This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Silently configure sshd fails via system account
- From: Paul Griffith <paulg at cse dot yorku dot ca>
- To: cygwin at cygwin dot com
- Date: Wed, 19 Mar 2014 11:54:13 -0400
- Subject: Re: Silently configure sshd fails via system account
- Authentication-results: sourceware.org; auth=none
- References: <5307BB89 dot 80405 at cse dot yorku dot ca> <1395192297365-107203 dot post at n5 dot nabble dot com>
On 03/18/2014 09:24 PM, PolarStorm wrote:
> Paul Griffith wrote
>> ...
>> /usr/bin/ssh-host-config --yes --cygwin ntsec --user cyg_server --pwd blah
>> ...
>
> Just a few things...
>
> 1) Don't do that (manually).
> First of all, "ntsec" is deprecated. Second, there are a lot of strange
> issues when
> using "--yes", just answer the questions manually, especially since you
> don't need
> all those keys just to have ssh work.
>
> 2) Make sure you run the ssh-host-config from an "administrator: cygwin
> shell.
>
> 3) Check your /etc/sshd-config for: "UsePrivilegeSeparation sandbox" which
> is
> the new default. The ssh-host-config script has a bug on line 169 that
> attempts
> to set this to "no", but where the regex fails. (I told people in THIS
> <http://cygwin.1069669.n5.nabble.com/CSIH-SSH-setup-script-problems-on-W81-64-tp106953.html>
> nabble post, but I
> don't think it ever reached the main mailing list.)
>
> 4) The sshd user pas-wor-d is set to expire by default after 42 days, in
> Windows 8.1.
> Fix it if you're using that.
>
Thanks Gene for the heads up, it will help me fine tune my setup! I need to use the "--yes" option because I am building a automated installation for Windows 7.
Cheers,
Paul
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple