Re[2]: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Hi Stephan, Thanks for the information. Issue is fixed and it was IBM ssh service which was blocking way for cygwin to bind address 0.0.0.0/22 on my windows machine. I disabled that service and cygwin worked smoothly. -- Thanks, Subbu Wednesday, 19 August 2020, 10:03PM +05:30 from Stephen Carrier carr...@berkeley.edu : >On Sun, Aug 16, 2020 at 11:36:10AM +0200, Marco Atzeri via Cygwin wrote: > On 16.08.2020 10:17, Subramanya Narayanaswamy via Cygwin wrote: >> Hi Team, >> >> I'm facing below issue while trying to start CYGSSHD server. I'm running the >> below command as an Administrator but not sure why cygsshd is not starting. >> Any help? >> -- >> $ net start cygsshd >> The CYGWIN cygsshd service is starting. >> The CYGWIN cygsshd service could not be started. >> >> The service did not report an error. >> >> More help is available by typing NET HELPMSG 3534. >> >> Subramanya >> > > I saw the same problem. > The /var/log/sshd.log gave me the hint: > --- > Permissions 0640 for '/etc/ssh_host_rsa_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > .. > Permissions 0640 for '/etc/ssh_host_ecdsa_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > .. > Permissions 0640 for '/etc/ssh_host_ed25519_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > sshd: no hostkeys available -- exiting. > >/var/log/sshd.config may provide helpful clues even if the issue is >different from loose permissions on the private keys. Let us know what >you find there if you are still having trouble. > > from the Admin account > > $ cd /etc > $ chmod 600 ssh* > > solved the problem > >It may have but ... There is no need to restrict permissions on the >public keys and restricting permissions on /etc/ssh_config may interfere >with ssh client use by non-Administrator users. Moreover, I don't think >/etc/sshd_config needs to be restricted though that could be a judgement >call. > >Perhaps > >$ chmod 600 ssh_host_*_key > >is enough to fix the private key permissions, if in fact that is the problem. > > $ cygrunsrv -Q cygsshd > > >"cygrunsrv -V -Q cygsshd" will reveal even more information. > >--Stephen -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
On Sun, Aug 16, 2020 at 11:36:10AM +0200, Marco Atzeri via Cygwin wrote: > On 16.08.2020 10:17, Subramanya Narayanaswamy via Cygwin wrote: > > Hi Team, > > > > I'm facing below issue while trying to start CYGSSHD server. I'm running > > the below command as an Administrator but not sure why cygsshd is not > > starting. Any help? > > -- > > $ net start cygsshd > > The CYGWIN cygsshd service is starting. > > The CYGWIN cygsshd service could not be started. > > > > The service did not report an error. > > > > More help is available by typing NET HELPMSG 3534. > > > > Subramanya > > > > I saw the same problem. > The /var/log/sshd.log gave me the hint: > --- > Permissions 0640 for '/etc/ssh_host_rsa_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > .. > Permissions 0640 for '/etc/ssh_host_ecdsa_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > .. > Permissions 0640 for '/etc/ssh_host_ed25519_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > sshd: no hostkeys available -- exiting. > /var/log/sshd.config may provide helpful clues even if the issue is different from loose permissions on the private keys. Let us know what you find there if you are still having trouble. > from the Admin account > > $ cd /etc > $ chmod 600 ssh* > > solved the problem It may have but ... There is no need to restrict permissions on the public keys and restricting permissions on /etc/ssh_config may interfere with ssh client use by non-Administrator users. Moreover, I don't think /etc/sshd_config needs to be restricted though that could be a judgement call. Perhaps $ chmod 600 ssh_host_*_key is enough to fix the private key permissions, if in fact that is the problem. > $ cygrunsrv -Q cygsshd "cygrunsrv -V -Q cygsshd" will reveal even more information. --Stephen -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Subramanya Narayanaswamy via Cygwin writes: > Hi Team, > > I'm facing below issue while trying to start CYGSSHD server. I'm running the > below command as an Administrator but not sure why cygsshd is not starting. > Any help? > -- > $ net start cygsshd > The CYGWIN cygsshd service is starting. > The CYGWIN cygsshd service could not be started. > > The service did not report an error. > > More help is available by typing NET HELPMSG 3534. Most likely you didn't ensure the SSH private key files are only readable by the SYSTEM user. There should be a complaint about the permissions being too open in /var/log/sshd.log in that case. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ Factory and User Sound Singles for Waldorf Blofeld: http://Synth.Stromeko.net/Downloads.html#WaldorfSounds -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
On 16.08.2020 10:17, Subramanya Narayanaswamy via Cygwin wrote: Hi Team, I'm facing below issue while trying to start CYGSSHD server. I'm running the below command as an Administrator but not sure why cygsshd is not starting. Any help? -- $ net start cygsshd The CYGWIN cygsshd service is starting. The CYGWIN cygsshd service could not be started. The service did not report an error. More help is available by typing NET HELPMSG 3534. Subramanya I saw the same problem. The /var/log/sshd.log gave me the hint: --- Permissions 0640 for '/etc/ssh_host_rsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. .. Permissions 0640 for '/etc/ssh_host_ecdsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. .. Permissions 0640 for '/etc/ssh_host_ed25519_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. sshd: no hostkeys available -- exiting. from the Admin account $ cd /etc $ chmod 600 ssh* solved the problem $ cygrunsrv -S cygsshd $ cygrunsrv -Q cygsshd Service : cygsshd Display name: CYGWIN cygsshd Current State : Running Controls Accepted : Stop Command : /usr/sbin/sshd -D -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
