Installing OpenSSH via Cygwin

The installation of OpenSSH is an essential step in learning Hadoop, and if the SSH installation is not good, Hadoop will not continue to install. I learned Hadoop when the previous installation of SSH to go some detours, and now have some understanding, so rewrite this log for other needs of friends reference.
The version installed in this article is OPENSSH_6.7P1, OpenSSL 1.0.1j, 2014, has been successfully tested.

1. Install OpenSSH via Cygwin
Cygwin how to pretend not to say, do not understand can see another blog Cygwin installation

Add the Openssh,openssl component to install it.


2. Configuring the SSH Service

2.1.[Run as administrator] Cygwin on the desktop, must, or do not have permission to create an sshd service. When running Cygwin, please remember that as a common sense, you will not repeat it.

2.2 View SSH version number

$ SSH-VOPENSSH_6.7P1, OpenSSL 1.0.1j Oct 2014

2.3 Input

Ssh-host-config

Then follow the prompts step-by-step to

Info:generating missing SSH host keys
Ssh-keygen:generating New host KEYS:RSA1 RSA DSA ECDSA ED25519
info:creating default/etc/ssh_config File
info:creating default/etc/sshd_config File

Info:strictmodes is set to ' Yes ' by default.
Info:this is the recommended setting and it requires that POSIX
Info:permissions of the user ' s home directory, the user ' s. SSH
Info:directory, and the user ' s SSH key files is tight so
Info:only The user has write permissions.
Info:on the other hand, strictmodes don ' t work well with default
Info:windows permissions of a home directory mounted with the
Info: ' noacl ' option, and they don ' t work at all if the home
Info:directory is on a FAT or FAT32 partition.
Query:should strictmodes be used? (yes/no) No

Info:privilege separation is set to ' sandbox ' by default since
INFO:OPENSSH 6.1. This are unsupported by Cygwin and have to be set
Info:to ' yes ' or ' no '.
Info:however, using privilege separation requires a non-privileged account
Info:called ' sshd '.
Info:for More info on privilege separation read/usr/share/doc/openssh/readme.privsep.
Query:should privilege separation be used? (yes/no) No
Info:updating/etc/sshd_config file

Query:do want to install sshd as a service?
Query: (Say "No" if it is already installed as a service) (yes/no) Yes
Query:enter the value of CYGWIN for the daemon: []
Info:on Windows Server 2003, Windows Vista, and above, the
Info:system account cannot setuid to other users--a capability
INFO:SSHD requires. You need to has or to create a privileged
Info:account. This script would help you to do so.

Info:you appear to be running Windows XP 64bit, Windows 2003 Server,
Info:or later. On these systems, it's not possible to use the LocalSystem
Info:account for services which can change the user ID without an
Info:explicit password (such as passwordless logins [e.g. public key
Info:authentication] via sshd).

Info:if want to enable that functionality, it's required to create
Info:a new account with special privileges (unless a similar account
Info:already exists). Used to run these special
Info:servers.

Info:note that creating a new user requires that the current account
Info:have Administrator privileges itself.

Info:no privileged account could is found.

Info:this script plans to use ' cyg_server '.
Info: ' Cyg_server ' is only being used by registered services.
Query:do want to use a different name? (yes/no) No
Query:create new Privileged user account ' Cyg_server '? (yes/no) Yes
Info:please Enter a password for new user cyg_server. Please be sure
Info:that This password matches the password rules given on your system.
Info:entering no password would exit the configuration.
Query:please Enter the password:
Query:reenter:

Info:user ' Cyg_server ' have been created with password ' cyg_server '.
Info:if the password, please remember also
Info:password for the installed services which use (or would soon use)
Info:the ' cyg_server ' account.

Info:also keep in mind that the user ' cyg_server ' needs Read permissions
Info:on all users ' relevant files for the services running as ' cyg_server '.
Info:in particular, for the SSHD server all users '. Ssh/authorized_keys
Info:files must has appropriate permissions to allow public key
Info:authentication. (re-) running Ssh-user-config for each user would set
Info:these permissions correctly. [Similar restrictions apply, for
Info:instance, for. rhosts files If the rshd server is running, etc].


Info:the sshd Service has been installed under the ' Cyg_server '
Info:account. To start the service now, call ' net start sshd ' or
Info: ' Cygrunsrv-s sshd '. Otherwise, it'll start automatically
Info:after the next reboot.

Info:host configuration finished. Have fun!

Above will be prompted to create a user cyg_server, and prompts you to enter the user's password, we enter here and the user name of the same password cyg_server, will be used later.
Please note that cyg_server user's creation is mandatory, no this user even if sshd is not good, the later use will appear connection closed error, I planted a somersault here, wasted a lot of time.

2.3 Good to see in the service, will be more out of a Cygwin sshd, you can set it to start manually, and then we start it.

Note that sshd must be logged in with the Cyg_server user and replaced with a "Local System account". I planted a somersault here, wasting a lot of time.


2.4 The system will generate a directory with the same name as your Windows username in Cygwin's home directory, assuming the user name is Administrator
If the home directory does not have a directory with the same name as your Windows username, try deleting the environment variable home and try again.

