This is the mail archive of the
mailing list for the Cygwin project.
Re: Silently configure sshd fails via system account
- From: Lord Laraby <lord dot laraby at gmail dot com>
- To: Cygwin Mailing List <cygwin at cygwin dot com>
- Date: Mon, 17 Mar 2014 19:18:28 -0400
- Subject: Re: Silently configure sshd fails via system account
- Authentication-results: sourceware.org; auth=none
- References: <5307BB89 dot 80405 at cse dot yorku dot ca> <5307BDDA dot 4040309 at cygwin dot com> <530B6ED1 dot 2060003 at cse dot yorku dot ca> <CAG9p0OSzrhsqf+gZjduxU0bxzovPY31kDwH=gJ3ZUtHuj8iBZQ at mail dot gmail dot com> <f5bmwgowkuh dot fsf at troutbeck dot inf dot ed dot ac dot uk> <CAG9p0OT0282=+dGWuOjk2MxMSJX0E6irg-+hD9dE1vfqDLOVyA at mail dot gmail dot com> <CAG9p0OS65OC-5o-wEre+2K7+NQHQE_OzmLW9HAN8bmcYzEoG3A at mail dot gmail dot com> <CAG9p0OQ3Hr0wVq7eYQRHGwW79U9uAb1_13BqqY4qxuR2m8VMAQ at mail dot gmail dot com>
Okay, I figured out the whole issue. The script suggested
non-privleged user sshd as the service user. I allowed that and the
user was created. However the issues the script messed up are:
1) The account was never activated - "net user sshd /active:yes" had
to be run at the command line.
2) All of the keys had permissions given to user cyg_server (which is
actually another service with different needs).
3) the /var/empty file ownership was changed to sshd (stolen from
cyg_server which also had that assigned home directory.) So, that was
correct but wrong.
4) The /var/log/sshd.log ownership was given to cyg_server (who does
not write to that log.) the cygserver.log is owned by SYSTEM!!! I do
not know why.
5) Permission modes were wrong on every file.
These were all setup by the cygwin script, all I did was answer 'yes'
to each question and provide sshd a password (twice).
This might warrant a check by the maintainer.
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple