Forword: SSH server for Windows

C

The canonical URL of this page shocould be http://pigtail.net/LRP/printsrv/cygwin-sshd.htm

This page has been tranlated to Bulgarian by Albert Ward, see this link: http://www.fatcow.com/edu/cygwin-sshd-bl/

Disclause

According to some cygwin gods, the only official document that you shoshould use is/usr/share/doc/cygwin/OpenSSH. readme which is probably valid, but it seems to aim at users with a fair bit of Linux/Unix knodge DGE.
The purpose of this tutorial is for Windows users who are perhaps less familiar with Unix Commands wanting to try out the famous open source SSH server (openssh) on a desktop Windows XP, windows Vista or Windows 7 .

The behavior of Windows 2003 Server is different. follow this link to install OpenSSH on Windows 2003 Server, by Stephen pillinger of the School of Computer Science, University of birmheim. or this link to install cygwin SSH server on Windows 2003 Server, by Kevin Scully at the University of Waterloo, Ontario, Canada.

There seems to be some problems when using cygwin SSH with McAfee 8.0i. a work around to that problem is available below.

Please don't send any questions to the cygwin mailing list to ask questions about this page as it seems to provoke them severely. they considered and declared the instructions on this page "broken" and "random" but won't constructively say what is "broken"; instead some went on launching personal attacks. the information here is provided"As is, in good faith"With no guarantee it will work.If it doesn't work, then it doesn't work.Don't send any questions to the cygwin mailing list to ask why to provoke them. if you must go to cygwin mailing list to ask, you better off completely remove cygwin before you go to the mailing list to ask questions and don't even mention that you have looked at this web page (to avoid provoking them off ).

Read this Disclaimer.

Constructive comments are of course welcome, in the original spirit of the Internet, sharing experience and knowledge regarding bug fixes and improvements to benefit other users of the Internet community. my email address is

How to installSSH Server(Called sshd, from openssh) on a Windows 2000 or XP
How to installSFTP ServerOn a Windows 2000 or XP

If you needPDF Converter, The post powerful PDF converter package available is investintech's PDF server software bundle.

After you installed OpenSSH, you will find it simple to install application software on your Windows XP/Vista that will turn tively turn your PC into a complete security camera system. install security cameras into the back of your computer and you will have the ability to remotely access your security system over a network or Internet.

The SSH Server is an emulation ofUNIX environment and OpenSSHFor Windows, by RedHat, called cygwin.
The file system on your target machine shoshould be journalled (e.g. NTFs) Because FAT file system has bugs in file access.

(1A)Login as Administrator
Windows XP-login as a user with administrator privilege;
Windows 2003 Server: Login as local Admin, it will not work for domain users or domain admin.

(1B)Make sure the current admin/user hasWindows PasswordSet.
If not, useControl Panel... user accounts to create a password.
Just to be on the safe side, after you created a password, logoff and then log in again.

(2a)Create a folder C: \ cygwin

(2B)Download cygwin's setup.exe from http://www.cygwin.com/and saveSetup.exeIn C: \ cygwin

Cygwin'sSetup.exeHas Some uncommon properties, click here to find out more.

(2C)For Windows 7 and Windows Vista, navigate to c: \ cygwin in explorer, right click the setup.exe icon, and select "Run as administrator". Thanks to David shanks for his contributions.

(2D) for Windows XP: Click start... run... and typeC: \ cygwin \ setup.exe

If you are asked to select "just me" or "all users", choose "all users"

When it asks"Local package directory", Type C: \ cygwin

Choose a download site that is "close" to you.
When a selection screen comes up (you can resize the windows to see better ),
Click the little view button for "full" view,
Find the package" OpenSSH ", Click on the word" Skip "So that an appears in column B,
See this document.
(Optional) Find the package" TCP_WRAPPERS ", Click on the word" Skip "So that an appears in column B,
If you add "tcp_wrapper", you will most likely get" Ssh-exchange-Identification: connectiion closed by remote host "Error.
If you get that error, edit the file /Etc/hosts. Allow And add these two lines
ALL: 127.0.0.1/32: Allow
All: [: 1]/128: Allow
Before the paranoid line.
(Optional) Find the package" Diffutils ", Click on the word" Skip "So that an appears in column B,
Find the package" Zlib ", Click on the word" Skip "(It shoshould be already selected) so that an appears in column B.