RE: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Hi Team, I'm facing below issue while trying to start CYGSSHD server. I'm running the below command as an Administrator but not sure why cygsshd is not starting. Any help? -- $ net start cygsshd The CYGWIN cygsshd service is starting. The CYGWIN cygsshd service could not be started. The service did not report an error. More help is available by typing NET HELPMSG 3534. Subramanya -- Subramanya Narayanswamy, Staff Consultant, Infrastructure Mobile: +919900036638 Oracle Consulting | IaaS Oracle India -Original Message- From: Stephen Carrier [mailto:carr...@berkeley.edu] Sent: Wednesday, August 12, 2020 9:29 PM To: Subramanya Narayanaswamy Cc: cygwin@cygwin.com Subject: Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote On Wed, Aug 12, 2020 at 01:43:30PM +, Subramanya Narayanaswamy via Cygwin wrote: > Do you have any steps to follow to create an admin user using ssh-user-config > command? Because when I run ssh-user-config it is taking SYSTEM user as > default user name and doesn't prompt to create new user for the purpose of > connecting remotely to the target windows host which runs CYGWIN. I think you just need to create a regular windows users, or use one that already exists. I use ssh extensively to connect to various windows accounts and have never touched ssh-user-config. Just ssh and use the windows login and password. It can be an Administrator account. Stephen -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re[2]: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Thanks Stephen -- Thanks, Subbu Wednesday, 12 August 2020, 09:29PM +05:30 from Stephen Carrier carr...@berkeley.edu : >On Wed, Aug 12, 2020 at 01:43:30PM +, Subramanya Narayanaswamy via Cygwin >wrote: > Do you have any steps to follow to create an admin user using ssh-user-config > command? Because when I run ssh-user-config it is taking SYSTEM user as > default user name and doesn't prompt to create new user for the purpose of > connecting remotely to the target windows host which runs CYGWIN. > >I think you just need to create a regular windows users, or use one that >already exists. I use ssh extensively to connect to various windows >accounts and have never touched ssh-user-config. Just ssh and use the >windows login and password. It can be an Administrator account. > >Stephen -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
On Wed, Aug 12, 2020 at 01:43:30PM +, Subramanya Narayanaswamy via Cygwin wrote: > Do you have any steps to follow to create an admin user using ssh-user-config > command? Because when I run ssh-user-config it is taking SYSTEM user as > default user name and doesn't prompt to create new user for the purpose of > connecting remotely to the target windows host which runs CYGWIN. I think you just need to create a regular windows users, or use one that already exists. I use ssh extensively to connect to various windows accounts and have never touched ssh-user-config. Just ssh and use the windows login and password. It can be an Administrator account. Stephen -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Greetings, Subramanya Narayanaswamy! > Do you have any steps to follow to create an admin user using > ssh-user-config command? Because when I run ssh-user-config it is taking > SYSTEM user as default user name and doesn't prompt to create new user for > the purpose of connecting remotely to the target windows host which runs > CYGWIN. Creating a new user is outside the scope of Cygwin. ssh-user-config prepares CURRENT user to use SSH. -- With best regards, Andrey Repin Wednesday, August 12, 2020 17:41:18 Sorry for my terrible english... -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
RE: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Do you have any steps to follow to create an admin user using ssh-user-config command? Because when I run ssh-user-config it is taking SYSTEM user as default user name and doesn't prompt to create new user for the purpose of connecting remotely to the target windows host which runs CYGWIN. Subramanya -- Subramanya Narayanswamy, Staff Consultant, Infrastructure Mobile: +919900036638 Oracle Consulting | IaaS Oracle India -Original Message- From: Andrey Repin [mailto:anrdae...@yandex.ru] Sent: Wednesday, August 12, 2020 4:55 AM To: Subramanya Narayanaswamy ; cygwin@cygwin.com Subject: Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote Greetings, Subramanya Narayanaswamy! Please bottom post in this list. > Thanks for the response. > Basically I have an Cloud control Agent server on LINUX host and Cloud > control would like connect to Windows hosts over an SSH protocol. For that, you need a REGULAR user, for which you need to use a strong password and prepare it for key-based login. See the documentation and the other reply from Marco. > ssh user1@IP > But here I want to create a separate user to authenticate from Cloud > controller to target client with ssh setup and password based authentication. Yes. Do it. -- With best regards, Andrey Repin Wednesday, August 12, 2020 2:22:48 Sorry for my terrible english... -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Greetings, Subramanya Narayanaswamy! Please bottom post in this list. > Thanks for the response. > Basically I have an Cloud control Agent server on LINUX host and Cloud > control would like connect to Windows hosts over an SSH protocol. For that, you need a REGULAR user, for which you need to use a strong password and prepare it for key-based login. See the documentation and the other reply from Marco. > ssh user1@IP > But here I want to create a separate user to authenticate from Cloud > controller to target client with ssh setup and password based authentication. Yes. Do it. -- With best regards, Andrey Repin Wednesday, August 12, 2020 2:22:48 Sorry for my terrible english... -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
