How to run cygwin sshd as a domain user?

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

How to run cygwin sshd as a domain user?

Xing Qiu
Hi,

I have successfully installed cygwin and its openssh package.  I followed
the instruction about setting up sshd and it works as expected.

However this sshd service turns out to be a local service, which means I
can't get access to the net printers and the net file folders in an ssh
session.  So I wonder is there a way to run sshd as a domain user instead of
the default, local user? BTW, if I use cygwin bash or cygwin xterm directly,
I can access my net folder and net printer without any problem (I think the
default cygwin user is a domain user).

I even tried to run /usr/sbin/sshd.exe by using my default domain user from
a cygwin xterm, but then sshd refuse to run because of the permission of
several files/dirs are not correct.

Thank you,
Xing

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Reply | Threaded
Open this post in threaded view
|

Re: How to run cygwin sshd as a domain user?

Larry Hall (Cygwin)
Xing Qiu wrote:

> Hi,
>
> I have successfully installed cygwin and its openssh package.  I
> followed the instruction about setting up sshd and it works as expected.
>
> However this sshd service turns out to be a local service, which means I
> can't get access to the net printers and the net file folders in an ssh
> session.  So I wonder is there a way to run sshd as a domain user
> instead of the default, local user? BTW, if I use cygwin bash or cygwin
> xterm directly, I can access my net folder and net printer without any
> problem (I think the default cygwin user is a domain user).
>
> I even tried to run /usr/sbin/sshd.exe by using my default domain user
> from a cygwin xterm, but then sshd refuse to run because of the
> permission of several files/dirs are not correct.


Please check the FAQ at least before posting a question.

> FAQ:                   http://cygwin.com/faq/

There's often good information there that can help you.  In this case, you
should read:


<http://cygwin.com/faq/faq-nochunks.html#faq.using.services>
<http://cygwin.com/faq/faq-nochunks.html#faq.using.shares>

--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Reply | Threaded
Open this post in threaded view
|

Re: How to run cygwin sshd as a domain user?

Xing Qiu

>
> Please check the FAQ at least before posting a question.
>
>> FAQ:                   http://cygwin.com/faq/
>
> There's often good information there that can help you.  In this case, you
> should read:
>
>
> <http://cygwin.com/faq/faq-nochunks.html#faq.using.services>
> <http://cygwin.com/faq/faq-nochunks.html#faq.using.shares>
>

No, I tried that, and it didn't work.  As far as I understand, cygrunsrv is
just a wrapper to run some daemon in the background. I simply can't start
sshd with my own user.  Below are the error messages:

$ /usr/sbin/sshd.exe -d
debug1: sshd version OpenSSH_4.1p1
Could not load host key: /etc/ssh_host_key
Could not load host key: /etc/ssh_host_rsa_key
Could not load host key: /etc/ssh_host_dsa_key
Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.

Here is the result of ls -lh /etc/ssh* :

$ ls -lh /etc/ssh*
-rwx------  1 SYSTEM SYSTEM      1.3K Nov  4 15:03 /etc/ssh_config
-rw-------  1 SYSTEM SYSTEM       668 Oct 30 19:37 /etc/ssh_host_dsa_key
-rw-r--r--  1 SYSTEM SYSTEM       600 Oct 30 19:37 /etc/ssh_host_dsa_key.pub
-rw-------  1 SYSTEM SYSTEM       525 Oct 30 19:37 /etc/ssh_host_key
-rw-r--r--  1 SYSTEM SYSTEM       329 Oct 30 19:37 /etc/ssh_host_key.pub
-rw-------  1 SYSTEM SYSTEM       883 Oct 30 19:37 /etc/ssh_host_rsa_key
-rw-r--r--  1 SYSTEM SYSTEM       220 Oct 30 19:37 /etc/ssh_host_rsa_key.pub
-rw-r--r--  1 xqiu   mkgroup-l-d 2.8K Nov  4 15:03 /etc/sshd_config

And if I do what the FAQ tells me to do, I get the following error message:


cygrunsrv -I "Xing_sshd" -p /usr/sbin/sshd -a '-D' -u xqiu -w mypasswd
...

