Installing SSH on Windows 2003 Server
Monday, June 15, 2009
How Do You Get Rid Of Recordings On Direct Tv
or Secure SSH Shell is a network protocol that allows the exchange of information using a secure channel between the client and server. SSH is commonly used to remotely access and execute commands, but can also create tunnels, routing, TCP ports and X11 connections also can transfer files using SFTP protocols and
SCP. Used primarily on Unix and Linux systems, SSH was designed as a replacement for Telnet and other remote shells which transfer unreliable information, such as passwords, in plain text can be intercepted by a third party.
here try to explain how to install this service in Windows 2003 Server using Cygwin and OpenSSH.
First, you download the Cygwin installer:
you run it and follow the wizard to download OpenSSH with the utilities necessary, adjusting the parameters of course as you wish
Edit the file c: \\ cygwin \\ Cygwin.bat and insert Opens Cygwin session, double click the icon created on your Windows desktop, or from a session of Windows command line (cmd ) runs the
c: \\ cygwin \\ Cygwin.bat
run the following command to change the mount prefix "/ cygdrive" to "/". Close this session and open a new one to reset the PATH environment variable.
$ mount-s - change-cygdrive-prefix /
user creates the file
$ mkpasswd-l> / etc / passwd file
groups $ mkgroup-l > / Etc / group
assigns privilege of reading about both
$ chmod + r / etc / passwd
$ chmod + r / etc / group
assigns the following privileges on the directory / var
$ chmod 755 / var
if there is no home directory is recommended that you think there will be saved as user files, the default location is the directory "Documents and Settings." To create the directory / home using the-p option will create a user when your working directory is in the directory c: \\ cygwin.
$ mkdir-p / home $ mkdir / home / Administrator
$ cd far
have configured your environment, the following is to install the service by running the command ssh ssh-host-
which generates config files ssh host key in / etc. Note that two users are created, one called sshd to handle the separation of privileges and another called sshd_server required by Windows 2003 to run the service and provide public key authentication. Your output should look something like this
$ ssh-host-config
*** Info: Generating / etc / ssh_host_key
*** Info: Generating / etc / ssh_host_rsa_key *** Info: Generating / etc /
ssh_host_dsa_key *** Info: Creating default / etc / ssh_config file *** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3. *** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep. *** Query: Should privilege separation be used? (yes/no)
yes
*** Info: Note that creating a new user requires that the current account have *** Info: Administrator privileges. Should this script attempt to create a
*** Query: new local account 'sshd'? (yes/no) yes
*** Info: Updating /etc/sshd_config file
*** Warning: The following functions require administrator privileges!
*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no)
yes
*** Info: Note that the CYGWIN variable must contain at least "ntsec" *** Info: for sshd to be able to change user context without password.
*** Query: Enter the value of CYGWIN for the daemon: [ntsec] ntsec *** Info: On Windows Server 2003, Windows Vista, and above, the *** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires. You need to have or to create a privileged
*** Info: account. This script will help you do so.
*** Info: You appear to be running Windows 2003 Server or later. On 2003 *** Info: and later systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: Note that creating a new user requires that the current account
*** Info: No privileged account could be found.
yes
*** Query: Reenter:
yes *** Info: Please enter a password for new user sshd_server. Please be sure
*** Info: that this password matches the password rules given on your system.
c: \\ cygwin \\ Cygwin.bat
run the following command to change the mount prefix "/ cygdrive" to "/". Close this session and open a new one to reset the PATH environment variable.
$ mount-s - change-cygdrive-prefix /
user creates the file $ mkpasswd-l> / etc / passwd file
groups $ mkgroup-l > / Etc / group assigns privilege of reading about both
$ chmod + r / etc / passwd $ chmod + r / etc / group
assigns the following privileges on the directory / var $ chmod 755 / var
if there is no home directory is recommended that you think there will be saved as user files, the default location is the directory "Documents and Settings." To create the directory / home using the-p option will create a user when your working directory is in the directory c: \\ cygwin. $ mkdir-p / home $ mkdir / home / Administrator
$ cd far have configured your environment, the following is to install the service by running the command ssh ssh-host-
which generates config files ssh host key in / etc. Note that two users are created, one called sshd to handle the separation of privileges and another called sshd_server required by Windows 2003 to run the service and provide public key authentication. Your output should look something like this $ ssh-host-config
*** Info: Generating / etc / ssh_host_key *** Info: Generating / etc / ssh_host_rsa_key *** Info: Generating / etc /
ssh_host_dsa_key *** Info: Creating default / etc / ssh_config file *** Info: Creating default /etc/sshd_config file *** Info: Privilege separation is set to yes by default since OpenSSH 3.3. *** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep. *** Query: Should privilege separation be used? (yes/no) yes
*** Info: Note that creating a new user requires that the current account have *** Info: Administrator privileges. Should this script attempt to create a *** Query: new local account 'sshd'? (yes/no) yes
*** Info: Updating /etc/sshd_config file 
*** Warning: The following functions require administrator privileges! *** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no)
yes
*** Info: Note that the CYGWIN variable must contain at least "ntsec" *** Info: for sshd to be able to change user context without password. *** Query: Enter the value of CYGWIN for the daemon: [ntsec] ntsec *** Info: On Windows Server 2003, Windows Vista, and above, the *** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires. You need to have or to create a privileged
*** Info: account. This script will help you do so.
*** Info: You appear to be running Windows 2003 Server or later. On 2003 *** Info: and later systems, it's not possible to use the LocalSystem *** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).
