diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-07-18 16:25:41 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-07-18 16:25:41 +0000 |
commit | a5820295c343b19d80a01eca537463a8c890e995 (patch) | |
tree | 7e12a4323e188244f0702073dd3bb6ed603bfd71 /contrib/cygwin | |
parent | cff94beb65f9196b213a17c9fac5fb91f3b6078a (diff) |
*** empty log message ***
Diffstat (limited to 'contrib/cygwin')
-rw-r--r-- | contrib/cygwin/README | 48 | ||||
-rw-r--r-- | contrib/cygwin/ssh-host-config | 55 |
2 files changed, 78 insertions, 25 deletions
diff --git a/contrib/cygwin/README b/contrib/cygwin/README index f9d03944f..dfe178679 100644 --- a/contrib/cygwin/README +++ b/contrib/cygwin/README | |||
@@ -1,4 +1,13 @@ | |||
1 | This package is the actual port of OpenSSH to Cygwin 1.1. | 1 | This package is the actual port of OpenSSH to Cygwin 1.3. |
2 | |||
3 | =========================================================================== | ||
4 | Important change since 2.9p2: | ||
5 | |||
6 | Since Cygwin is able to switch user context without password beginning | ||
7 | with version 1.3.2, OpenSSH now allows to do so when it's running under | ||
8 | a version >= 1.3.2. Keep in mind that `ntsec' has to be activated to | ||
9 | allow that feature. | ||
10 | =========================================================================== | ||
2 | 11 | ||
3 | =========================================================================== | 12 | =========================================================================== |
4 | Important change since 2.3.0p1: | 13 | Important change since 2.3.0p1: |
@@ -37,6 +46,9 @@ Options: | |||
37 | --no -n Answer all questions with "no" automatically. | 46 | --no -n Answer all questions with "no" automatically. |
38 | --port -p <n> sshd listens on port n. | 47 | --port -p <n> sshd listens on port n. |
39 | 48 | ||
49 | Additionally ssh-host-config now asks if it should install sshd as a | ||
50 | service when running under NT/W2K. This requires cygrunsrv installed. | ||
51 | |||
40 | You can create the private and public keys for a user now by running | 52 | You can create the private and public keys for a user now by running |
41 | 53 | ||
42 | /usr/bin/ssh-user-config | 54 | /usr/bin/ssh-user-config |
@@ -53,16 +65,12 @@ Options: | |||
53 | --no -n Answer all questions with "no" automatically. | 65 | --no -n Answer all questions with "no" automatically. |
54 | --passphrase -p word Use "word" as passphrase automatically. | 66 | --passphrase -p word Use "word" as passphrase automatically. |
55 | 67 | ||
56 | Install sshd as daemon via SRVANY.EXE (recommended on NT/W2K), via inetd | 68 | Install sshd as daemon via cygrunsrv.exe (recommended on NT/W2K), via inetd |
57 | (results in very slow deamon startup!) or from the command line (recommended | 69 | (results in very slow deamon startup!) or from the command line (recommended |
58 | on 9X/ME). | 70 | on 9X/ME). |
59 | 71 | ||
60 | If you start sshd as deamon via SRVANY.EXE you will see two | 72 | If you start sshd as deamon via cygrunsrv.exe you MUST give the |
61 | sshd processes in the process list unless you give the "-D" | 73 | "-D" option to sshd. Otherwise the service can't get started at all. |
62 | option to sshd. That will avoid that sshd detaches from the | ||
63 | controlling terminal and it will remain under process control | ||
64 | of SRVANY.EXE. That allows easy killing of the service by | ||
65 | using the `net stop <servicename>' command. | ||
66 | 74 | ||
67 | If starting via inetd, copy sshd to eg. /usr/sbin/in.sshd and add the | 75 | If starting via inetd, copy sshd to eg. /usr/sbin/in.sshd and add the |
68 | following line to your inetd.conf file: | 76 | following line to your inetd.conf file: |
@@ -74,6 +82,10 @@ ${SYSTEMROOT}/system32/drivers/etc/services file: | |||
74 | 82 | ||
75 | sshd 22/tcp #SSH daemon | 83 | sshd 22/tcp #SSH daemon |
76 | 84 | ||
85 | =========================================================================== | ||
86 | The following restrictions only apply to Cygwin versions up to 1.3.1 | ||
87 | =========================================================================== | ||
88 | |||
77 | Authentication to sshd is possible in one of two ways. | 89 | Authentication to sshd is possible in one of two ways. |
78 | You'll have to decide before starting sshd! | 90 | You'll have to decide before starting sshd! |
79 | 91 | ||
@@ -145,26 +157,22 @@ way as they are used by the `login' port on sources.redhat.com: | |||
145 | SSH2 server and user keys are generated by the `ssh-*-config' scripts | 157 | SSH2 server and user keys are generated by the `ssh-*-config' scripts |
146 | as well. | 158 | as well. |
147 | 159 | ||
148 | SSH2 authentication similar to SSH1: | ||
149 | Add keys to ~/.ssh/authorized_keys2 | ||