$ cygrunsrv -S Xing_sshd
cygrunsrv: Error starting a service: QueryServiceStatus:  Win32 error 1053:
The service did not respond to the start or control request in a timely
fashion.

Should I go ahead change the ownership of /etc/ssh* ?












--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Reply | Threaded
Open this post in threaded view
|

RE: How to run cygwin sshd as a domain user?

Dave Korn
Xing Qiu wrote:

> No, I tried that, and it didn't work.  As far as I understand, cygrunsrv
> is just a wrapper to run some daemon in the background. I simply can't
> start sshd with my own user.  Below are the error messages:
>
> $ /usr/sbin/sshd.exe -d
> debug1: sshd version OpenSSH_4.1p1
> Could not load host key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_dsa_key
> Disabling protocol version 1. Could not load host key
> Disabling protocol version 2. Could not load host key
> sshd: no hostkeys available -- exiting.
>
> Here is the result of ls -lh /etc/ssh* :
>
> $ ls -lh /etc/ssh*
> -rwx------  1 SYSTEM SYSTEM      1.3K Nov  4 15:03 /etc/ssh_config
> -rw-------  1 SYSTEM SYSTEM       668 Oct 30 19:37 /etc/ssh_host_dsa_key
> -rw-r--r--  1 SYSTEM SYSTEM       600 Oct 30 19:37
> /etc/ssh_host_dsa_key.pub
> -rw-------  1 SYSTEM SYSTEM       525 Oct 30 19:37 /etc/ssh_host_key
> -rw-r--r--  1 SYSTEM SYSTEM       329 Oct 30 19:37 /etc/ssh_host_key.pub
> -rw-------  1 SYSTEM SYSTEM       883 Oct 30 19:37 /etc/ssh_host_rsa_key
> -rw-r--r--  1 SYSTEM SYSTEM       220 Oct 30 19:37
> /etc/ssh_host_rsa_key.pub
> -rw-r--r--  1 xqiu   mkgroup-l-d 2.8K Nov  4 15:03 /etc/sshd_config

> Should I go ahead change the ownership of /etc/ssh* ?



  How about re-running ssh-host-config, which contains code to set the
perms/ownership correctly?


  (If you insist on doing it manually, "SYSTEM" is fine for owner, but you
want "Domain Users" for the group).

    cheers,
      DaveK
--
Can't think of a witty .sigline today....


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Reply | Threaded
Open this post in threaded view
|

Re: How to run cygwin sshd as a domain user?

Corinna Vinschen-2
On Nov  8 18:28, Dave Korn wrote:

> Xing Qiu wrote:
>
> > No, I tried that, and it didn't work.  As far as I understand, cygrunsrv
> > is just a wrapper to run some daemon in the background. I simply can't
> > start sshd with my own user.  Below are the error messages:
> >
> > $ /usr/sbin/sshd.exe -d
> > debug1: sshd version OpenSSH_4.1p1
> > Could not load host key: /etc/ssh_host_key
> > Could not load host key: /etc/ssh_host_rsa_key
> > Could not load host key: /etc/ssh_host_dsa_key
> > Disabling protocol version 1. Could not load host key
> > Disabling protocol version 2. Could not load host key
> > sshd: no hostkeys available -- exiting.
> >
> > Here is the result of ls -lh /etc/ssh* :
> >
> > $ ls -lh /etc/ssh*
> > -rwx------  1 SYSTEM SYSTEM      1.3K Nov  4 15:03 /etc/ssh_config
> > -rw-------  1 SYSTEM SYSTEM       668 Oct 30 19:37 /etc/ssh_host_dsa_key
> > -rw-r--r--  1 SYSTEM SYSTEM       600 Oct 30 19:37
> > /etc/ssh_host_dsa_key.pub
> > -rw-------  1 SYSTEM SYSTEM       525 Oct 30 19:37 /etc/ssh_host_key
> > -rw-r--r--  1 SYSTEM SYSTEM       329 Oct 30 19:37 /etc/ssh_host_key.pub
> > -rw-------  1 SYSTEM SYSTEM       883 Oct 30 19:37 /etc/ssh_host_rsa_key
> > -rw-r--r--  1 SYSTEM SYSTEM       220 Oct 30 19:37
> > /etc/ssh_host_rsa_key.pub
> > -rw-r--r--  1 xqiu   mkgroup-l-d 2.8K Nov  4 15:03 /etc/sshd_config
>
> > Should I go ahead change the ownership of /etc/ssh* ?
>
>
>
>   How about re-running ssh-host-config, which contains code to set the
> perms/ownership correctly?
>
>
>   (If you insist on doing it manually, "SYSTEM" is fine for owner, but you
> want "Domain Users" for the group).

