Re: Problems with ssh-host-config on Windows 10

On Thu, Feb 2, 2017 at 2:08 PM, Corinna Vinschen
<> wrote:
> On Feb  2 12:19, Erik Bray wrote:
>> Hi all,
>> I've been trying to get a Cygwin sshd server running on a Windows 10
>> VM, and have found it to be surprisingly tricky without some
>> additional fiddling, and it's not clear to me whether that's expected
>> or if it's a bug.  I've attached the cygcheck output from the VM.
>> The symptom I've having seems to be the same as in this post:
>> The problem seems to be stemming from some assumptions in:
>> /usr/share/csih/
>> It creates the "privileged user" (in my case with the default name
>> cyg_server) with `net user`, including the SAM comment entry:
>> /comment:'<cygwin home="/var/empty" shell="/bin/false"/>'
>> Shortly after it calls:
>> passwd -e "${csih_PRIVILEGED_USERNAME}"
>> and this fails with:
>> Warning: Setting password expiry for user 'desktop-mk2koav+cyg_server' failed!
>> This happens because this is a fresh Cygwin install with all the
>> default settings in /etc/nsswitch.conf.  In particular, no passwd
>> entry is found for the cyg_server user unless I explicitly add "local"
>> to db_enum.  Furthermore, the SAM comment entry is not read correctly
>> without db_home: desc and db_shell: desc.  In summary, I had to edit
>> /etc/nsswitch.conf to:
>> passwd db
>> db_enum: local
>> db_home: desc
>> db_shell: desc
> The assumption in ssh-host-config is that your nsswitch.conf settings
> are already correct.  It's kind of tricky to set up accounts and stuff
> in a not yet configured environment.

I think that's reasonable, but the question is what is "correct"?  Any
valid settings for nsswitch.conf could be "correct" for different use
cases, whereas the script seems
to have some very specific requirements that don't match the default
configuration, or even many non-default configurations (especially
w.r.t. db_home and db_shell).


