1 files changed, 24 insertions, 0 deletions
diff --git a/contrib/cygwin/README b/contrib/cygwin/README
index 9021ba2b0..71ea3455f 100644
--- a/contrib/cygwin/README
+++ b/contrib/cygwin/README
@@ -1,6 +1,30 @@
 This package is the actual port of OpenSSH to Cygwin 1.3.
 ===========================================================================
+Important change since 3.4p1-2:
+This version adds privilege separation as default setting, see
+/usr/doc/openssh/README.privsep.  According to that document the
+privsep feature requires a non-privileged account called 'sshd'.
+The new ssh-host-config file which is part of this version asks
+to create 'sshd' as local user if you want to use privilege
+separation.  If you confirm, it creates that NT user and adds
+the necessary entry to /etc/passwd.
+On 9x/Me systems the script just sets UsePrivilegeSeparation to "no"
+since that feature doesn't make any sense on a system which doesn't
+differ between privileged and unprivileged users.
+The new ssh-host-config script also adds the /var/empty directory
+needed by privilege separation.  When creating the /var/empty directory
+by yourself, please note that in contrast to the README.privsep document
+the owner sshould not be "root" but the user which is running sshd.  So,
+in the standard configuration this is SYSTEM.  The ssh-host-config script
+chowns /var/empty accordingly.
+===========================================================================
+===========================================================================
 Important change since 3.0.1p1-2:
 This version introduces the ability to register sshd as service on

diff --git a/contrib/cygwin/README b/contrib/cygwin/README index 9021ba2b0..71ea3455f 100644 --- a/contrib/cygwin/README +++ b/contrib/cygwin/README
@@ -1,6 +1,30 @@
1	This package is the actual port of OpenSSH to Cygwin 1.3.	1	This package is the actual port of OpenSSH to Cygwin 1.3.
2		2
3	===========================================================================	3	===========================================================================
		4	Important change since 3.4p1-2:
		5
		6	This version adds privilege separation as default setting, see
		7	/usr/doc/openssh/README.privsep. According to that document the
		8	privsep feature requires a non-privileged account called 'sshd'.
		9
		10	The new ssh-host-config file which is part of this version asks
		11	to create 'sshd' as local user if you want to use privilege
		12	separation. If you confirm, it creates that NT user and adds
		13	the necessary entry to /etc/passwd.
		14
		15	On 9x/Me systems the script just sets UsePrivilegeSeparation to "no"
		16	since that feature doesn't make any sense on a system which doesn't
		17	differ between privileged and unprivileged users.
		18
		19	The new ssh-host-config script also adds the /var/empty directory
		20	needed by privilege separation. When creating the /var/empty directory
		21	by yourself, please note that in contrast to the README.privsep document
		22	the owner sshould not be "root" but the user which is running sshd. So,
		23	in the standard configuration this is SYSTEM. The ssh-host-config script
		24	chowns /var/empty accordingly.
		25	===========================================================================
		26
		27	===========================================================================
4	Important change since 3.0.1p1-2:	28	Important change since 3.0.1p1-2:
5		29
6	This version introduces the ability to register sshd as service on	30	This version introduces the ability to register sshd as service on