No.  The owner must be the same as the one running sshd.  Same for
/var/empty.


Corinna

--
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Reply | Threaded
Open this post in threaded view
|

Re: How to run cygwin sshd as a domain user?

Xing Qiu
Thank you very much, I can start sshd as my usual domain user after:

1.  chown my_user_name /etc/ssh*
2.  chown my_user_name /var/empty

/usr/sbin/sshd.exe

And now I can get access to the network drives/printers from a remote ssh
login session. I think the cygwin FAQ didn't mention this subtlety but you
guys are really very helpful, thank you again!

Xing

----- Original Message -----
From: "Corinna Vinschen" <[hidden email]>
To: <[hidden email]>
Sent: Wednesday, November 09, 2005 3:49 AM
Subject: Re: How to run cygwin sshd as a domain user?


> On Nov  8 18:28, Dave Korn wrote:
>> Xing Qiu wrote:
>>
>> > No, I tried that, and it didn't work.  As far as I understand,
>> > cygrunsrv
>> > is just a wrapper to run some daemon in the background. I simply can't
>> > start sshd with my own user.  Below are the error messages:
>> >
>> > $ /usr/sbin/sshd.exe -d
>> > debug1: sshd version OpenSSH_4.1p1
>> > Could not load host key: /etc/ssh_host_key
>> > Could not load host key: /etc/ssh_host_rsa_key
>> > Could not load host key: /etc/ssh_host_dsa_key
>> > Disabling protocol version 1. Could not load host key
>> > Disabling protocol version 2. Could not load host key
>> > sshd: no hostkeys available -- exiting.
>> >
>> > Here is the result of ls -lh /etc/ssh* :
>> >
>> > $ ls -lh /etc/ssh*
>> > -rwx------  1 SYSTEM SYSTEM      1.3K Nov  4 15:03 /etc/ssh_config
>> > -rw-------  1 SYSTEM SYSTEM       668 Oct 30 19:37
>> > /etc/ssh_host_dsa_key
>> > -rw-r--r--  1 SYSTEM SYSTEM       600 Oct 30 19:37
>> > /etc/ssh_host_dsa_key.pub
>> > -rw-------  1 SYSTEM SYSTEM       525 Oct 30 19:37 /etc/ssh_host_key
>> > -rw-r--r--  1 SYSTEM SYSTEM       329 Oct 30 19:37
>> > /etc/ssh_host_key.pub
>> > -rw-------  1 SYSTEM SYSTEM       883 Oct 30 19:37
>> > /etc/ssh_host_rsa_key
>> > -rw-r--r--  1 SYSTEM SYSTEM       220 Oct 30 19:37
>> > /etc/ssh_host_rsa_key.pub
>> > -rw-r--r--  1 xqiu   mkgroup-l-d 2.8K Nov  4 15:03 /etc/sshd_config
>>
>> > Should I go ahead change the ownership of /etc/ssh* ?
>>
>>
>>
>>   How about re-running ssh-host-config, which contains code to set the
>> perms/ownership correctly?
>>
>>
>>   (If you insist on doing it manually, "SYSTEM" is fine for owner, but
>> you
>> want "Domain Users" for the group).
>
> No.  The owner must be the same as the one running sshd.  Same for
> /var/empty.
>
>
> Corinna
>
> --
> Corinna Vinschen                  Please, send mails regarding Cygwin to
> Cygwin Project Co-Leader          cygwin AT cygwin DOT com
> Red Hat, Inc.
>
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Problem reports:       http://cygwin.com/problems.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
>
>

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/