This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ssh configuration


gga wrote:
I'm trying to set up ssh (ie. openssh) on cygwin, with not much success.
 Searching the mailing list did not help either.

I've downloaded it, installed it, run ssh-host-config, answered all yes.
I *CAN* ssh from windows to a linux box in my lan.
But, my windows box fails as a ssh server.
Not even ssh localhost works.

Here's the full info:

/usr/sbin/sshd.exe -d -d -d -D

Running 'sshd.exe' as anyone other than SYSTEM (on WinXP and earlier O/S's) is not recommended. See the email archives for a recipe about how to get a SYSTEM-owned shell to run 'sshd.exe' from if you want to run it from a shell.

ssh -v -v -v localhost
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 500 anon 1
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: temporarily_use_uid: 500/544 (e=500)
debug1: restore_uid
debug1: temporarily_use_uid: 500/544 (e=500)
debug1: restore_uid
debug1: Connection established.
debug1: identity file /z/.ssh/identity type -1
debug1: identity file /z/.ssh/id_rsa type -1
debug1: identity file /z/.ssh/id_dsa type -1
ssh_exchange_identification: read: Connection reset by peer
debug1: Calling cleanup 0x41bcc4(0x0)

---------------------------------------

I also tried running ssh-user-config and created all authentications,
with my password as pass phrase.  Still no go.  And when doing that, ssh
complains that all the files are invalid, with tons of errors, which
from other emails I've gathered as "normal".

You certainly need to ru ssh-user-config to log through the 'sshd' server, so this is the correct thing to do.

----------------------------------------

More info:
- cygwin is installed on a FAT partition of a WinXP (SP1) box, with
latest patches.

Ugh! You'll need to turn off 'StrictModes' in '/etc/sshd_config' for this to work. And that disables a large part of the security you get from OpenSSH. You should really consider switching to NTFS if you plan to use OpenSSH as any kind of security mechanism.

- Windows is a Spanish version of it.
- I have at least one user without a password.  I've also gone and
modified the ssh configuration file to add in sshd_config:
     PermitEmptyPasswords no

Perhaps this answers the question about whether you're looking for security from OpenSSH. ;-)

- I've synced passwd and groups with mkpasswd -l and mkgroup -l.
- I'm running under a firewall (not the XP one), but I've switched it off.

'Off' for some firewalls is the same as 'On'. They can be buggy. Try opening port 22 (assuming you didn't change this) for OpenSSH or uninstalling the firewall as a test.

--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
216 Dalton Rd.                          (508) 893-9889 - FAX
Holliston, MA 01746

_____________________________________________________________________

A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email?

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]