Problem with ssh-host-config?
I'm having a strange problem with the sshd configuration script on Windows 8.
I'm calling it as follows, where I expect both the fjsupport Windows user
account and /etc/passwd entry to be created by the script:
/bin/ssh-host-config -y -c ntsec -u fjsupport -w
If the user has no entry in /etc/passwd, it creates the Windows account, but
then complains when it comes to create the sshd service that the privileged
user does not exist (I think it means in /etc/passwd). If I add the user to
/etc/passwd (using mkpasswd after the first run) and just remove the Windows
account, then it sees that the user exists in /etc/passwd and does not attempt
to create a Windows account, then complaining that it cannot use the
(non-existent) Windows user when it tries to create the service. If I have both
the Windows account (with privileges) and the /etc/passwd entry beforehand,
everything is fine, but of course it doesn't have to make either.
By stepping through the script (incidentally, the -d flag doesn't work
properly?), I found that the csih_create_privileged_user function is using the
variable ${username} to write to /etc/passwd. But when called as above this
variable is not set. So that doesn't update /etc/passwd and it (later) thinks
the user is not known. This is at line 3069 in
cygwin-service-installation-helper.sh.
/usr/bin/mkpasswd -l -u "${username}" >> "${SYSCONFDIR}/passwd"
Changing ${username} to ${csih_PRIVILEGED_USERNAME} seems to fix the problem
and everything works as expected.
So I have the result I want, but I'm not sure that the fix above is correct.
Isn't it normal to use ssh-host-config to create the user in Windows and
/etc/passwd? In which case why isn't everyone getting this problem? Or am I
using the script the wrong way?
--
Cheers,
-nick
Unless otherwise stated, this email has been sent from Fujitsu Services
Limited, from Fujitsu (FTS) Limited, or from Fujitsu Telecommunications Europe
Limited, together "Fujitsu".
This email is only for the use of its intended recipient. Its contents are
subject to a duty of confidence and may be privileged. Fujitsu does not
guarantee that this email has not been intercepted and amended or that it is
virus-free.
Fujitsu Services Limited, registered in England No 96056, registered office 22
Baker Street, London W1U 3BW.
Fujitsu (FTS) Limited, registered in England No 03808613, registered office 22
Baker Street, London W1U 3BW.
PFU Imaging Solutions Europe Limited, registered in England No 1578652,
registered office Hayes Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.
Fujitsu Telecommunications Europe Limited, registered in England No 2548187,
registered office Solihull Parkway, Birmingham Business Park, Birmingham, B37
7YU.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
RE: Problem with ssh-host-config?
Hi Corinna, >> In theory this should only happen if you *only* use passwd in >> /etc/nsswitch.conf. If you use default settings (passwd db), this >> branch should not be hit either. >> >> So I wonder how your /etc/nsswitch.conf looks like. Are you using >> >> passwd: passwd >> group: passwd > > We install the following in nsswitch.conf just before running ssh-host-config: > > passwd: files > group:files > db_home: windows > > Does that explain the path we're taking? Looking at the csih scripts, that would take the code into the mkpasswd branch with the bug. So perhaps no one has noticed this before simply because the default behaviour skips it. -- Cheers, -nick Unless otherwise stated, this email has been sent from Fujitsu Services Limited, from Fujitsu (FTS) Limited, or from Fujitsu Telecommunications Europe Limited, together "Fujitsu". This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it is virus-free. Fujitsu Services Limited, registered in England No 96056, registered office 22 Baker Street, London W1U 3BW. Fujitsu (FTS) Limited, registered in England No 03808613, registered office 22 Baker Street, London W1U 3BW. PFU Imaging Solutions Europe Limited, registered in England No 1578652, registered office Hayes Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE. Fujitsu Telecommunications Europe Limited, registered in England No 2548187, registered office Solihull Parkway, Birmingham Business Park, Birmingham, B37 7YU.
RE: SSH access to desktop
> $ /usr/sbin/sshd.exe -p 8100 > /var/empty must be owned by root and not group or world-writable. > ... > drwxr-x--x+ 1 Administrator Administrators 0 Mar 16 10:08 empty/ Try making the owner of this directory the same as the Windows user that is running the sshd service. I think this is a hard coded error message that says "root" in the expectation that this runs sshd. But that is not the case on Windows/Cygwin. Cheers, -nick Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No 96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: 22 Baker Street, London W1U 3BW; PFU (EMEA) Limited, (registered in England No 1578652) and Fujitsu Laboratories of Europe Limited (registered in England No. 4153469) both with registered offices at: Hayes Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE. This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it is virus-free. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
