54k 2004/07/06 D:\Cygwin\bin\cygintl-3.dll
21k 2001/06/20 D:\Cygwin\bin\cygintl.dll
21k 2005/07/10 D:\Cygwin\bin\cygmenu-8.dll
26k 2001/04/25 D:\Cygwin\bin\cygmenu5.dll
20k 2002/01/09 D:\Cygwin\bin\cygmenu6.dll
29k 2003/08/09 D:\Cygwin\bin\cygmenu7.dll
21k 2004/10/22 D:\Cygwin\bin\cygminires.dll
67k 2005/07/10 D:\Cygwin\bin\cygncurses++-8.dll
156k 2001/04/25 D:\Cygwin\bin\cygncurses++5.dll
175k 2002/01/09 D:\Cygwin\bin\cygncurses++6.dll
225k 2005/07/10 D:\Cygwin\bin\cygncurses-8.dll
226k 2001/04/25 D:\Cygwin\bin\cygncurses5.dll
202k 2002/01/09 D:\Cygwin\bin\cygncurses6.dll
224k 2003/08/09 D:\Cygwin\bin\cygncurses7.dll
11k 2005/07/10 D:\Cygwin\bin\cygpanel-8.dll
15k 2001/04/25 D:\Cygwin\bin\cygpanel5.dll
12k 2002/01/09 D:\Cygwin\bin\cygpanel6.dll
19k 2003/08/09 D:\Cygwin\bin\cygpanel7.dll
62k 2003/12/11 D:\Cygwin\bin\cygpcre-0.dll
63k 2003/04/11 D:\Cygwin\bin\cygpcre.dll
9k 2003/12/11 D:\Cygwin\bin\cygpcreposix-0.dll
61k 2003/04/11 D:\Cygwin\bin\cygpcreposix.dll
22k 2002/06/09 D:\Cygwin\bin\cygpopt-0.dll
108k 2001/06/28 D:\Cygwin\bin\cygreadline4.dll
148k 2003/08/10 D:\Cygwin\bin\cygreadline5.dll
144k 2005/06/26 D:\Cygwin\bin\cygreadline6.dll
171k 2005/04/11 D:\Cygwin\bin\cygssl-0.9.7.dll
217k 2005/07/07 D:\Cygwin\bin\cygssl-0.9.8.dll
60k 2005/07/09 D:\Cygwin\bin\cygz.dll
1265k 2005/07/03 D:\Cygwin\bin\cygwin1.dll
Cygwin DLL version info:
DLL version: 1.5.18
DLL epoch: 19
DLL bad signal mask: 19005
DLL old termios: 5
DLL malloc env: 28
API major: 0
API minor: 132
Shared data: 4
DLL identifier: cygwin1
Mount registry: 2
Cygnus registry name: Cygnus Solutions
Cygwin registry name: Cygwin
Program options name: Program Options
Cygwin mount registry name: mounts v2
Cygdrive flags: cygdrive flags
Cygdrive prefix: cygdrive prefix
Cygdrive default prefix:
Build date: Sat Jul 2 20:30:04 EDT 2005
Shared id: cygwin1S4
Service : sshd
Display name : CYGWIN sshd
Current State : Stopped
Command : /usr/sbin/sshd -D
Cygwin Package Information
Package Version
_update-info-dir 00282-1
alternatives 1.3.20a-1
ash 20040127-3
base-files 3.5-1
base-passwd 2.2-1
bash 3.0-8
bzip2 1.0.3-1
coreutils 5.3.0-9
crypt 1.1-1
cygrunsrv 1.10-1
cygutils 1.2.9-1
cygwin 1.5.18-1
cygwin-doc 1.4-2
diffutils 2.8.7-1
editrights 1.01-1
findutils 20041227-1
gawk 3.1.4-3
gdbm 1.8.3-7
grep 2.5.1a-2
groff 1.18.1-2
gzip 1.3.5-1
less 381-1
libbz2_1 1.0.3-1
libcharset1 1.9.2-1
libgdbm 1.8.0-5
libgdbm-devel 1.8.3-7
libgdbm3 1.8.3-3
libgdbm4 1.8.3-7
libiconv 1.9.2-1
libiconv2 1.9.2-1
libintl 0.10.38-3
libintl1 0.10.40-1
libintl2 0.12.1-3
libintl3 0.14.1-1
libncurses5 5.2-1
libncurses6 5.2-8
libncurses7 5.3-4
libncurses8 5.4-2
libpcre 4.1-1
libpcre0 4.5-1
libpopt0 1.6.4-4
libreadline4 4.1-2
libreadline5 4.3-5
libreadline6 5.0-2
login 1.9-7
man 1.5p-1
minires 1.00-1
mktemp 1.5-3
nano 1.2.2-1
ncurses 5.4-2
openssh 4.1p1-2
openssl 0.9.8-2
openssl097 0.9.7g-1
readline 5.0-2
sed 4.1.4-1
tar 1.13.25-7
termcap 20050421-1
terminfo 5.4_20041009-1
texinfo 4.8-1
vim 6.3-1
which 1.7-1
zlib 1.2.2-2
----------------------------------------------------------------------------
Best regards
Mikkel Rostock
----------------------------Original Message--------------------------------
From: Brian Dessent [mailto:brian@dessent.net]
Sent: 16. august 2005 13:45
To: cygwin@cygwin.com
Subject: Re: Windows hardening and system paths
Mikkel Rostock wrote:
> cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error
1053:
> The service did not respond to the start or control request in a timely
> fashion.
"The" service? You haven't posted any details of what you're trying to
do -- what program you're trying to run as a service, how you installed
it, whether you set the permissions and ownership of files correctly,
created the proper user accounts; nor the contents of the event log or
the /var/log/*.log files; nor your cygcheck output. We are not mind
readers, and the above error is just a generic "something is wrong."
http://cygwin.com/problems.html
Brian
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/