安裝cygwin及開啟ssh
安裝cygwin時一定要安裝的包有:
wget
make
yasm
lynx
openssh
libopenssl
cygwin中開啟ssh的大致步驟
1、開啟cygwin控制檯:輸入ssh-host-config
2、提示安裝成功.
輸入net start sshd, 啟動 ssh服務
3、採用SecureCRT進行連結:使用者名稱和密碼就是登入Windows系統的使用者名稱和密碼
以管理員身份啟動cygwin後
$ ssh-host-config
*** Info: Generating missing SSH host keys
*** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
*** Info: Creating default /etc/sshd_config file
*** Info: StrictModes is set to 'yes' by default.
*** Info: This is the recommended setting, but it requires that the POSIX
*** Info: permissions of the user's home directory, the user's .ssh
*** Info: directory, and the user's ssh key files are tight so that
*** Info: only the user has write permissions.
*** Info: On the other hand, StrictModes don't work well with default
*** Info: Windows permissions of a home directory mounted with the
*** Info: 'noacl' option, and they don't work at all if the home
*** Info: directory is on a FAT or FAT32 partition.
*** Query: Should StrictModes be used? (yes/no) no
*** Info: Updating /etc/sshd_config file
*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: [] ntsec
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires. You need to have or to create a privileged
*** Info: account. This script will help you do so.
*** Info: It's not possible to use the LocalSystem account for services
*** Info: that can change the user id without an explicit password
*** Info: (such as passwordless logins [e.g. public key authentication]
*** Info: via sshd) when having to create the user token from scratch.
*** Info: For more information on this requirement, see
*** Info: https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1
*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless such an account
*** Info: already exists). This account is then used to run these special
*** Info: servers.
*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.
*** Info: No privileged account could be found.
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'LINYANG\cyg_server' (Cygwin name: 'linyang+cyg_server')? (yes/no) yes
*** Info: Please enter a password for new user linyang+cyg_server. Please be su re
*** Info: that this password matches the password rules given on your system.
*** Info: Entering no password will exit the configuration.
輸入的使用者名稱或密碼要符合計算機的使用者名稱或密碼策略(尤其是公司有許可權限制的電腦)
*** Query: Please enter the password:
*** Query: Reenter:
*** Info: User 'linyang+cyg_server' has been created with password 'XXXXXXXXX'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'linyang+cyg_server' account.
*** Info: The sshd service has been installed under the 'linyang+cyg_server'
*** Info: account. To start the service now, call `net start sshd' or
*** Info: `cygrunsrv -S sshd'. Otherwise, it will start automatically
*** Info: after the next reboot.
*** Info: Host configuration finished. Have fun! (說明配置成功)
2 啟動sshd服務
$ net start sshd
3 secureCRT中新建一個ssh2 session
hostname寫127.0.0.1
port寫22
username寫windows的登入使用者名稱,不是之前配置的cyg_server
然後彈出一個New Host Key的對話方塊,點Accept & Save 後會彈出一個視窗,輸入當前windows的登入使用者名稱及密碼即可.
1 ssh-host-config重新配置
如果初始配置錯誤,大部分網上都建議全部刪除再重新安裝,但cygwin一旦安裝很難完全解除安裝,只需要把ssh服務停止再重新執行這個命令,再把之前的覆蓋掉就可以。
步驟: 1.sc delete sshd
2.系統重啟,就再配置就ok了
2 cygwin安裝成功後,連線 ssh localhost,一直出現
cygwin Connection closed by ::1的錯誤,費了很多時間查詢,總算解決了,原文如下:
在google上看到cygwin的一個官方mail問答。參考Installing the Cygwin SSH daemon 。問題關鍵就是一個特殊的許可權問題,在SYSTEM賬戶下執行的sshd服務需要有改變user id的特權(關於許可權的問題,在cygwin的/usr/share/doc/Cygwin/openssh.README 中已經說得很明確了:2003 Server has a funny new feature. When starting services under SYSTEM account, these services have nearly all user rights which SYSTEM holds...except for the "Create a token object" right, which is needed to allow public key authentication :-( )。所以事件日誌會有seteuid的錯誤。
至於解決方案,就是讓cygwin幫你建立兩個特殊使用者sshd和cyg_server,其中sshd服務在cyg_server使用者下執行,cyg_server有相應的許可權(在/usr/share/doc/Cygwin/openssh.README 中也有說明)。
***** 關鍵的就是這兩個使用者都要建立。