diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-07-18 16:25:41 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-07-18 16:25:41 +0000 |
| commit | a5820295c343b19d80a01eca537463a8c890e995 (patch) | |
| tree | 7e12a4323e188244f0702073dd3bb6ed603bfd71 /contrib/cygwin | |
| parent | cff94beb65f9196b213a17c9fac5fb91f3b6078a (diff) | |
*** empty log message ***
Diffstat (limited to 'contrib/cygwin')
| -rw-r--r-- | contrib/cygwin/README | 48 | ||||
| -rw-r--r-- | contrib/cygwin/ssh-host-config | 55 |
2 files changed, 78 insertions, 25 deletions
diff --git a/contrib/cygwin/README b/contrib/cygwin/README index f9d03944f..dfe178679 100644 --- a/contrib/cygwin/README +++ b/contrib/cygwin/README | |||
| @@ -1,4 +1,13 @@ | |||
| 1 | This package is the actual port of OpenSSH to Cygwin 1.1. | 1 | This package is the actual port of OpenSSH to Cygwin 1.3. |
| 2 | |||
| 3 | =========================================================================== | ||
| 4 | Important change since 2.9p2: | ||
| 5 | |||
| 6 | Since Cygwin is able to switch user context without password beginning | ||
| 7 | with version 1.3.2, OpenSSH now allows to do so when it's running under | ||
| 8 | a version >= 1.3.2. Keep in mind that `ntsec' has to be activated to | ||
| 9 | allow that feature. | ||
| 10 | =========================================================================== | ||
| 2 | 11 | ||
| 3 | =========================================================================== | 12 | =========================================================================== |
| 4 | Important change since 2.3.0p1: | 13 | Important change since 2.3.0p1: |
| @@ -37,6 +46,9 @@ Options: | |||
| 37 | --no -n Answer all questions with "no" automatically. | 46 | --no -n Answer all questions with "no" automatically. |
| 38 | --port -p <n> sshd listens on port n. | 47 | --port -p <n> sshd listens on port n. |
| 39 | 48 | ||
| 49 | Additionally ssh-host-config now asks if it should install sshd as a | ||
| 50 | service when running under NT/W2K. This requires cygrunsrv installed. | ||
| 51 | |||
| 40 | You can create the private and public keys for a user now by running | 52 | You can create the private and public keys for a user now by running |
| 41 | 53 | ||
| 42 | /usr/bin/ssh-user-config | 54 | /usr/bin/ssh-user-config |
| @@ -53,16 +65,12 @@ Options: | |||
| 53 | --no -n Answer all questions with "no" automatically. | 65 | --no -n Answer all questions with "no" automatically. |
| 54 | --passphrase -p word Use "word" as passphrase automatically. | 66 | --passphrase -p word Use "word" as passphrase automatically. |
| 55 | 67 | ||
| 56 | Install sshd as daemon via SRVANY.EXE (recommended on NT/W2K), via inetd | 68 | Install sshd as daemon via cygrunsrv.exe (recommended on NT/W2K), via inetd |
| 57 | (results in very slow deamon startup!) or from the command line (recommended | 69 | (results in very slow deamon startup!) or from the command line (recommended |
| 58 | on 9X/ME). | 70 | on 9X/ME). |
| 59 | 71 | ||
| 60 | If you start sshd as deamon via SRVANY.EXE you will see two | 72 | If you start sshd as deamon via cygrunsrv.exe you MUST give the |
| 61 | sshd processes in the process list unless you give the "-D" | 73 | "-D" option to sshd. Otherwise the service can't get started at all. |
| 62 | option to sshd. That will avoid that sshd detaches from the | ||
| 63 | controlling terminal and it will remain under process control | ||
| 64 | of SRVANY.EXE. That allows easy killing of the service by | ||
| 65 | using the `net stop <servicename>' command. | ||
| 66 | 74 | ||
| 67 | If starting via inetd, copy sshd to eg. /usr/sbin/in.sshd and add the | 75 | If starting via inetd, copy sshd to eg. /usr/sbin/in.sshd and add the |
| 68 | following line to your inetd.conf file: | 76 | following line to your inetd.conf file: |
| @@ -74,6 +82,10 @@ ${SYSTEMROOT}/system32/drivers/etc/services file: | |||
| 74 | 82 | ||
| 75 | sshd 22/tcp #SSH daemon | 83 | sshd 22/tcp #SSH daemon |
| 76 | 84 | ||
| 85 | =========================================================================== | ||
| 86 | The following restrictions only apply to Cygwin versions up to 1.3.1 | ||
| 87 | =========================================================================== | ||
| 88 | |||
| 77 | Authentication to sshd is possible in one of two ways. | 89 | Authentication to sshd is possible in one of two ways. |
| 78 | You'll have to decide before starting sshd! | 90 | You'll have to decide before starting sshd! |
| 79 | 91 | ||
| @@ -145,26 +157,22 @@ way as they are used by the `login' port on sources.redhat.com: | |||
| 145 | SSH2 server and user keys are generated by the `ssh-*-config' scripts | 157 | SSH2 server and user keys are generated by the `ssh-*-config' scripts |
| 146 | as well. | 158 | as well. |
| 147 | 159 | ||
| 148 | SSH2 authentication similar to SSH1: | ||
| 149 | Add keys to ~/.ssh/authorized_keys2 | ||
| 150 | Interop. w/ ssh.com dsa-keys: | ||
