Navigation:
all content © by Mario Emmenlauer.
|
Table of ContentsCygwinThis guide should explain a basic comfortable Cygwin installtion and configuration. After finishing it, you will have an X11 server, terminal with selectable fonts, and optionally an ssh server running. Common SettingsTo set the place where the Windows drive letters are going to be mounted, use mount -s --change-cygdrive-prefix / Then you can access your C: Drive at /c/ instead of /cygdrive/c/. logout and back in for the settings to have an effect on your PATH variable. X11 ServerSadly I did not write down what I did. Section will follow later:-) chaning xterm settingsTo change the xterm default settings, edit one (or all) of the files: /etc/X11/app-defaults/XTerm $HOME/.Xdefaults SSH ServiceI mainly went by this http://ist.uwaterloo.ca/~kscully/CygwinSSHD_W2K3.html guide. Here are the important steps: Install at least the following list of packages:
Edit the C:\cygwin\cygwin.bat script. Make sure it contains these lines - you will need to add the line setting the CYGWIN environment variable: @echo off set CYGWIN=binmode tty ntsec C: chdir \cygwin\bin bash --login -i Run ssh-host-config to create the service, set up the ssh host keys and create the sshd_config file in /etc/. ssh-host-config Generating /etc/ssh_host_key Generating /etc/ssh_host_rsa_key Generating /etc/ssh_host_dsa_key Overwrite existing /etc/ssh_config file? (yes/no) yes Generating /etc/ssh_config file Overwrite existing /etc/sshd_config file? (yes/no) yes Privilege separation is set to yes by default since OpenSSH 3.3. However, this requires a non-privileged account called 'sshd'. For more info on privilege separation read /usr/share/doc/openssh/README.privsep. Should privilege separation be used? (yes/no) yes Warning: The following function requires administrator privileges! Should this script create a local user 'sshd' on this machine? (yes/no) yes Generating /etc/sshd_config file Added ssh to C:\WINDOWS\system32\drivers\etc\services Warning: The following functions require administrator privileges! Do you want to install sshd as service? (Say "no" if it's already installed as service) (yes/no) yes You appear to be running Windows 2003 Server or later. On 2003 and later systems, it's not possible to use the LocalSystem account if sshd should allow passwordless logon (e. g. public key authentication). If you want to enable that functionality, it's required to create a new account 'sshd_server' with special privileges, which is then used to run the sshd service under. Should this script create a new local account 'sshd_server' which has the required privileges? (yes/no) yes Please enter a password for new user 'sshd_server'. Please be sure that this password matches the password rules given on your system. Entering no password will exit the configuration. PASSWORD=xxxxxxx User 'sshd_server' has been created with password 'xxxxxxxx'. If you change the password, please keep in mind to change the password for the sshd service, too. Also keep in mind that the user sshd_server needs read permissions on all users .ssh/authorized_keys file to allow public key authentication for these users. (Re-)running ssh-user-config for each user will set the required permissions correctly. Which value should the environment variable CYGWIN have when sshd starts? It's recommended to set at least "ntsec" to be able to change user context without password. Default is "ntsec". CYGWIN=binmode ntsec tty The service has been installed under sshd_server account. To start the service, call 'net start sshd' or 'cygrunsrv -S sshd'. Host configuration finished. Have fun! Running SSHD as a local userIf you run sshd as a local user account, you will have the right user token to compile and to access network shares from the ssh login. By default, the ssh service is installed this way:
Lets assume you want to be able to log in as user 'emmenlau' and access all network shares and have the right token. First you need to have (create) this new user 'emmenlau' as a local machine user. Then you need to grant emmenlau additional permissions: Go to Start → Control Panel → Administrative Tools → Local Security Settings → User Rights Management and add the user 'emmenlau' to the following rights:
To change sshd to run as a local user account, go to Start → Control Panel → Administrative Tools → Computer Management → Services → CYGWIN sshd → Log On There you can change the user from 'cyg_server' to 'emmenlau', by entering '.\emmenlau' and emmenlau's password. Now you can stop and restart the service sshd, and should be able to log in as the user emmenlau. |