CYGWIN-HOW-TO

CYGWIN 1.7.5-1 installed 2010-05-19

Man pages - /etc/man.conf was missing
Console won't prompt
Let Ore be an Xwin server
Install ssh service on Elder
Install ssh service on Yggdrasil
Passwordless login
Logging to /var/log/messages

Problem: /etc/man.conf was missing.

Created one from http://www.happy-monkey.net/architect/config-files/etc/man.conf
(slight changes after scanning for man catalogues, find /usr -name man -type d )

bash initialisation without a correct $PATH.

Made two symbolic links in /etc:
cd /etc
ln -s defaults/etc/profile .
ln -s defaults/etc/profile bash.bashrc

The keys for § ½ and £ cannot be mapped to ~ ` ^ any more.
No idea: UTF-8? Locale? Fonts? .Xdefaults?

The following command starts up the X-windows system and an xterm:
(cd /home/hgs)

. sx

sx is:
export LANG=C
export USER=hgs
export USERNAME=hgs
export HOME=/home/hgs
export XFILESEARCHPATH=/usr/lib/X11/%T/%N%S:/etc/X11/%T/%N%S
export XUSERFILESEARCHPATH=/home/hgs/%T/N%S:/usr/lib/X11/%T/%N%S:/etc/X11/%T/%N%S
startxwin

If the X-server is already active, open a new xterm from the console using
. st
st is:
export DISPLAY=127.0.0.1:0.0
export PATH=/usr/bin:"$PATH"
export LANG=C
xterm +vb +mb -cu -sb -sl 1024 -fn '-adobe-Courier-medium-r-*-*-*-100-*-*-*-*-iso8859-1' -e /usr/bin/bash -l &

If you wonder about something, consult the experts.

NB! LANG=C avoids the "missing charsets" warning in xterm, xclock etc.

Problem: Console won't prompt.

An infinite loop when bash (Cygwin via the desktop icon) was started <=> /etc/bash.bashrc was a symbolic link
/etc/profile invokes bash.bashrc and the activated default/... sourced file /etc/bash.bashrc over and over again.
default/etc/bash.bashrc would better be a model for /etc/profile. Some thing got mixed up in the cygwin release of 2011-late-March.
Here's what I did

cd /etc
rm bash.bashrc
cp default/etc/bash.bashrc .

There is a copy in ~/etc/ of new profile and bash.bashrc

Let Ore (192.168.1.2 in my home network) be an Xwin server

(1) activate sshd on Ore

ssh-host-config -y
cygrunsrv -S sshd

(2) open ports
The port 6010 will be used for X traffic. The port must be excepted at the firewall (probably a wireless router will have to be programmed accordingly)
In the /etc/sshd_config file the following values should be set: (remove ^# and edit). Observe the X11DisplayOffset!
Port 22
Protocol 2
HostKey /etc/ssh_host_rsa_key
HostKey /etc/ssh_host_dsa_key
StrictModes no
X11DisplayOffset 10
TCPKeepAlive yes
KeepAlive yes
UsePrivilegeSeparation yes
Subsystem sftp /usr/sbin/sftp-server
X11Forwarding yes

In /etc/ssh_config on the client side (Yggdrasil)
ForwardX11 yes
Tunnel yes

(3) You should be able to login
On Yggdrasil

ssh -Y 'Hans Georg Scherneck'@192.168.1.2
$ export DISPLAY=localhost:10.0
$ xclock &

However (disappointment), scp does not accept a user name with blanks.
(Maybe the -o User user option allows it)

Install ssh service on Elder (windows7):

Run cygwin as an administrator: startbutton => all programs => CYGWIN => Cygwin Bash Shell <= right-click
    cygserver-config
    cygrunsrv -S cygserver
    ssh-host-config -y
    ssh-user-config
    cygrunsrv -I sshd -p /usr/sbin/sshd.exe
    ps -all
    cygrunsrv -S sshd
    net start sshd
    ps -all
Windows => Control Panel => Security => Firewall exceptions => allow sshd

Despite some error messages during service configuration and install, it worked out! Not only sshd is shown on the ps list, also remote ssh login works. Use
    ps -ef

The -y option in ssh-host-config ("yes to all") implies that a user "cyg_server" is created. This is needed in order to launch the sshd service with the euid of the owner of the service; this owner has the required rights to start jobs. We've learned that Administrator has not the required privileges.

