ssh patches to fix installation issues

["Ross Smith II" <ross at smithii dot com>]

Attached are three small patches to the following files:

/bin/ssh-host-config
/bin/ssh-user-config
/usr/doc/Cygwin/openssh-3.4p1-5.README

to fix some installation issues and better explain using sshd in Windows.

The ssh-user-config changes are due to the fact that the default cygwin
umask is 000. Maybe a .bash_profile could be created containing umask 022
when the user's home directory is first created.  Just a thought.

This is the culmination of 6 hours of list perusing, and hair pulling, so
it's definitely "field tested".

Hope this helps,

Ross Smith

--- ssh-host-config.orig	2002-07-07 03:07:12.000000000 -0700
+++ ssh-host-config	2002-10-23 16:11:12.000000000 -0700
@@ -164,6 +164,7 @@
   if [ $_nt -gt 0 ]
   then
     chown system.system /var/empty
+    chmod 755 /var/empty
   fi
 fi

--- ssh-user-config.orig	2002-06-21 13:32:33.000000000 -0700
+++ ssh-user-config	2002-10-23 16:15:24.000000000 -0700
@@ -123,6 +123,8 @@
   fi
 fi

+chown `whoami` ${pwdhome}
+
 if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
 then
   echo "${pwdhome}/.ssh is existant but not a directory. Cannot create user
identity files."
@@ -139,6 +141,8 @@
   fi
 fi

+chmod 755 ${pwdhome}/.ssh
+
 if [ ! -f "${pwdhome}/.ssh/identity" ]
 then
   if request "Shall I create an SSH1 RSA identity file for you?"
@@ -196,5 +200,8 @@
   fi
 fi

+chmod 600 ${pwdhome}/.ssh/*
+chmod 644 ${pwdhome}/.ssh/*.pub ${pwdhome}/.ssh/authorized_keys?
+
 echo
 echo "Configuration finished. Have fun!"

--- openssh-3.4p1-5.README.orig	2002-10-23 15:20:39.000000000 -0700
+++ openssh-3.4p1-5.README	2002-10-23 16:23:03.000000000 -0700
@@ -123,12 +123,53 @@

 - If you want to authenticate via RSA and you want to login to that
   machine to exactly one user account you can do so by running sshd
-  under that user account. You must change /etc/sshd_config
-  to contain the following:
+  under that user account.
+
+  * Change /etc/sshd_config to contain

   RSAAuthentication yes

-  Moreover it's possible to use rhosts and/or rhosts with
+  * Make sure you have executed the following:
+
+    $ ssh-host-config
+    $ ssh-user-config
+
+  * Due to the fact that cygwin's default umask is 0000, you will need
+    to execute the following (substituting your user name for USERNAME):
+
+	chown USERNAME ~
+	chmod 755 ~ ~/.ssh
+	chmod 600 ~/.ssh/*
+	chmod 644 ~/.ssh/*.pub ~/.ssh/authorized_keys?
+
+  * Reinstall the ssh daemon to run as the user. Execute the following
+    (substituting your user name for USERNAME, and your password for
PASSWORD):
+
+	chmod 666 /var/log/sshd.log /var/empty
+	rm -fr /var/log/sshd.log /var/empty
+	touch /var/log/sshd.log
+	chmod 644 /var/log/sshd.log
+	chmod 755 /var/empty
+	chown USERNAME.None /var/empty /etc/ssh_host_* /var/log/sshd.log
+	cygrunsrv --stop sshd
+	cygrunsrv --remove sshd
+	cygrunsrv --install sshd -e "CYGWIN=glob ntsec binmode" \
+	   -u USERNAME \
+	   -w "PASSWORD" \
+	   -d "sshd" \
+	   -p /usr/sbin/sshd.exe \
+	   -1 /var/log/sshd.log \
+	   -2 /var/log/sshd.log \
+	   -a "-e -D"
+	cygrunsrv --start sshd
+
+  * NOTE: The user will not be able to login using their Windows password.
+    They will only be able to login using RSA authentication.
+
+    Therefore, you will need to copy your identity.pub and id_??a.pub
+    files into authorized_keys, and authorized_keys2, respectfully.
+
+  Moreover, it's possible to use rhosts and/or rhosts with
   RSA authentication by setting the following in sshd_config:

   RhostsAuthentication yes

Attachment: ssh-host-config.diff
Description: Binary data

Attachment: ssh-user-config.diff
Description: Binary data

Attachment: openssh-3.4p1-5.README.diff
Description: Binary data

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/