Attached are three small patches to the following files:


to fix some installation issues and better explain using sshd in Windows.

The ssh-user-config changes are due to the fact that the default cygwin
umask is 000. Maybe a .bash_profile could be created containing umask 022
when the user's home directory is first created.  Just a thought.

This is the culmination of 6 hours of list perusing, and hair pulling, so
it's definitely "field tested".

Hope this helps,

Ross Smith

--- ssh-host-config.orig        2002-07-07 03:07:12.000000000 -0700
+++ ssh-host-config     2002-10-23 16:11:12.000000000 -0700
@@ -164,6 +164,7 @@
   if [ $_nt -gt 0 ]
     chown system.system /var/empty
+    chmod 755 /var/empty

--- ssh-user-config.orig        2002-06-21 13:32:33.000000000 -0700
+++ ssh-user-config     2002-10-23 16:15:24.000000000 -0700
@@ -123,6 +123,8 @@

+chown `whoami` ${pwdhome}
 if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
   echo "${pwdhome}/.ssh is existant but not a directory. Cannot create user
identity files."
@@ -139,6 +141,8 @@

+chmod 755 ${pwdhome}/.ssh
 if [ ! -f "${pwdhome}/.ssh/identity" ]
   if request "Shall I create an SSH1 RSA identity file for you?"
@@ -196,5 +200,8 @@

+chmod 600 ${pwdhome}/.ssh/*
+chmod 644 ${pwdhome}/.ssh/*.pub ${pwdhome}/.ssh/authorized_keys?
 echo "Configuration finished. Have fun!"

--- openssh-3.4p1-5.README.orig 2002-10-23 15:20:39.000000000 -0700
+++ openssh-3.4p1-5.README      2002-10-23 16:23:03.000000000 -0700
@@ -123,12 +123,53 @@

 - If you want to authenticate via RSA and you want to login to that
   machine to exactly one user account you can do so by running sshd
-  under that user account. You must change /etc/sshd_config
-  to contain the following:
+  under that user account.
+  * Change /etc/sshd_config to contain

   RSAAuthentication yes

-  Moreover it's possible to use rhosts and/or rhosts with
+  * Make sure you have executed the following:
+    $ ssh-host-config
+    $ ssh-user-config
+  * Due to the fact that cygwin's default umask is 0000, you will need
+    to execute the following (substituting your user name for USERNAME):
+       chown USERNAME ~
+       chmod 755 ~ ~/.ssh
+       chmod 600 ~/.ssh/*
+       chmod 644 ~/.ssh/*.pub ~/.ssh/authorized_keys?
+  * Reinstall the ssh daemon to run as the user. Execute the following
+    (substituting your user name for USERNAME, and your password for
+       chmod 666 /var/log/sshd.log /var/empty
+       rm -fr /var/log/sshd.log /var/empty
+       touch /var/log/sshd.log
+       chmod 644 /var/log/sshd.log
+       chmod 755 /var/empty
+       chown USERNAME.None /var/empty /etc/ssh_host_* /var/log/sshd.log
+       cygrunsrv --stop sshd
+       cygrunsrv --remove sshd
+       cygrunsrv --install sshd -e "CYGWIN=glob ntsec binmode" \
+          -u USERNAME \
+          -w "PASSWORD" \
+          -d "sshd" \
+          -p /usr/sbin/sshd.exe \
+          -1 /var/log/sshd.log \
+          -2 /var/log/sshd.log \
+          -a "-e -D"
+       cygrunsrv --start sshd
+  * NOTE: The user will not be able to login using their Windows password.
+    They will only be able to login using RSA authentication.
+    Therefore, you will need to copy your and id_??
+    files into authorized_keys, and authorized_keys2, respectfully.
+  Moreover, it's possible to use rhosts and/or rhosts with
   RSA authentication by setting the following in sshd_config:

   RhostsAuthentication yes

Attachment: ssh-host-config.diff
Description: Binary data

Attachment: ssh-user-config.diff
Description: Binary data

Attachment: openssh-3.4p1-5.README.diff
Description: Binary data

Reply via email to