Install ssh service on Yggdrasil (vista):

Run cygwin as an administrator: startbutton => all programs => CYGWIN => Cygwin Bash Shell <= right-click
    chmod ugo+x /var
    cygserver-config
    cygrunsrv -S cygserver
ssh-host-config -y

          This might not be appropriate any more:

    ssh-host-config (without -y)
    > Answer "no" to "Should privilege separation be used ?"
    > Answer "no" to "This script plans to use 'cyg_server' ... different name?
    > else "yes"
    > The program will install sshd

ssh-user-config
cygrunsrv -S sshd

Debugging/monitoring sshd:

cygrunsrv -E sshd
cygrunsrv --remove sshd
cygrunsrv --install sshd --path /usr/sbin/sshd.exe --args -d -1 /var/log/sshd-1.log -2 /var/log/sshd-2.log
cygrunsrv -S sshd

Passwordless login

On host machines,

mkdir
      .ssh/client-machine

On client machines,

cd .ssh
ssh-keygen -t keytype
mkdir save
mv id_* save
cd save
scp id*.pub user@host-machine:.ssh/client-machine/

On host machine,

cd .ssh

      cat */client-machine/id_*.pub

      >! authorized keys

On client machine

cd .ssh
cp save/id_* .

Now, try login. Use ssh -vvv user@host-machine to debug on client side. On host side, see above.

Repair:
If the sshd on the other side is the problem, it may look as if there are problems with keys.
In the -vvv debug output it can say "We've sent a key and now we are waiting for a response" (not verbatim cited) but the login sequence gets interrupted at this point. There may be violations of some settings, inappropriate file access settings (/var/empty is such a candidate), other kinds of things.

Re-installing the sshd service on the host side may be the best method.
To re-install the sshd service correctly follow the advice from Brian Dessent. In short:

Delete everything you've done:

$ cygrunsrv --remove sshd
$ rm -rf /var/log/sshd* /etc/ssh_host* /etc/sshd_config /var/empty

Now run just "ssh-host-config -y", followed by "cygrunsrv --start
sshd".  Everything should work fine.  If it does not, send the contents
of /var/log/sshd.log as well as all the entries in the Windows Event Log
from sshd.

Also, consider creating a proper group file with mkgroup -l -d or
similar (in the case you have a domain account /HGS)

You will have to remove the line associated with this server in the hosts' 
.ssh/known_hosts file before you can login again.

Logging to /var/log/messages

http://fixunix.com/ssh/74348-how-enable-logging-sshd-log-file-windows-using-ssh-cygwin.html
René Berber wrote:

> On Sep 25, 9:06 pm, Skylive! wrote:
>
> > I have set SSH up on my Windows XP Home Edition computer some time
> > ago. I wanted to be able to log all incoming and outgoing SSH
> > traffic / commands issued to the server to a file. Currently, SSH is
> > logging to Windows and the log can be view from Windows Event Viewer.
> > This is not what I want and I was hoping to sort of 're-direct' the
> > data to a log file somewhere (like say the sshd.log file which isn't
> > being used at the moment). I am unable to find a guide on it at all on
> > this, nor did I find a solution that solved my problem in this group,
> > and I hope someone can help me. Thanks in advance!
>
> First install syslog-ng (or syslog which comes with inet-utils).
This means:
- Install syslog-ng by the cygwin setup. It is in group "Admin".
- run the script /bin/syslog-ng-config

> Second, change sshd_config to use "SyslogFacility LOCAL5" or similar
> instead of AUTH.

Then, make syslog-ng start automatically at each system boot by issuing
the commands
cygrunsrv --install syslog-ng --path /usr/sbin/syslog-ng
cygrunsrv -S syslog-ng

> Last, configure syslog-ng.conf creating a filter for local5 and
> directing the log to whatever file you want.

I did not need this. Logging goes into /var/log/messages

--
Wilfried Hennings

.bye