| 151 | ssh-keygen -f /key/from/ssh.com -X >> ~/.ssh/authorized_keys2 | ||
| 152 | and vice versa: | ||
| 153 | ssh-keygen -f /privatekey/from/openssh -x > ~/.ssh2/mykey.pub | ||
| 154 | echo Key mykey.pub >> ~/.ssh2/authorization | ||
| 155 | |||
| 156 | If you want to build from source, the following options to | 160 | If you want to build from source, the following options to |
| 157 | configure are used for the Cygwin binary distribution: | 161 | configure are used for the Cygwin binary distribution: |
| 158 | 162 | ||
| 159 | --prefix=/usr --sysconfdir=/etc --libexecdir='${exec_prefix}/sbin | 163 | --prefix=/usr \ |
| 164 | --sysconfdir=/etc \ | ||
| 165 | --libexecdir='${exec_prefix}/sbin \ | ||
| 166 | --with-pcre | ||
| 160 | 167 | ||
| 161 | You must have installed the zlib, openssl and regex packages to | 168 | You must have installed the zlib, openssl and regex packages to |
| 162 | be able to build OpenSSH! | 169 | be able to build OpenSSH! The `--with-pcre' option requires |
| 170 | the installation of the pcre package. | ||
| 163 | 171 | ||
| 164 | Please send requests, error reports etc. to cygwin@sources.redhat.com. | 172 | Please send requests, error reports etc. to cygwin@cygwin.com. |
| 165 | 173 | ||
| 166 | Have fun, | 174 | Have fun, |
| 167 | 175 | ||
| 168 | Corinna Vinschen <vinschen@cygnus.com> | 176 | Corinna Vinschen <vinschen@redhat.com> |
| 169 | Cygwin Developer | 177 | Cygwin Developer |
| 170 | Red Hat Inc. | 178 | Red Hat Inc. |
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 70bbafdb7..83eff3a13 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config | |||
| @@ -309,7 +309,13 @@ PermitRootLogin yes | |||
| 309 | IgnoreRhosts yes | 309 | IgnoreRhosts yes |
| 310 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | 310 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication |
| 311 | #IgnoreUserKnownHosts yes | 311 | #IgnoreUserKnownHosts yes |
| 312 | StrictModes yes | 312 | |
| 313 | # | ||
| 314 | # The following setting overrides permission checks on host key files | ||
| 315 | # and directories. For security reasons set this to "yes" when running | ||
| 316 | # NT/W2K, NTFS and CYGWIN=ntsec. | ||
| 317 | StrictModes no | ||
| 318 | |||
| 313 | X11Forwarding no | 319 | X11Forwarding no |
| 314 | X11DisplayOffset 10 | 320 | X11DisplayOffset 10 |
| 315 | PrintMotd yes | 321 | PrintMotd yes |
| @@ -325,12 +331,9 @@ RhostsAuthentication no | |||
| 325 | # For this to work you will also need host keys in /etc/ssh_known_hosts | 331 | # For this to work you will also need host keys in /etc/ssh_known_hosts |
| 326 | RhostsRSAAuthentication no | 332 | RhostsRSAAuthentication no |
| 327 | 333 | ||
| 328 | # To install for logon to different user accounts change to "no" here | ||
| 329 | RSAAuthentication yes | 334 | RSAAuthentication yes |
| 330 | 335 | ||
| 331 | # To install for logon to different user accounts change to "yes" here | 336 | PasswordAuthentication yes |
| 332 | PasswordAuthentication no | ||
| 333 | |||
| 334 | PermitEmptyPasswords no | 337 | PermitEmptyPasswords no |
| 335 | 338 | ||
| 336 | CheckMail no | 339 | CheckMail no |
| @@ -438,6 +441,48 @@ then | |||
| 438 | fi | 441 | fi |
| 439 | fi | 442 | fi |
| 440 | 443 | ||
| 444 | # Create /var/log and /var/log/lastlog if not already existing | ||
| 445 | |||
| 446 | if [ -f /var/log ] | ||
| 447 | then | ||
| 448 | echo "Creating /var/log failed\!" | ||
| 449 | else | ||
| 450 | if [ ! -d /var/log ] | ||
| 451 | then | ||
| 452 | mkdir /var/log | ||
| 453 | fi | ||
| 454 | if [ -d /var/log/lastlog ] | ||
| 455 | then | ||
| 456 | echo "Creating /var/log/lastlog failed\!" | ||
| 457 | elif [ ! -f /var/log/lastlog ] | ||
| 458 | then | ||
| 459 | cat /dev/null > /var/log/lastlog | ||
| 460 | fi | ||
| 461 | fi | ||
| 462 | |||
| 463 | # On NT ask if sshd should be installed as service | ||
| 464 | if [ $_nt -gt 0 ] | ||
| 465 | then | ||
| 466 | echo | ||
| 467 | echo "Do you want to install sshd as service?" | ||
| 468 | if request "(Say \"no\" if it's already installed as service)" | ||
| 469 | then | ||
| 470 | echo | ||
| 471 | echo "Which value should the environment variable CYGWIN have when" | ||
| 472 | echo "sshd starts? It's recommended to set at least \"ntsec\" to be" | ||
| 473 | echo "able to change user context without password." | ||
| 474 | echo -n "Default is \"binmode ntsec tty\". CYGWIN=" | ||
| 475 | read _cygwin | ||
| 476 | [ -z "${_cygwin}" ] && _cygwin="binmode ntsec tty" | ||
| 477 | if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -e "CYGWIN=${_cygwin}" | ||
| 478 | then | ||
| 479 | chown system /etc/ssh* | ||
| 480 | echo | ||
| 481 | echo "The service has been installed under LocalSystem account." | ||
| 482 | fi | ||
| 483 | fi | ||
| 484 | fi | ||
| 485 | |||
| 441 | if [ "${old_install}" = "1" ] | 486 | if [ "${old_install}" = "1" ] |
| 442 | then | 487 | then |
| 443 | echo | 488 | echo |