BUG: ssh-host-config --yes fails with cygwin 1.7.33
Florian Friesdorf
flo@chaoflow.net
Tue Nov 4 18:48:00 GMT 2014
This is fixed with cygwin-1.7.33-0.4.
However, the warning in the beginning still remains.
On Tue, Nov 04 2014, Florian Friesdorf wrote:
> mintty is "run as administrator".
>
>
> (cygroot=C:\cygwin-x86_64-testssh) Administrator@OWNEROR-FVEPU7T ~
> $ uname -a
> CYGWIN_NT-6.3 OWNEROR-FVEPU7T 1.7.33(0.279/5/3) 2014-10-27 22:23 x86_64 Cygwin
>
>
> (cygroot=C:\cygwin-x86_64-testssh) Administrator@OWNEROR-FVEPU7T ~
> $ ssh-host-config --yes
>
> *** Warning: Running this script typically requires administrator privileges!
> *** Warning: However, it seems your account does not have these privileges.
> *** Warning: Here's the list of groups in your user token:
>
> None
> root
> Users
>
> *** Warning: This usually means you're running this script from a non-admin
> *** Warning: desktop session, or in a non-elevated shell under UAC control.
>
> *** Warning: Make sure you have the appropriate privileges right now,
> *** Warning: otherwise parts of this script will probably fail!
>
> *** Query: Are you sure you want to continue? (Say "no" if you're not sure
> *** Query: you have the required privileges) (yes/no) yes
>
> *** Info: Generating missing SSH host keys
> *** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes
> *** Info: Creating default /etc/ssh_config file
> *** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
> *** Info: Creating default /etc/sshd_config file
>
> *** Info: StrictModes is set to 'yes' by default.
> *** Info: This is the recommended setting, but it requires that the POSIX
> *** Info: permissions of the user's home directory, the user's .ssh
> *** Info: directory, and the user's ssh key files are tight so that
> *** Info: only the user has write permissions.
> *** Info: On the other hand, StrictModes don't work well with default
> *** Info: Windows permissions of a home directory mounted with the
> *** Info: 'noacl' option, and they don't work at all if the home
> *** Info: directory is on a FAT or FAT32 partition.
> *** Query: Should StrictModes be used? (yes/no) yes
>
> *** Info: Privilege separation is set to 'sandbox' by default since
> *** Info: OpenSSH 6.1. This is unsupported by Cygwin and has to be set
> *** Info: to 'yes' or 'no'.
> *** Info: However, using privilege separation requires a non-privileged account
> *** Info: called 'sshd'.
> *** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep.
> *** Query: Should privilege separation be used? (yes/no) yes
> *** Warning: The owner and the Administrators need
> *** Warning: to have .w. permission to /var/run.
> *** Warning: Here are the current permissions and ACLS:
> *** Warning: drwxrwxrwt+ 1 Administrator None 0 Nov 4 19:07 /var/run
> *** Warning: # file: /var/run
> *** Warning: # owner: Administrator
> *** Warning: # group: None
> *** Warning: # flags: --t
> *** Warning: user::rwx
> *** Warning: group::rwx
> *** Warning: other:rwx
> *** Warning: default:user::rwx
> *** Warning: default:group::r-x
> *** Warning: default:other:r-x
> *** Warning:
> *** Warning: Please change the user and/or group ownership,
> *** Warning: permissions, or ACLs of /var/run.
>
> *** ERROR: Problem with /var/run directory. Exiting.
>
>
> With cygwin 1.7.32 the script works.
>
> --
> Florian Friesdorf <flo@chaoflow.net>
> GPG FPR: 7A13 5EEE 1421 9FC2 108D BAAF 38F8 99A3 0C45 F083
> Jabber/XMPP: flo@chaoflow.net
> IRC: chaoflow on freenode,ircnet,blafasel,OFTC
--
Florian Friesdorf <flo@chaoflow.net>
GPG FPR: 7A13 5EEE 1421 9FC2 108D BAAF 38F8 99A3 0C45 F083
Jabber/XMPP: flo@chaoflow.net
IRC: chaoflow on freenode,ircnet,blafasel,OFTC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin-apps/attachments/20141104/fd94feda/attachment.sig>
More information about the Cygwin-apps
mailing list