150 | Interop. w/ ssh.com dsa-keys: | ||
151 | ssh-keygen -f /key/from/ssh.com -X >> ~/.ssh/authorized_keys2 | ||
152 | and vice versa: | ||
153 | ssh-keygen -f /privatekey/from/openssh -x > ~/.ssh2/mykey.pub | ||
154 | echo Key mykey.pub >> ~/.ssh2/authorization | ||
155 | |||
156 | If you want to build from source, the following options to | 160 | If you want to build from source, the following options to |
157 | configure are used for the Cygwin binary distribution: | 161 | configure are used for the Cygwin binary distribution: |
158 | 162 | ||
159 | --prefix=/usr --sysconfdir=/etc --libexecdir='${exec_prefix}/sbin | 163 | --prefix=/usr \ |
164 | --sysconfdir=/etc \ | ||
165 | --libexecdir='${exec_prefix}/sbin \ | ||
166 | --with-pcre | ||
160 | 167 | ||
161 | You must have installed the zlib, openssl and regex packages to | 168 | You must have installed the zlib, openssl and regex packages to |
162 | be able to build OpenSSH! | 169 | be able to build OpenSSH! The `--with-pcre' option requires |
170 | the installation of the pcre package. | ||
163 | 171 | ||
164 | Please send requests, error reports etc. to cygwin@sources.redhat.com. | 172 | Please send requests, error reports etc. to cygwin@cygwin.com. |
165 | 173 | ||
166 | Have fun, | 174 | Have fun, |
167 | 175 | ||
168 | Corinna Vinschen <vinschen@cygnus.com> | 176 | Corinna Vinschen <vinschen@redhat.com> |
169 | Cygwin Developer | 177 | Cygwin Developer |
170 | Red Hat Inc. | 178 | Red Hat Inc. |
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 70bbafdb7..83eff3a13 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config | |||
@@ -309,7 +309,13 @@ PermitRootLogin yes | |||
309 | IgnoreRhosts yes | 309 | IgnoreRhosts yes |
310 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | 310 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication |
311 | #IgnoreUserKnownHosts yes | 311 | #IgnoreUserKnownHosts yes |
312 | StrictModes yes | 312 | |
313 | # | ||
314 | # The following setting overrides permission checks on host key files | ||
315 | # and directories. For security reasons set this to "yes" when running | ||
316 | # NT/W2K, NTFS and CYGWIN=ntsec. | ||
317 | StrictModes no | ||
318 | |||
313 | X11Forwarding no | 319 | X11Forwarding no |
314 | X11DisplayOffset 10 | 320 | X11DisplayOffset 10 |
315 | PrintMotd yes | 321 | PrintMotd yes |
@@ -325,12 +331,9 @@ RhostsAuthentication no | |||
325 | # For this to work you will also need host keys in /etc/ssh_known_hosts | 331 | # For this to work you will also need host keys in /etc/ssh_known_hosts |
326 | RhostsRSAAuthentication no | 332 | RhostsRSAAuthentication no |
327 | 333 | ||
328 | # To install for logon to different user accounts change to "no" here | ||
329 | RSAAuthentication yes | 334 | RSAAuthentication yes |
330 | 335 | ||
331 | # To install for logon to different user accounts change to "yes" here | 336 | PasswordAuthentication yes |
332 | PasswordAuthentication no | ||
333 | |||
334 | PermitEmptyPasswords no | 337 | PermitEmptyPasswords no |
335 | 338 | ||
336 | CheckMail no | 339 | CheckMail no |
@@ -438,6 +441,48 @@ then | |||
438 | fi | 441 | fi |
439 | fi | 442 | fi |
440 | 443 | ||
444 | # Create /var/log and /var/log/lastlog if not already existing | ||
445 | |||
446 | if [ -f /var/log ] | ||
447 | then | ||
448 | echo "Creating /var/log failed\!" | ||
449 | else | ||
450 | if [ ! -d /var/log ] | ||
451 | then | ||
452 | mkdir /var/log | ||
453 | fi | ||
454 | if [ -d /var/log/lastlog ] | ||
455 | then | ||
456 | echo "Creating /var/log/lastlog failed\!" | ||
457 | elif [ ! -f /var/log/lastlog ] | ||
458 | then | ||
459 | cat /dev/null > /var/log/lastlog | ||
460 | fi | ||
461 | fi | ||
462 | |||
463 | # On NT ask if sshd should be installed as service | ||
464 | if [ $_nt -gt 0 ] | ||
465 | then | ||
466 | echo | ||
467 | echo "Do you want to install sshd as service?" | ||
468 | if request "(Say \"no\" if it's already installed as service)" | ||
469 | then | ||
470 | echo | ||
471 | echo "Which value should the environment variable CYGWIN have when" | ||
472 | echo "sshd starts? It's recommended to set at least \"ntsec\" to be" | ||
473 | echo "able to change user context without password." | ||
474 | echo -n "Default is \"binmode ntsec tty\". CYGWIN=" | ||
475 | read _cygwin | ||
476 | [ -z "${_cygwin}" ] && _cygwin="binmode ntsec tty" | ||
477 | if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -e "CYGWIN=${_cygwin}" | ||
478 | then | ||
479 | chown system /etc/ssh* | ||
480 | echo | ||
481 | echo "The service has been installed under LocalSystem account." | ||
482 | fi | ||
483 | fi | ||
484 | fi | ||
485 | |||
441 | if [ "${old_install}" = "1" ] | 486 | if [ "${old_install}" = "1" ] |
442 | then | 487 | then |
443 | echo | 488 | echo |