Top-posting reformatted.
Marc Jourdeuil wrote:
I am trying to setup sshd on cygwin, so ssh works.....
i followed all instructions from:
http://pigtail.net/LRP/printsrv/cygwin-sshd.html
the important ones being to set
variable name is CYGWIN
variable value is ntsec tty
as an env variable in windows, and
to append ;c:\cygwin\bin to the win2k Path var.
ssh -vvv localhost
p4-3000:marcj:{/home/marcj}198 % ssh -vvv localhost
OpenSSH_3.9p1, OpenSSL 0.9.7e 25 Oct 2004
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: connect to address 127.0.0.1 port 22: Connection refused
ssh: connect to host localhost port 22: Connection refused
The process is running:
p4-3000:marcj:{/home/marcj}160 % ps -ef
UID PID PPID TTY STIME COMMAND
marcj 1948 1 con 00:43:18 /usr/bin/bash
SYSTEM 728 1 ? 00:48:33 /usr/bin/cygrunsrv
SYSTEM 480 728 ? 00:48:33 /usr/sbin/sshd
marcj 1748 1948 con 00:53:03 /usr/bin/sh
marcj 2076 1748 con 00:53:03 /usr/X11R6/bin/XWin
marcj 1840 1748 con 00:53:04 /usr/X11R6/bin/wmaker
marcj 1648 1840 con 00:53:04 /usr/X11R6/bin/wmaker
marcj 1600 1648 ? 00:53:17 /usr/bin/xterm
marcj 1564 1600 0 00:53:18 /usr/bin/tcsh
marcj 2148 1 0 00:53:25 /usr/bin/xterm
marcj 2164 2148 1 00:53:25 /usr/bin/tcsh
marcj 2196 2164 1 00:53:44 /usr/bin/ps
and the port 22 is listening:
p4-3000:marcj:{/etc}183 % netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:22 0.0.0.0:0 LISTENING
Yet I always get connection refused:
ssh [EMAIL PROTECTED]
ssh connect to host 127.0.0.1 port 22: connection refused
ssh localhost
ssh: connect to host localhost port 22: Connection refused
ssh [EMAIL PROTECTED]
ssh: connect to host 192.168.1.204 port 22: Connection refused
I only have 1 copy of cygwin1.dll - in c:\cygwin\bin
I installed the openssh pkg at the same time that I did the initial
cygwin
install. I am just trying
to get sshd working now.
I have 2 old copies of cygwin: c:\cygwin-old and
H:\Program-Files2\cygwin-not used anymore
I can't edit
/etc/ssh_config file using cygwin or win2k even though I have admin
rights
on pc.
<snip sshd config>
I have looked at FAQs, google, archives....
Not sure where to go from here.
Marc
Could you stop the service, as described on the page you mention, and
then start it manually by doing the following:
sshd -D -dd
Once this is running, try to ssh to it from another cygwin window.
The instance of sshd should process one connection - failed or not.
Post the output from sshd so that we can get a better idea of what's
happening.
As a thought though.. Running any firewalls on that machine? (They
/shouldn't/ affect localhost connections, but I don't trust them...
Chris
Marc Jourdeuil wrote:
> I successfully stopped sshd.
>
> /usr/sbin/sshd -D -dd
> debug2: load_server_config: filename /etc/sshd_config
> debug2: load_server_config: done config len = 187
> debug2: parse_server_config: config /etc/sshd_config len 187
> debug1: sshd version OpenSSH_3.9p1
> Could not load host key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_dsa_key
> Disabling protocol version 1. Could not load host key
> Disabling protocol version 2. Could not load host key
> sshd: no hostkeys available -- exiting.
Well, this is definitely why it's not working.
>
> ran this again
> ssh-host-config
> Overwrite existing /etc/ssh_config file? (yes/no) yes
> Generating /etc/ssh_config file
> Overwrite existing /etc/sshd_config file? (yes/no) yes
> Privilege separation is set to yes by default since OpenSSH 3.3.
> However, this requires a non-privileged account called 'sshd'.
> For more info on privilege separation read
> /usr/share/doc/openssh/README.privsep.
>
> Should privilege separation be used? (yes/no) yes
> Generating /etc/sshd_config file
>
> Host configuration finished. Have fun!
>
Hrm.. I'm sure this is supposed to generate the host keys... (I'm sure
someone will correct me if I'm wrong, but I could have sworn that it did
for me..)
> p4-3000:marcj:{/usr/sbin}230 % /usr/sbin/sshd -D -dd
> debug2: load_server_config: filename /etc/sshd_config
> debug2: load_server_config: done config len = 187
> debug2: parse_server_config: config /etc/sshd_config len 187
> debug1: sshd version OpenSSH_3.9p1
> Could not load host key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_dsa_key
> Disabling protocol version 1. Could not load host key
> Disabling protocol version 2. Could not load host key
> sshd: no hostkeys available -- exiting.
>
> /etc/
> -rwxr-xr-x 1 marcj None 1159 Oct 19 13:57 ssh_config
> -rw------- 1 SYSTEM None 668 Oct 19 00:43 ssh_host_dsa_key
> -rw-r--r-- 1 SYSTEM None 603 Oct 19 00:43 ssh_host_dsa_key.pub
> -rw------- 1 SYSTEM None 528 Oct 19 00:43 ssh_host_key
> -rw-r--r-- 1 SYSTEM None 332 Oct 19 00:43 ssh_host_key.pub
> -rw------- 1 SYSTEM None 883 Oct 19 00:43 ssh_host_rsa_key
> -rw-r--r-- 1 SYSTEM None 223 Oct 19 00:43 ssh_host_rsa_key.pub
> -rw-r--r-- 1 marcj None 2807 Oct 19 13:58 sshd_config
>
The host key permissions seem fine to me.. Though for me the configs are
owned by SYSTEM as well - that said, that may be related to an
incomplete user list on the machine I checked - it doesn't seem all that
keen on pulling the full list from our domain server, but that's another
issue.
>
> inetd is not running, should it? I have ssh in /etc/services. I have no
> /etc/inetd.conf file. Should I?
> telnet localhost does nothing.
No, you don't need identd. /etc/services is just a list of what services
use what ports.
Telnet shouldn't work regardless - you should never run telnet anymore.
>
> I wasn't running any firewall before. I restarted zonealarm, but that
> doesn't seem to be a factor right now.
> It might be later, when I try from another PC.
>
It probably would, unless you tell ZA to allow all incoming traffic on
port 22, but at the moment that won't help.
Try this (though I give no guarantee's that it will fix anything)
rm /etc/ssh_host*
ssh-host-config
It *should* regenerate the host keys if you do this (and should say as
much right away).
Assuming it does, try the same as above afterwards.
If it works, then you'll be able to do:
cygrunsrv --start sshd
at which point you'll be sorted.
Chris
--
Spinning complacently in the darkness, covered and blinded by a blanket
of little lives, false security has lulled the madness of this world
into a slumber. Wake up! An eye is upon you, staring straight down and
keenly through, seeing all that you are and everything that you will
never be. Yes, an eye is upon you, an eye ready to blink. So face
forward, with arms wide open and mind reeling. Your future has
arrived... Are you ready to go?
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