3. How to start the OpenSSH service

A Start on command Console
net start sshd
net stop sshd

B Start on the Cygwin console
Cygwin--start sshd
Cygwin--stop sshd

4. Configure user password (deprecated, not recommended)

Input
Ssh-user-config

Query:shall I Create a SSH2 DSA identity file for? (yes/no) Yes
* * Query:shall I Create a SSH2 ECDSA identity file for? (yes/no) Yes
The above 2 questions choose Yes, there is a ssh1 do not create.
Note The password must be more than 4 digits or it will fail to create.
We enter the password ' password ', which will be used later.

Successful words will have these files in the Cygwin\home\administrator\.ssh directory.


5. Test (deprecated, not recommended)
On the command console, use the
SSH [email protected]
Enter the password if no error, go in and then execute LS is no problem, the OpenSSH installation configuration is successful.

Note There are 2 ways to lose the password, one is enter passphrase for key ' Id_dsa ', ' id_ecdsa ', input before the password can go in
There is also a kind of these 2 password directly hit Enter, indicating not to lose, then will prompt
[email protected] ' s password:
Note here to enter the previous Cyg_server user's password, that is, cyg_server can also go in
If you can't, change your password by passwd Administrator command.

If you still can't get in, you can try the firewall settings inside the port 22nd to release, SSH service by default is the port number 22nd.

6. Secret key Mode Login
This method requires no password and can be logged in directly.

Resources
Http://blog.chinaunix.net/uid-311680-id-2439725.html

6.1 Mr. First into public and private keys

[Email protected] ~
$ pwd
/home/administrator

[Email protected] ~
$ ssh-keygen-t RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/HOME/ADMINISTRATOR/.SSH/ID_RSA):
Created directory '/home/administrator/.ssh '.
Enter passphrase (empty for no passphrase):
Enter same Passphrase again:
Your identification has been saved In/home/administrator/.ssh/id_rsa.
Your public key has been saved in/home/administrator/.ssh/id_rsa.pub.
The key fingerprint is:
0f:95:15:a7:4a:2b:f2:72:d4:e1:bd:f3:9b:c2:79:38 [email protected]
The key ' s Randomart image is:
+---[RSA 2048]----+
| O.. |
| o O |
|    = . |
| = =     |
| .    S =. |
|   + +   . |
| . O.. oo |
| O Eo.. |
| ++. |
+-----------------+


6.2 Copying the public key to the server
We use the previous way to enter the password to use the SCP command to upload the file to the server

C:\USERS\ADMINISTRATOR>SCP id_rsa.pub [Email protected]:~/.ssh
Enter passphrase for key '/HOME/ADMINISTRATOR/.SSH/ID_DSA ':
SetSockOpt ipv6_tclass 8:protocol Not available:
Id_rsa.pub 100% 411 0.4kb/s 00:00

6.3 Attaching the text information of the public key to the end of the server Authorized_keys file (with the cat command)

c:\users\administrator>ssh [email protected]
Enter passphrase for key '/HOME/ADMINISTRATOR/.SSH/ID_DSA ':
SetSockOpt ipv6_tclass 16:protocol Not available:
Last Login:mon-5 21:56:42 from 127.0.0.1

[Email protected] ~
$ CD. SSH

[Email protected] ~/.ssh
$ cat Id_rsa.pub >> Authorized_keys

[Email protected] ~/.ssh
$ logout
Connection to localhost closed.

If you are experimenting on a machine on localhost, 6.2,6.3 can also be simplified to
[Email protected] ~
$ CD. SSH

[Email protected] ~/.ssh
$ cat Id_rsa.pub >> Authorized_keys


6.4 You can log in to the server using a key, so you don't need to enter a password.

Turn off re-login Cygwin, you will be prompted for the first time

[Email protected] ~
$ ssh localhost
The authenticity of host ' localhost ' (:: 1) ' can ' t be established.
ECDSA key fingerprint is 2b:91:c2:13:ea:5c:d0:5c:9c:2f:81:b6:62:c2:fc:ee.
Is you sure want to continue connecting (yes/no)? Yes
warning:permanently added ' localhost ' (ECDSA) to the list of known hosts.

Turn off re-login Cygwin again, and you won't be prompted later.

[Email protected] ~
$ ssh localhost
Last Login:tue-22:35:18 from:: 1

Enter who and who am I to confirm success.

[Email protected] ~
$ who
Administrator pty1 2014-11-11 22:35 (:: 1)

[Email protected] ~
$ Who am I
Administrator pty1 2014-11-11 22:35 (:: 1)


7. Common errors
Connection closed by:: 1
Error installing a SERVICE:CREATESERVICE:WIN32 error 1057

These are the mistakes I have encountered, and encountered these errors, indicating that you are in front of the installation steps are wrong, such as Cyg_server user did not create, or you have entered the Cygrunsrv-r sshd command to delete the sshd.
If so, then there is no way, uninstall Cygwin again, at least I have not found a good method, but unloading load cygwin is effective.

Uninstall method: Delete All the things under the Cygwin directory, of course, you can keep the download down before the installation package, saving time to re-download.

Add: May be the file C:\cygwin64\etc\passwd inside cyg_server This user deleted can be resolved. This article has not tried, everyone if this mistake can be as the last straw to try.

Installing OpenSSH via Cygwin