Installation of cygwin ssh

This tip shows how to install and consfigure the cygwin ssh server for use with Tivoli Application Dependency and Discovery Manager (TADDM). Each Windows gateway requires installation of a SSH server for use by TADDM during discovery processing.

First you will need to download the ssh server component to the Windows Gateway system where the ssh server component is to be installed. Download the setup program from the cygwin web site http://www.cygwin.com – this is an executable file (setup.exe) that you should save to the local file system. Execute the setup.exe file and choose the Install from Internet option. You can leave the default options for the installation path and other options. If you choose to change the installation path, it is recommended that you use a path that does NOT contain spaces in the name. Select a download location for the cygwin packages, your internet connection option and a mirror download server close to your geographical location.

On the next screen, Select Packages, scroll down and locate the Net packages and expand the content to ensure that the openssh package is selected. If not, click the Skip column to select it and a version nnumber should appear to show it is selected. Click OK to download and install the cygwin packages. When the installation is complete, a new icon named Cygwin will be placed on the desktop.

Configure the SSH server

To configure the SSH server for use, open the Cywin command prompt from the desktop icon and execute the following commands.

To ensure that the correct permissions are available prior to configuring SSH, issue the following commands (lines starting with $) in the Cygwin command window.

Administrator@balvenie ~ $ chmod +r /etc/passwd

Administrator@balvenie ~ $ chmod +r /etc/group

Administrator@balvenie ~ $ chmod o+x /var

Note that there is no output from the above commands.

In the same Cygwin window, configure the SSH server using the command below

Administrator@balvenie ~ $ ssh-host-config -y

The output from this command should be similar to that shown below.

Administrator@balvenie ~ $ ssh-host-config -y *** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes *** Info: Creating default /etc/ssh_config file *** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes *** Info: Creating default /etc/sshd_config file *** Info: Privilege separation is set to yes by default since OpenSSH 3.3. *** Info: However, this requires a non-privileged account called 'sshd'. *** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep. *** Query: Should privilege separation be used? (yes/no) yes *** Info: Note that creating a new user requires that the current account have *** Info: Administrator privileges. Should this script attempt to create a *** Query: new local account 'sshd'? (yes/no) yes *** Info: Updating /etc/sshd_config file *** Info: Added ssh to C:WINDOWSsystem32driverscservices

*** Warning: The following functions require administrator privileges!

*** Query: Do you want to install sshd as a service? *** Query: (Say "no" if it is already installed as a service) (yes/no) yes *** Info: Note that the CYGWIN variable must contain at least "ntsec" *** Info: for sshd to be able to change user context without password. *** Query: Enter the value of CYGWIN for the daemon: [ntsec] ntsec

*** Info: The sshd service has been installed under the LocalSystem *** Info: account (also known as SYSTEM). To start the service now, call *** Info: `net start sshd' or `cygrunsrv -S sshd'. Otherwise, it *** Info: will start automatically after the next reboot.

*** Info: Host configuration finished. Have fun!

Administrator@balvenie ~ $

Still within the cygwin command window, start the SSH server using the command below

Administrator@balvenie ~ $ cygrunsrv -S sshd

Check the service started correctly by issuing the net start command and looking for the service named CYGWIN sshd within the list of started services.

Testing the SSH server

Test that the SSH server is functional by attempting a login using SSH. Still within the Cygwin command window, issue the command shown below, replying with the Administrator password when prompted.

Administrator@balvenie ~ $ ssh Administrator@balvenie<br<; a="">>The authenticity of host 'balvenie (192.168.222.100)' can't be established. RSA key fingerprint is 35:ec:4e:a6:e6:1e:f5:7c:5b:f4:13:2f:67:23:ff:1f. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'balvenie,192.168.222.100' (RSA) to the list of known hosts. Administrator@balvenie's password: <password_for_Administrator> Fanfare!!! You are successfully logged in to this server!!!

Administrator@balvenie ~ $ exit logout Connection to balvenie closed.

Administrator@balvenie ~ $

Finally, test that SSH functions from the TADDM server to the Windows gateway by attempting a login from the TADDM server. The SSH login should use the TADDM service user created for this purpose – in the example shown below, taddm is the service user and jura is the name of the TADDM server.

Issue the following commands on your TADDM server from a shell or command prompt.

[ root@jura dist]# ssh taddm@balvenie>; taddm@balvenie's password: <password_for_taddm_user> Last login: Fri Aug 29 15:22:03 2008 Fanfare!!! You are successfully logged in to this server!!!

taddm@balvenie ~ $ exit logout Connection to balvenie closed. [ root@jura dist]#

Visits: 515

Installation of cygwin ssh

Configure the SSH server

Testing the SSH server

Share this: