Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Thu, 9 Dec 2004 18:52:33 +0100
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: [Fwd: [rurban AT x-ray DOT at: ssh-host-config CYGWIN quoting]]
Message-ID: <20041209175233.GC25246@cygbert.vinschen.de>
Mail-Followup-To: cygwin AT cygwin DOT com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2i

[Still catching up on old mail]

> ----- Forwarded message from Reini Urban -----
> From: Reini Urban 
> To: cygwin 
> Subject: ssh-host-config CYGWIN quoting
> Date: Wed, 27 Oct 2004 02:37:04 +0200
> 
> Hi Corinna,
> CYGWIN should be quoted when passed to cygrunsrv,
> otherwise one will not be able to use CYGWIN="server codepage:oem" as 
> sshd env. See the patch (but remove --interactive).

Hmm, I don't quite see where the current solution fails to do the right
thing(tm):

$ cygrunsrv -I TESTsshd -p /usr/sbin/sshd -a -D -e "CYGWIN=tty binmode codepage:oem"
$ net start TESTsshd
The TESTsshd service is starting.
The TESTsshd service was started successfully.

$ ssh localhost
Last login: Thu Dec  9 18:35:30 2004 from [...]
$ echo $CYGWIN
tty binmode codepage:oem

> **********
> 
> And then I have this service --interactive question:
> My favorite term is putty which allows compared to cmd.exe or rxvt.exe 
> better mouse selection of an over-long commandline. Also some more 
> goodies like signals, and visual bell.
> 
> So I usually ssh to localhost, instead of open my cmd-bash.
> Therefore I had to add --interactive to sshd otherwise no GUI programs 
> like insight or setup will appear if started from my putty terms.
> 
> Is it technically possible for sshd to detect if run as service and 
> forbid external connections somehow to use the desktop?
> Only allow local connections --interactive?
> Something like a new /etc/sshd_config setting:
> #Win32InteractiveLocalOnly
----- End forwarded message -----

That would be a generic change to OpenSSH and /etc/sshd_config.  I doubt
you'd get this approved by the upstream maintainers.  I see your point,
but that's nothing which belongs into OpenSSH.

Suggestion: Start two sshds, one on port 22 and non-interactive for 
external connections, one on port 2222 and interactive for local
connections.  This solves the problem w/o changing OpenSSH sources.


Corinna

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/