Mail Archives: cygwin/2009/02/18/21:06:19
Aaron Davies wrote:
> On Thu, Feb 19, 2009 at 12:33 AM, Larry Hall (Cygwin)
> <XXXXXX> wrote:
^^^^^^
<http://cygwin.com/acronyms/#PCYMTNQREAIYR> Thanks!
>
>> Aaron Davies wrote:
>>> is it possible to get sshd working w/o admin privs?
>> Running 'ssh-host-config' requires adminstrative privileges to create
>> users to run 'sshd' as a service (for W2K3 and later) and for privilege
>> separation. If you don't want/need these, then you can bypass these
>> as part of the configuration. This will mean:
>>
>> 1. You cannot run sshd as a service (on W2K3 or later) so you will not
>> be able to use pub-key authentication. On W2K and XP systems, you
>> can use the existing 'SYSTEM' user to run 'sshd' as a service if
>> you'd like.
> I'm on XP Pro. How would I go about installing it as a service under
> SYSTEM? ssh-host-config doesn't seem to be able to do that for me (log
> attached, as is cygcheck output).
Of course. My mistake. You need admin privileges to install a service.
If you don't have this or can't get it for the configuration portion of
the installation, you won't be able to run as a service. :-(
>>> i've run ssh-host-config (without creating a new user) and started
>>> sshd manually from the shell.
>>>
>>> when i try to connect, i get "Connection closed by 127.0.0.1" and an
>>> error "sshd: PID 6520: fatal: seteuid 45758: Permission denied" shows
>>> up in the event viewer
>>>
>>> "id" idnicates that 45758 is me
>>>
>>> any suggestions?
>> Use password authentication?
>
> I don't get to an authentication stage at all AFAICT.
But what authentication methods do you allow? If you allow
pubkey and have set up the keys for this (via 'ssh-user-config'),
this could be the problem. Your 'sshd' won't be able to change
user to 'you'. That's what the 'seteuid' message above means.
I'd recommend removing all ssh key files in ~/.ssh and trying again.
Also, FWIW, using a remote drive as your home adds a level of
complication. You may want to try to create a local home directory,
point to this in your '/etc/passwd', and rerun 'ssh-user-config' if
you continue to have problems.
--
Larry Hall http://www.rfk.com
RFK Partners, Inc. (508) 893-9779 - RFK Office
216 Dalton Rd. (508) 893-9889 - FAX
Holliston, MA 01746
_____________________________________________________________________
A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email?
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -