HELP: sshd/multi-user how-to

Igor Pechtchanski pechtcha@cs.nyu.edu
Sat May 10 15:52:00 GMT 2003 

On 2003年5月10日, richard dje wrote:
> Hi,
>> I'm trying to setup a cvs server on cygwin over ssh.
>> I have cygwin v1.3.22.1 installed on a win2k box.
> I also installed the latest version of openSSH, and all related packages.
>> I also learned that one need to create a windows account for each user
> willing to connect to the server.
>> In order to do some testing i just created 2 accounts on the windows
> machine,say USER1 and USER2.
>> To enable connections through ssh one need to correctly setup 'sshd'. For that
> USER1 ran 'ssh-host-config', since /etc/ssh_host_* files must be
> read/write-able by only one account. Normally that user should have been
> 'root'. Browsing the web, i saw that it was not that simple
> on cygwin (Please correct me if i am wrong).
>> Files
> /etc/ssh_host_key,
> /etc/ssh_host_rsa_key,
> /etc/ssh_host_dsa_key
>> should not be group and world-accessible.
>> I then launched the following two commands
> $ mkpasswd -l > /etc/passwd
> $ mkgroup -l > /etc/group
>> Their content looks OK.
>> I then gathered USER1 and USER2 ssh2-rsa publickeys and put them in
> their respective $HOME/.ssh/authorized_keys2 (on the server machine).
>> The windows machine was then booted on USER1 account in order to be able
> to start 'sshd' by means of '/etc/rc.d/init.d/sshd start'
>> Connecting remotely to USER1 account by the following command worked just fine
> $ ssh -v USER1@server_ip_address
>> But trying to do the same for USER2 by using
> $ ssh -v USER2@ser_ip_address
> just failed, since i am asked to provide a password.
> The above command output showed me that the ssh2-rsa publickey auth just
> failed.
>> QUESTION:
> - Is the above configuration feasible ?
> assuming USER1 is a poweruser,
> USER2, USER3, ..., USERN are simple user.
>> - Does cygwin/cvs works fine in server mode using 'ext' protocol (ssh) ?
> - Security-wise is (cygwin/cvs server / ssh) a good choice ?
>> Thank You In Advance for your feedback and or help. :-)
> regards,
> -Richard

Richard,
FYI, on Cygwin, root = SYSTEM (uid 18). That is also the account all
services (including sshd) usually run under. Read
<http://cygwin.com/cygwin-ug-net/ntsec.html> for details.
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
 |\ _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`' -. ;-;;,_		igor@watson.ibm.com
 |,4- ) )-,_. ,\ ( `'-'		Igor Pechtchanski
 '---''(_/--' `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
Knowledge is an unending adventure at the edge of uncertainty.
 -- Leto II
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/

More information about the Cygwin mailing list

AltStyle によって変換されたページ (->オリジナル) /