This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

installing minimal Cygwin on XP for ssh and rsync



I installed Cygwin on XP yesterday to get ssh and rsync servers running. I have done this before and shared my experiences on this list earlier as well. Specially the bit about the Zone Alarm causing a problem to connect to the WIndows machine via ssh after reboots. Here are the steps I followed, hopefully this will help others too. Comments and advise or explanations are welcome.


NOTE: make sure you are logged in as an administrator before installing and setting up the following stuff.

#------------------------------------------------------------#
Installling Minimal (sort of) Cygwin:
#------------------------------------------------------------#
Download the installer file from http://cygwin.com/setup.exe (okay to save it on Desktop)


Double click on setup.exe to start installation of Cygwin and follow the prompts with the following choices:

-> Install from Internet
->NEXT

-> Choose root dir: c:\cygwin
->All Users
->Unix/Binary
->NEXT

->choose dir to download files which will be used for installation. Sort of like a temp dir. Chose C:\tmp\cygwin-downloads or any other of your choice
->NEXT


->Direct Connection
->NEXT

Here your firewall, if you have one, will ask if you want to allow setup.exe to connect to the internet. In my case, ZoneAlarm asked if Setup should be allowed internet connection. Allowed.

->Choose a site from "Available Download Sites"
->NEXT

->Package lists will be shown
Leave the default packages are they are. But add the following by clicking on "Skip" column for these packages until that columns lists the version that will be installed (see Step 2b at http://pigtail.net/LRP/printsrv/cygwin-sshd.html ):
Admin:
cron
cygrunsrv
syslog-ng
Archive:
unzip
zip
Editors:
vim
Net:
openssh
rsync
Web:
wget (it is a handy tool)
->NEXT (it will then start downloading the package files)


->at the end, it will ask if you want icons on desktop and start menu. Answer yes.

You will get a Cgywin icon on your desktop. Double click on it and a prompt will appear. All is well. Close that window.

In Environment variable window(See Step 3 at http://pigtail.net/LRP/printsrv/cygwin-sshd.html for illustration), add a new System Variable: CYGWIN and give it a value of ntsec.

Then add the cygwin path,;c:\cygwin\bin, to Environment path variable. See Step 4 of the above web site for illustration.

Make Cygwin see users' information: Open the Cygwin terminal (double click on the Cygwin icon you got on your desktop) and give these commands ("$" below means the below):
$ mkpasswd --local > /etc/passwd
$ mkgroup --local > /etc/group


Cygwin is all setup now.

#------------------------------------------------------------#
Setting up SSH Server:
#------------------------------------------------------------#
Setup and get sshd running by giving the following commands in the Cygwin terminal:
$ cygrunsrv --stop sshd
$ cygrunsrv --remove sshd
$ ssh-host-config <-- (see more info below)
$ cygrunsrv --start sshd


The third command above will give an output as shown below. Answer "yes" as shown in the prompts here:
++++++++++++++++++++++++++++++++++++++++++++++++++++++
Privilege separation is set to yes by default since OpenSSH 3.3.
However, this requires a non-privileged account called 'sshd'.
For more info on privilege separation read /usr/share/doc/openssh/README.privsep
.


Should privilege separation be used? (yes/no) yes
Generating /etc/sshd_config file


Warning: The following functions require administrator privileges!


Do you want to install sshd as service?
(Say "no" if it's already installed as service) (yes/no) yes

Which value should the environment variable CYGWIN have when
sshd starts? It's recommended to set at least "ntsec" to be
able to change user context without password.
Default is "ntsec".  CYGWIN=binmode tty ntsec

The service has been installed under LocalSystem account.
To start the service, call `net start sshd' or `cygrunsrv -S sshd'.

Host configuration finished. Have fun!
++++++++++++++++++++++++++++++++++++++++++++++++++++++


Now, edit /cygwin.bat (in notepad or in vi editor) to add the CYGWIN env variable line as shown below (I am not sure why all these values are needed, if someone can explain in detail, it would be great):
------------------
$ less /cygwin.bat
@echo off
CYGWIN=binmode tty ntsec


c:
chdir c:\cygwin\bin

bash --login -i
------------------

Now you can ssh to other machines on your network. If you try to do so, your firewall, if you have one, will ask if sshd should be allowed to connect to the internet, say yes and make sure your firewall remembers this choice -- make it permanent.

However, if you have zone alarm running, then after rebooting sshd won't be available, Zone alarm will block all its traffic unless it is run before zone alarm starts. To solve this, make sshd a dependency of
vsmon (the zone alarm service) and tcpip service (no point in having sshd running unless tcpip is also running):
------------------
root@localhost ~
$ cygrunsrv -E sshd <-- this command stops the service


root@localhost ~
$ cygrunsrv -R sshd      <-- this command removes the service


root@localhost ~
$ cygrunsrv -I sshd -p /usr/sbin/sshd -f "Cygwin SSH Daemon" -a'-D' -e 'CYGWIN=binmode ntsec tty' -y tcpip -y vsmon
(the above is a one long single line command. note the single quotes)


root@localhost ~
$ cygrunsrv -S sshd      <-- this command starts the service
------------------

Now, when you reboot the computer, you will be able to ssh to the Windows computer without any problems from zone alarm.



#------------------------------------------------------------#
RSYNC:
#------------------------------------------------------------#
Rsync service is not running by default. So no need to try to stop the service unless you know it is already running. You can use
"cygrunsrv --list" command to see if it is already installed. Stop it if it is by "cygrunsrv -E rsync" command. Then use the following commands to set it up:
--------------------------------------------------------
root@localhost ~
$ cygrunsrv -I "rsyncd" -p /usr/bin/rsync -a '--daemon --no-detach'


( if /etc/rsyncd.conf already doesn't exist, see the note below, use the following command to create an empty file)
$ touch /etc/rsyncd.conf


$ cygrunsrv -S "rsyncd" <-- starts the service
--------------------------------------------------------
Note: If you do not have an /etc/rsyncd.conf file, upon trying to start the rsyncd service you will get this error:
$ cygrunsrv -S rsyncd
cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error 1062:
The service has not been started.


If you create an empty /etc/rsyncd.conf, rsync will be happy and will run smoothly.

Finally, allow your firewall to remember that rsync should be allowed outside connections.

Good luck,
->HS



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]