openssh 5.1p1-3 / ssh-host-config dependency and permission issues

Karl Herrick karl.herrick@millbrookprinting.com
Tue Oct 7 20:23:00 GMT 2008


Unfortunately, I forgot to attach my cygcheck.out file... it is now 
attached.

Karl Herrick wrote:
> The scope of this post is have an OpenSSH server running on top of 
> Windows XP Professional without dependency errors or permission issues 
> during the setup.
>
> On 2008-06-28 a system was installed from scratch with the following 
> specs:
>
>   Windows XP Professional SP2
>   setup.exe 2.573.2.2
>   OpenSSH 4.7p1-2 and the associated dependencies
>
> Today when trying to build a similar system,
>
>   Windows XP Professional SP3
>   setup.exe 2.573.2.3
>   OpenSSH 5.1p1-3 and the associated dependencies
>
> two problems are encountered:
>
> 1. An error is received in regard to diffutils not being installed 
> when running ssh-host-config:
> *** ERROR: Could not find or execute required program cmp.
> *** ERROR: Please install diffutils
>
> 2. Various permission errors arise while running ssh-host-config:
> *** Warning: The file /etc/passwd is not readable by all.
> *** Warning: Please run 'chmod +r /etc/passwd'.
> *** Warning: The file /etc/group is not readable by all.
> *** Warning: Please run 'chmod +r /etc/group'.
> *** ERROR: Problem with LocalSystem or Adminstrator IDs
>
> and separately after rerunning ssh-host-config:
>
> *** Warning: The permissions on the directory /var are not correct.
> *** Warning: They must match the regexp d..x..x..[xt]
> *** ERROR: Problem with /var directory. Exiting.
>
> Four questions:
>
> 1. Should diffutils automatically be installed as a dependency of 
> openssh so that this error doesn't come up in regard to it not being 
> installed while running ssh-host-config?
>
> 2. Should these permissions be different on a default cygwin install 
> so that openssh can be installed and ssh-host-config can be executed 
> without permission errors?
>
> 3. Is it safe to make the necessary permission changes to the various 
> files and directores (/etc/passwd, /etc/group, and /var) that openssh 
> is requesting changes to in order to "force" it to work?
>
> 4. If indeed these issues are due to a bug, are there appropriate 
> places to file necessary bug reports in order to keep track of if/when 
> they will be resolved?
>
> Thanks for your time and consideration of these issues that have been 
> noticed.
>
> ---
>
> Reproduce steps:
>
> 1. Download setup.exe version 2.573.2.3 and place into 
> "C:\cygwin-install\".
> 2. Go through the setup wizard with defaults except:
> 2.a Select a mirror.
> 2.b Click once on the "Net/openssh" package (at the time of this post 
> it indicates it will install version 5.1p1-3 and the associated 
> dependencies).
> 3. Execute "C:\cygwin\Cygwin.bat".
> 4. Within the newly launched shell, execute "ssh-host-config".
>
> The following is returned:
>
> ######################
> $ ssh-host-config
> *** Info: Generating /etc/ssh_host_key
> *** Info: Generating /etc/ssh_host_rsa_key
> *** Info: Generating /etc/ssh_host_dsa_key
> *** ERROR: Could not find or execute required program cmp.
> *** ERROR: Please install diffutils
> ######################
>
> 5. Close the shell and launch "C:\cygwin-install\setup.exe".
> 6. Go through the setup wizard with defaults except:
> 6.a Click once on the "Utils/diffutils" package (at the time of this 
> post it indicates it will install version 2.8.7-1 and the associated 
> dependencies).
> 7. Execute "C:\cygwin\Cygwin.bat".
> 8. Within the newly launched shell, execute "ssh-host-config".
> 9. Answer "yes" to the "Should privilege separation be used? (yes/no)" 
> query.
>
> The following is returned:
>
> ######################
> *** Warning: The file /etc/passwd is not readable by all.
> *** Warning: Please run 'chmod +r /etc/passwd'.
> *** Warning: The file /etc/group is not readable by all.
> *** Warning: Please run 'chmod +r /etc/group'.
> *** ERROR: Problem with LocalSystem or Adminstrator IDs
> ######################
>
> 10. Within the shell, exectue "chmod +r /etc/passwd".
> 11. Within the shell, exectue "chmod +r /etc/group".
> 12. Within the shell, execute "ssh-host-config".
> 13. Answer "yes" to the "Overwrite existing /etc/ssh_config file? 
> (yes/no)" query.
> 14. Answer "yes" to the "Overwrite existing /etc/sshd_config file? 
> (yes/no)" query.
> 15. Answer "yes" to the "Should privilege separation be used? 
> (yes/no)" query.
>
> The following is returned:
>
> ######################
> *** Warning: The permissions on the directory /var are not correct.
> *** Warning: They must match the regexp d..x..x..[xt]
> *** ERROR: Problem with /var directory. Exiting.
> ######################
>
> 16. Within the shell, execute "ls -ld /var"
>
> The following is returned:
>
> ######################
> drwxrwx---+ 8 ladmin Users 0 Oct  7 11:38 /var
> ######################
>
> 17. Within the shell, execute "chmod o+x /var"
> 18. Within the shell, execute "ssh-host-config".
> 19. Answer "yes" to the "Overwrite existing /etc/ssh_config file? 
> (yes/no)" query.
> 20. Answer "yes" to the "Overwrite existing /etc/sshd_config file? 
> (yes/no)" query.
> 21. Answer "yes" to the "Should privilege separation be used? 
> (yes/no)" query.
> 22. Answer "yes" to the "new local account 'sshd'? (yes/no)" query.
> 23. Answer "yes" to the "Do you want to install sshd as a service? 
> (Say "no" if it is already installed as a service) (yes/no)" query.
> 24. Press the "Enter" key in regard to the "Enter the value of CYGWIN 
> for the daemon: [ntsec]" query.
> 25. Within the shell, execute "cygrunsrv -S sshd"
> 26. Completing the setup via "ssh-user-config" etc...
>

-- 

Karl Herrick
Systems Engineer
Millbrook Printing Company
3540 Jefferson Hwy.
Grand Ledge, MI 48837-9750
http://www.millbrookprinting.com
karl.herrick@millbrookprinting.com
P: 800-992-9653
F: 517-627-0267

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cygcheck.out
URL: <http://cygwin.com/pipermail/cygwin/attachments/20081007/06ba86c7/attachment.ksh>
-------------- next part --------------
--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


More information about the Cygwin mailing list