SSHDSetup

Use the following steps to successfully get OpenSSH working as a server:

Set up your environment for Cygwin. For NT 4 and Windows 2000, this is done by right-clicking on My Computer and choosing Properties. In NT4, it's on the Environment tab. In Windows 2000, it's the Environment Variables on the Advanced tab. Add the following setting to the System Environment:

CYGWIN = ntsec tty

Append the following variable to contain the following:

Path : ;C:Cygwinin

Note that if you are NT/2K on FAT(32), the ntsec option for the CYGWIN variable won't help you much. In these cases, just set CYGWIN to "tty".

Download the Cygwin Setup Program into a temporary folder like C:CygwinInstall.

Run "C:CygwinInstallSetup.exe", choose " Install from Internet ", choose a suitable mirror (I like "ftp://mirrors.rcn.net").

Now choose the packages you want to install. Click on the View button in the upper right corner. Scroll down until you find Cygrunsrv. Click on the word "Skip" until you see the highest numbered version for Cygrunsrv. This will cycle through the list, so you may have to go through it twice or three times, but you basically want the one right before "Skip" in the cycle. Repeat for man, openssh and vim. Feel free to choose other packages you may want (like ncftp, lynx and shutdown), but chances are, if you don't know what it is, you don't need it. Setup automatically chooses other packages that your selections depend on. Continue through the setup program until the installation is complete.

[Optional] After Setup is complete, I like to make a couple of changes to the default installation: - Download and install ftp://ftp.erdelynet.com/mike/cygwin/profile, ftp://ftp.erdelynet.com/mike/cygwin/sh_aliases into /etc. - Change the Cygwin icons so that, instead of pointing to cygwin.bat, they point to "c:cygwininash.exe --login -i" and start in "c:cygwinin"

Since you're going to be running an internet service, you're definitely going to want to clean up your /etc/passwd and /etc/group files. You only want everyone, system, administrators and the users that you want logging into your system defined in your /etc/passwd. If you have guest enabled and guest is defined in your /etc/passwd, people will be able to log onto your system without a password. In addition to removing unwanted users, I also shorten "Administrator" and "Administrators" and make all username fields lowercase. Here are my files:

/etc/passwd:

everyone:*:0:0:,S-1-1-0::/bin/false

system:*:18:18:,S-1-5-18::/bin/false

admins:*:544:544:Administrators,U-SATURNAdministrators

,S-1-5-32-544::/bin/false

admin::500:544:U-TESTADAdministrator

,S-1-5-21-SID-500:/home/admin:/bin/bash

mike::1106:513:Michael Erdely,U-TESTADmike

,S-1-5-21-SID-1106:/home/mike:/bin/bash

(note: the lines for admins, admin and mike are intentially wrapped for readability, but in your /etc/passwd file, they should be on one, continuous line.

/etc/group:

everyone:S-1-1-0:0:

system:S-1-5-18:18:

admins:S-1-5-32-544:544:

users:S-1-5-32-545:545:

guests:S-1-5-32-546:546:

You'll notice in the /etc/group, that I made all group names lowercase, shortened Administrators to admins and deleted unwanted group names. In the /etc/passwd, I shortened Administrators to admins, Administrator to admin (both username field and home directory field), deleted guest and made everyone's, system's and admins' shell "bin/false" and made all usernames lowercase. This example has a domain (TESTAD). If you want to add users in the future, you'd run either "mkpasswd -l | grep newusername >> /etc/passwd" to add from the local machine, "mkpasswd -d | grep newusername >> /etc/passwd" to add a user from the default domain or "mkpasswd -d otherdomain | grep newusername >> /etc/passwd" to add them from OTHERDOMAIN. Please note: newusername and otherdomain are just examples. You'd want to replace them with actual user and domain names.

If you are using NTFS and included NTSEC in your CYGWIN variable (first step of these instructions), you'll want to run my fixperms script (ftp://ftp.erdelynet.com/mike/cygwin/fixperms.sh). Download it to your home directory, then run ". ~/fixperms.sh". Yes, that is a period, space, then the path to the script.

Now, you'll want to configure sshd. This is MUCH simpler than it used to be. Run "ssh-host-config -y" to set it up. When prompted with "CYGWIN=" type what you set CYGWIN to in step 1 (tty ntsec).

Change the permissions of a couple of files:

chown -R 544:544 /var

chown 18:18 /var/log/sshd.log

chown 544:544 /etc/ssh*

chown 18:18 /etc/ssh_host*_key

Now you are ready to start the service: "cygrunsrv -S sshd"

Test the service by running "ssh localhost"

If, at this point, you are unable to connect to your sshd server, join my SSH-L mailing list for extra help.

If your ultimate goal (like mine was) is to connect to the SSH server with a GUI client like Van Dyke's SecureCRT (listed on my downloads page), now try that. At this point, also test connecting to your SSH server from a different machine to ensure network connectivity.

If this is unclear or if you have any questions, join my SSH-L mailing list.

--------------------------------------------------------------------------------

• ·在liunx下构建磁盘阵列
• ·戴安娜与杰奎琳|报价￥21.70|图书,传记,
• ·Redhatadvanceserver2.1集
• ·RedHat7.2实现免费的VPN
• ·爱佩岑|报价￥11.70|图书,传记,群星荟萃
• ·Squishdot的汉化
• ·推理克里斯蒂/名家温馨赏读译丛(名家温馨赏读译
• ·ssh2的安装与配置
• ·关于BUGZILLA的说明和安装
• ·白宫黑玫瑰--赖斯|报价￥24.00|图书,传