Hosting Provided By

Re: Cygwin and SSH

From: Philip Le Riche <pleriche(at)altair.steria.co.uk>
Date: Mon Dec 09 2002 - 11:44:53 EST

First, you need to set up an sshd_config. Best put it in /etc/openssh. Here's one I made earlier:

# $OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

PidFile /var/openssh/sshd.pid

# HostKey for protocol version 1

HostKey /etc/openssh/ssh_host_key
# HostKeys for protocol version 2

HostKey /etc/openssh/ssh_host_rsa_key
HostKey /etc/openssh/ssh_host_dsa_key

Do you need help?

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH

# Authentication:

#LoginGraceTime 600
#PermitRootLogin yes
#StrictModes yes

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys

# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in /usr/local/etc/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

Do you need more help?

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

#AFSTokenPassing no

# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no

# Set this to 'yes' to enable PAM keyboard-interactive authentication
# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
#PAMAuthenticationViaKbdInt yes

#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#Compression yes

#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no

# override default of no subsystems

Subsystem sftp /usr/local/libexec/sftp-server

Then create some keys, e.g.

ssh-keygen -t rsa1 -f /etc/openssh/ssh_host_key -N ""
ssh-keygen -t dsa -f /etc/openssh/ssh_host_dsa_key -N ""
ssh-keygen -t rsa -f /etc/openssh/ssh_host_rsa_key -N ""

Can we help you?

The following couple of lines I pinched from an rc.openssh on an AIX machine:

read a b c d </etc/openssh/ssh_host_key.pub echo $hostname $a $b $c >>/etc/openssh/ssh_known_hosts

On your client, create a user key, e.g.

ssh-keygen -t rsa -f $HOME/.ssh/id_rsa -N ""

Copy the public key $HOME/.ssh/id_rsa.pub to the cygwin server and append to .ssh/authorized_keys

Start sshd with:

/usr/sbin/sshd -f /etc/openssh/sshd_config

Go back to your client machine and try:

Can't find what you're looking for?

ssh -l <user> <ip addr or hostname of server>

where <user> is what comes before the @ before each bash command prompt.

Have I forgotten anything? You get the general idea.

The first time you get a remote bash prompt from a win9x box is magic! Who wants a DOS prompt?

Philip

samuelf_stefanini@ctbctelecom.net.br scrawls:

> 
> Hello,
> 
> How to configure CYGWIN to execute conections via SSH?
> 
> Someone know
> 
> Tanks
> 
> Samuel
> 
> 
> 
> 
>

-- 
==============================================================================
Philip Le Riche                            Voice: +44 1442 884390
(Ouaithe qu'i' sait L'Riche, chu           Fax:   +44 1442 884943
pouôrre baloque né pâle pon l'Jèrriais)    Email: pleriche@altair.steria.co.uk
==============================================================================

Received on Wed Dec 11 18:44:50 2002

This message: [ Message body ]
Next message: Jeff Koenig: "Re: Trusted SSH on Solaris"
Previous message: Michael Sierchio: "Re: 3DES key-length for data authentication"
In reply to: samuelf_stefanini(at)ctbctelecom.net.br: "Cygwin and SSH"
In reply to Dillenbourg Jean (FETA): "No password"
Next in thread: Philip Le Riche: "Re: Cygwin and SSH"
Reply: Jeff Koenig: "Re: Trusted SSH on Solaris"
Reply: John Mendenhall: "OpenSSH_3.5p1 server, PC clients cannot connect"
Reply: Greg Paik: "RE: OpenSSH_3.5p1 server, PC clients cannot connect"
Reply: Miller Brett: "I am having serious difficulty getting host based authenication working with ssh"
Reply: Alf Nicolaysen: "Re: RhostsAuthentication under AIX 4.3.3"
Reply: fmarchioni(at)libero.it: "[beginner] Cannot get RSA authentication to work"
Reply: Simon Szeto: "sftp connection closed"
Reply: David Shaw: "OpenSSH 3.6.1p2 Inoperability Issue"
Reply: Donald Plummer: "[Fwd: Re: Permission Denied error, can't login]"
Reply: Leece, Doug: "RE: Going MAD trying to get scp working on Solaris8 (SSH-2.0-OpenSSH_ 3.4p1) - Pleeeese Help."
Reply: mehul choube: "ssh configuration problem"
Reply: Dan Taylor: "RE: ssh configuration problem"
Reply: Gary Blydenburgh: "Hostbased Authentication Failure"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:51 EDT