This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Take 2: Testers for new ssh-*-config scripts wanted!

From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
To: cygwin at cygwin dot com
Date: Tue, 4 Nov 2003 14:03:24 +0100
Subject: Re: Take 2: Testers for new ssh-*-config scripts wanted!
References: <20031103162201.GF18706@cygbert.vinschen.de> <JLE1BSZipl2mykoumh100000001@jle1.jle.corp> <20031103214043.GM18706@cygbert.vinschen.de>
Reply-to: cygwin at cygwin dot com

On Mon, Nov 03, 2003 at 10:40:43PM +0100, Corinna Vinschen wrote:
> I'm running a 2003 Server as standalone (non-domain) server.  In that
> setting, password complexity is disabled by default, so I missed that one,
> too.  Thanks for the heads up.  I changed the password to SSHD_server,
> which seem to be fine for the complexity rule.
> 
> However, I have still a problem.  Does anybody know how I can set
> "Password never expires" from the command line?  I know how to do this
> with dsadd, but that only works on domain machines so it's no generic
> solution.  If I can't do this in the script, everybody would have to
> set this in the Computer Management Console by hand :-(

I've again attached a new ssh-host-config file for testing.  As it turned
out, I mis-tested the password complexity rule.  The password SSHD_server
was not sufficient.

The script now calls the passwd utility from the cygwin base package
to set the user flags to "Password never expires".  This will only
work with the new passwd from current CVS, version 1.5.  The current
version released with Cygwin 1.5.5 is 1.4.  Up to 1.4, the passwd tool
has no -e option to set the UF_DONT_EXPIRE_PASSWD flag.  ssh-host-config
checks for the version number of the passwd tool and either calls it
or emits an additional warning that the expiry must be checked.

Please give it another try, even if it gets boring.

Thanks in advance,
Corinna

Changes:

- Don't use fixed password for sshd_server account but ask the user
  now for a password.

- Extend some warning and info messages.

- Add -c/--cygwin option to allow automating the setting of the
  environment variable CYGWIN for the sshd service.

- Add -w/--pwd option to allow automating the password setting
  for the sshd_server account.

- Always recreate the sshd_server entry in /etc/passwd to overwrite
  weird settings.

- If passwd supports the -e option, use it, otherwise emit warning
  message that password expiry of sshd_server account should be
  checked.

- A few code cleanups.

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

Attachment: ssh-host-config
Description: Text document

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

References:
- Take 2: Testers for new ssh-*-config scripts wanted!
  - From: Corinna Vinschen
- RE: Take 2: Testers for new ssh-*-config scripts wanted!
  - From: Philippe Torche
- Re: Take 2: Testers for new ssh-*-config scripts wanted!
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]