On 11.08.2020 08:35, Subramanya Narayanaswamy via Cygwin wrote: Hi Andrey, Thanks for the response. Basically I have an Cloud control Agent server on LINUX host and Cloud control would like connect to Windows hosts over an SSH protocol. So for that I have installed CYGWIN on my client windows machine and tried to configure ssh-host-config. It is taking default SYSTEM user ( example: if my local account is SUBBU) and generating the profile files. Now I can user the below command to connect to windows host over SSH using username and password that is SYSTEM default. ssh user1@IP But here I want to create a separate user to authenticate from Cloud controller to target client with ssh setup and password based authentication. Hope I answered your question? Subramanya you are confusing the user that runs the sshd services (SYSTEM) with the user that uses the sshd service and connects through ssh /usr/bin/ssh-host-config sets the first /usr/bin/ssh-user-config sets the second $ cygcheck -l openssh |grep -- -config /usr/bin/ssh-host-config /usr/bin/ssh-user-config -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
RE: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Hi Andrey, Thanks for the response. Basically I have an Cloud control Agent server on LINUX host and Cloud control would like connect to Windows hosts over an SSH protocol. So for that I have installed CYGWIN on my client windows machine and tried to configure ssh-host-config. It is taking default SYSTEM user ( example: if my local account is SUBBU) and generating the profile files. Now I can user the below command to connect to windows host over SSH using username and password that is SYSTEM default. ssh user1@IP But here I want to create a separate user to authenticate from Cloud controller to target client with ssh setup and password based authentication. Hope I answered your question? Subramanya -- Subramanya Narayanswamy, Staff Consultant, Infrastructure Mobile: +919900036638 Oracle Consulting | IaaS Oracle India -Original Message- From: Andrey Repin [mailto:anrdae...@yandex.ru] Sent: Tuesday, August 11, 2020 4:08 AM To: Subramanya Narayanaswamy ; cygwin@cygwin.com Subject: Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote Greetings, Subramanya Narayanaswamy! > I'm Trying to setup Cygwin installation on windows server 2012 and 2016. > I'm installing latest Cygwin version with packages openssh,openssl,zip,unzip. > When I run Cygwin.bat file and try to configure SSH host service to > connect from Agent server on this windows host, I don't get a prompt > to create CYGWIN user at all. By default it is taking the SYSTEM default user > for authentication. That's how it's done. > But I want create a new Cygwin(let's say agentuser user) using the > command ssh-host-config by running the Cygwin.bat file. Why? > Could you please help on how to setup separate user with right SSH > permission please? It would be great help. What you want to use that user for? If you want to use it for maintenance, just create a user and `passwd -R` it. Then you can use SSH key to login as that user. -- With best regards, Andrey Repin Tuesday, August 11, 2020 1:37:01 Sorry for my terrible english... -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Greetings, Subramanya Narayanaswamy! > I'm Trying to setup Cygwin installation on windows server 2012 and 2016. > I'm installing latest Cygwin version with packages openssh,openssl,zip,unzip. > When I run Cygwin.bat file and try to configure SSH host service to connect > from Agent server on this windows host, I don't get a prompt to create > CYGWIN user at all. By default it is taking the SYSTEM default user for > authentication. That's how it's done. > But I want create a new Cygwin(let's say agentuser user) using the command > ssh-host-config by running the Cygwin.bat file. Why? > Could you please help on how to setup separate user with right SSH > permission please? It would be great help. What you want to use that user for? If you want to use it for maintenance, just create a user and `passwd -R` it. Then you can use SSH key to login as that user. -- With best regards, Andrey Repin Tuesday, August 11, 2020 1:37:01 Sorry for my terrible english... -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
On Mon, Aug 10, 2020 at 12:21 PM Subramanya Narayanaswamy via Cygwin wrote: When I run Cygwin.bat file and try to configure SSH host service to connect > from Agent server on this windows host, I don't get a prompt to create > CYGWIN user at all. By default it is taking the SYSTEM default user for > authentication. > The service now runs as SYSTEM by default and this is a good thing because you don't have to manage its password or configure special user rights for it. Why doesn't this work for your scenario? Bill -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote
Hi Team, I'm Trying to setup Cygwin installation on windows server 2012 and 2016. I'm installing latest Cygwin version with packages openssh,openssl,zip,unzip. When I run Cygwin.bat file and try to configure SSH host service to connect from Agent server on this windows host, I don't get a prompt to create CYGWIN user at all. By default it is taking the SYSTEM default user for authentication. But I want create a new Cygwin(let's say agentuser user) using the command ssh-host-config by running the Cygwin.bat file. Could you please help on how to setup separate user with right SSH permission please? It would be great help. Subramanya -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