*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers. *** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.
*** Info: No privileged account could be found.
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) *** Info: 'cyg_server' will only be used by registered services.
yes
*** Query: Enter the new user name:
sshd_server *** Query: Reenter:
sshd_server
*** Query: Create new privileged user account 'sshd_server'? (yes/no) yes *** Info: Please enter a password for new user sshd_server. Please be sure
*** Info: that this password matches the password rules given on your system.
*** Info: Entering no password will exit the configuration. *** Query: Please enter the password: *** Query: Reenter:
*** Info: User 'sshd_server' has been created with password 'welcome'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'sshd_server' account.
*** Info: Also keep in mind that the user 'sshd_server' needs read permissions
*** Info: on all users' relevant files for the services running as 'sshd_server'
. *** Info: In particular, for the sshd server all users' .ssh/authorized_keys *** Info: files must have appropriate permissions to allow public key
*** Info: authentication. (Re-)running ssh-user-config for each user will set
*** Info: these permissions corrently. [Similary restrictions apply, for
*** Info: instance, for .rhosts files if the rshd server is running, etc].
*** Info: The sshd service has been installed under the 'sshd_server'
*** Info: account. To start the service now, call `net start sshd 'or
*** Info:' cygrunsrv-S sshd '. Otherwise, it will start Automatically
*** Info: after the next reboot.
*** Info: Host configuration finished. Have fun!
to lift it from the command line run
$ net start sshd or
$ cygrunsrv-S sshd
or from "Control Panel -> Administrative Tools -> Services" service called "CYGWIN sshd".
never hurts to test before calling it already configured. The output should resemble the following:
$ ssh-v localhost
OpenSSH_5.1p1, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/Administrator/.ssh/identity type -1
debug1: identity file /home/Administrator/.ssh/id_rsa type -1
debug1: identity file /home/Administrator/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024 Warning: Permanently added 'localhost' (RSA) to the list of known hosts. debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interacti
ve
debug1: Next authentication method: publickey debug1: Trying private key: /home/Administrator/.ssh/identity debug1: Trying private key: /home/Administrator/.ssh/id_rsa
debug1: Trying private key: /home/Administrator/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interacti
ve
debug1: Next authentication method: password
Administrator@localhost's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
Administrator@testserver ~
$
Fuente
http://ist.uwaterloo.ca/~kscully/CygwinSSHD_W2K3.html Fountain
tips for solving problems in XP
http://pigtail.net/LRP/printsrv/cygwin-sshd.html
*** Info: User 'sshd_server' has been created with password 'welcome'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'sshd_server' account.
*** Info: Also keep in mind that the user 'sshd_server' needs read permissions
*** Info: on all users' relevant files for the services running as 'sshd_server'
. *** Info: In particular, for the sshd server all users' .ssh/authorized_keys *** Info: files must have appropriate permissions to allow public key
*** Info: authentication. (Re-)running ssh-user-config for each user will set
*** Info: these permissions corrently. [Similary restrictions apply, for
*** Info: instance, for .rhosts files if the rshd server is running, etc].
*** Info: The sshd service has been installed under the 'sshd_server'
*** Info: account. To start the service now, call `net start sshd 'or
*** Info:' cygrunsrv-S sshd '. Otherwise, it will start Automatically
*** Info: after the next reboot.
*** Info: Host configuration finished. Have fun!
to lift it from the command line run
$ net start sshd or
$ cygrunsrv-S sshd
or from "Control Panel -> Administrative Tools -> Services" service called "CYGWIN sshd".
never hurts to test before calling it already configured. The output should resemble the following:
$ ssh-v localhost
OpenSSH_5.1p1, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/Administrator/.ssh/identity type -1
debug1: identity file /home/Administrator/.ssh/id_rsa type -1
debug1: identity file /home/Administrator/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024 Warning: Permanently added 'localhost' (RSA) to the list of known hosts. debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interacti
ve
debug1: Next authentication method: publickey debug1: Trying private key: /home/Administrator/.ssh/identity debug1: Trying private key: /home/Administrator/.ssh/id_rsa
debug1: Trying private key: /home/Administrator/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interacti
ve
debug1: Next authentication method: password
Administrator@localhost's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
Administrator@testserver ~
$
Fuente
http://ist.uwaterloo.ca/~kscully/CygwinSSHD_W2K3.html Fountain
tips for solving problems in XP
http://pigtail.net/LRP/printsrv/cygwin-sshd.html
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment