Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

sshd_config in CYGWIN - cannot edit

2 views
Skip to first unread message

m...@holisticgp.com.au

unread,
Jan 4, 2006, 10:45:04 PM1/4/06
to
Dear Group
Any help on this would be appreciated

sshd_config is uneditable in vim (as installed in Cygwin) and refuses
to have its permissions changed with chmod. Its permissions are (spaces
added):
-rwx r-- r--

The Cygwin prompt indicates I am logged in as a computer administrator
I can copy sshd_config to another directory and edit it (using wordpad
this time) but cannot replace the original sshd_config in /etc/ with
this edited one.

Cygwin is installed in windows xp (sp2). Prior to installing cygwin I
was using openssh but removed openssh using the uninstall and deleted
the registry entry. Cygwin was then installed.

sshd can be started as a service.

One posting said in response to:
"Under Windows it [sshd_config] belongs to the SYSTEM user. I would
like to know how to
give myself access staying in Cygwin's environment"

this answer:
"I ran into similar problems. I used cygwin to chown the file to belong
to Administrator.
When I was done, I chowned it back to SYSTEM. I can't recall with 100%
certainty, but I
think administrator can chown the permissions to a+rw even though it
belongs to SYSTEM"

...but I'm not sure of how/ what the poster means to chown


Sshd was installed using the ssh-host-config file:

$ ssh-host-config
Generating /etc/ssh_host_key
Generating /etc/ssh_host_rsa_key
Generating /etc/ssh_host_dsa_key
Overwrite existing /etc/ssh_config file? (yes/no) yes
Generating /etc/ssh_config file
Overwrite existing /etc/sshd_config file? (yes/no) yes
Privilege separation is set to yes by default since OpenSSH 3.3.
However, this requires a non-privileged account called 'sshd'.
For more info on privilege separation read
/usr/doc/openssh/README.privsep.

Shall privilege separation be used? (yes/no) yes
Generating /etc/sshd_config file

Do you want to install sshd as service?
(Say "no" if it's already installed as service) (yes/no) yes

Which value should the environment variable CYGWIN have when sshd
starts? It's recommended

to set at least "ntsec" to be able to change user context without
password.

-->I chose ntsec and got a successful set up message


Sincerely

Michael
Melbourne, Australia

Darren Dunham

unread,
Jan 5, 2006, 1:09:36 PM1/5/06
to
m...@holisticgp.com.au wrote:
> Dear Group
> Any help on this would be appreciated

> sshd_config is uneditable in vim (as installed in Cygwin) and refuses
> to have its permissions changed with chmod. Its permissions are (spaces
> added):
> -rwx r-- r--

And the owner is? On my machine it's SYSTEM.

> The Cygwin prompt indicates I am logged in as a computer administrator

I'm not sure what you mean by that. Is your id 'administrator' or are
you referring to something else?

Since I am not SYSTEM, I can't edit that file, but I can chmod it or
chown it...

$ echo "# adding a comment" >> /etc/sshd_config
bash: /etc/sshd_config: Permission denied
$ chmod a+w /etc/sshd_config
$ echo "# adding a comment" >> /etc/sshd_config
$ tail -1 !$
tail -1 /etc/sshd_config
# adding a comment
$ chmod go-w /etc/sshd_config

--
Darren Dunham ddu...@taos.com
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >

Cloud Burst

unread,
Jan 6, 2006, 12:00:10 AM1/6/06
to

You might check the permissions of the directory.

m...@holisticgp.com.au

unread,
Jan 15, 2006, 6:56:57 AM1/15/06
to
Thanks for this advice

I found this reference:
http://archive.erdelynet.com/ssh-l/2004-06/2569.html

...which said 'type `ls -l' in the directory containing the file, and
make sure the permissions are rw-rw---- or higher (i.e both owner and
group should have read and write access.
The above setting can be achieved with `chmod 660 sshd_config'.) I'm
assuming the usual account you use is in the same group as "SYSTEM".

This worked, but I am having problems logging in to cygwin

Sincerely
Michael

Wilfried Hennings

unread,
Jan 16, 2006, 4:15:25 AM1/16/06
to
m...@holisticgp.com.au wrote:

Hello,
have you looked at the file permissions in Windows explorer?
Right-click on the file, Properties, Safety; however this only works if
you have Windows XP Pro and simple file sharing disabled.
The file should have full access for both "SYSTEM" and the user who
needs to edit the file.
Regards

--
email me: change "nospam" to "w.hennings"
Wilfried Hennings c./o.
Forschungszentrum (Research Center) Juelich GmbH, MUT
<http://www.fz-juelich.de/mut/mut_home>
All opinions mentioned are strictly my own, not my employer's.

0 new messages