This is the mail archive of the
mailing list for the Cygwin project.
Re: using sshd as a non-administrator: minor issues and an aliasing question
- From: Thorsten Kampe <thorsten at thorstenkampe dot de>
- To: cygwin at cygwin dot com
- Date: Wed, 25 Oct 2006 17:52:26 +0100
- Subject: Re: using sshd as a non-administrator: minor issues and an aliasing question
- References: <email@example.com>
* eyalroz (Wed, 25 Oct 2006 03:18:26 -0700 (PDT))
> I just installed cygwin with the sshd package on a machine on which I do not
> have admin privileges. The installation of cygwin went fine, and I'm having
> (minor) trouble with sshd:
> 1. (minor issue) When I run ssh-host-config I get a plethora of error
> messages, but they seem mostly harmless, i.e. trying to access places where
> only an admin would go, service lists, etc. Of course, one would except the
> script to check what privileges the user running it has, and only act
> admin-ishly if it is running for an admin, but nevermind.
The approach is different: some things (like creating a user account
and creating a service) are introduced with a warning that they
require admin rights. As these require different privileges i think
the script's approach is less error prone. But Corinna is the definite
source to that.
> 2. (semi-minor issue) If I try to run sshd, even with
> sePrivilegeSeparation=no, I get:
> Privilege separation user sshd does not exist
> ... which, so I gather, is due to the following:
> WWHHHYYY did they do that?
> Anyway, I fabricated an sshd user by copying my own user line in
> /etc/passwd and replacing the username with sshd. This allows
> sshd.exe to run, fork, background itself and stay running - but I'm
> not sure if what I did is "The right thing (TM)".
I think Corinnna mentioned in the same thread this solution so it
should be the right thing.
> Now for my questions:
> 1. Should I have installed/configured cygwin/sshd/both in a different way?
If you don't run sshd as a service all you need are the keys - so to
my knowledge you don't have to install sshd at all with ssh-host-
> 2. Should I report a bug about any of these issues? If so, where to?
Upstream to OpenSSH.
> 3. How do I add new username/password combinations other than my real NT
> username and password? I want the sshd to only accept myalias/tehfauxpass
> instead of myrealuser/therealpass , and of course not try to switch users to
> myalias but rather allow work as myrealuser.
Can't be done in my opinion as /etc/passwd is just a wrapper to the
SAM where the real password hashes are stored.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html