Notes:
Tcp_wrappers provides Host-Based Access Control and possible need you to edit "/etc/hosts. Allow"
Zlib is the compression and decompression library that is used by using programs.
Thanks to Lex Sheehan on the diffutils tips, and Thomas Braun for the hosts. Allow tips.

Click to start installing cygwin and SSH.
Size of the basic cygwin system is more than 50 Meg, this may take a while.

Take a coffee break and wait.

While you wait, take a look at sherweb's exchange server hosting.

(3) This paragraph is no longer valid for newer versions of cygwin 1.7.2 and later.
Ref: http://www.cygwin.com/cygwin-ug-net/ov-new1.7.html
right click my computer, properties, advanced, environment Variables
See This exercise (red dots)
click the "new" button to add a new entry to system variables :
variable name is cygwin
variable value is ntsec tty

Note: by setting variable ntsec, it will break sshd on mingw by generating the error "Warning: unprotected Private Key File ".
Thanks to Peter rust for this issue.

(4)Right click my computer, properties, advanced, Environment Variables
See this procedure (green dots)
Select the PATH variable and click the "edit" button:
Append; C: \ cygwin \ binTo the end of the existing variable string.

(5)

ForWindows 7 and Windows VistaYou may need to do additional uninstall steps if previous attempts to install sshd fails. Click here on how to do clean Uninstall.

For windwos XP, you shoshould login as a user with admin privilege and that user belongs to a Windows "users" group.

ForWindows XP,Open a cygwin window by double clicking the icon; a black screen pops open,
ForWindows Vista and Windows 7, Right click the icon and choose "Run as administrator"; a black screen pops open, Type

With recent releases of cygwin, there are using permission problems. Add these 6 commands as work around:

Chmod + R/etc/passwd
Chmod U + w/etc/passwd
Chmod + R/etc/group
Chmod U + w/etc/group
Chmod 755/var
Touch/var/log/sshd. Log
Chmod 664/var/log/sshd. Log

Ssh-host-config(Manuall answerYesTo questions partition T)
If the script says "This script plans to use cyg_server, do you want to use a different name? Answer yes, and type sshd as the user name.

Cyglsa-config

Reboot the computer.

Thanks to David spillett of londdon, UK on the permission tips.
Thanks to Dave Lennert of Portland Oregon for the Windows 7 tips.
Thanks to Frank Martin for the cyglsa-config tips.

When the script stops and asks you"Environment Variable cygwin ="Your answer isNtsec tty
(Click here for an explanationNtsec)
(Click here for an explanationTty)
(Thanks to Peter Reutemann of New Zealand and Ron dozerof University of Delaware)
(Thanks to Mike and Michael pechner for the Windows Vista tip)
(Thanks to Kevin Hilton on the Vista tips in the ssh-host-config section)

See note 25 near the end of this web page if you need to run ssh-host-config again.

Run "rebaseall" as desribed in http://www.acooke.org/cute/CygwinSSHS0.html

(6)While you are still in the (black) cygwin screen,Start the sshd service,Type
Net start sshd
Or
Cygrunsrv -- start sshd

Click here on how to stop the sshd service.

If the service fails to start, try (thanks to Ross Beveridge of HP for this tip)
Chown system/etc/ssh *
Chown system/var/emptyOrChown sshd_server/var/empty
Net start sshd

if you get " ssh-exchange-identification: connectiion closed by remote host "error.
edit the file /etc/hosts. allow and add these two lines
All: 127.0.0.1/32: allow
All: [: 1]/128: Allow
before the paranoid line. thanks to Thomas Braun for the hosts. allow tips.

(7) make sure every Windows user has a password set, if not,
go to Control Panel. ... User Accounts and Create a password.

(7A)Make sure every Windows user has done the following at least once:
Login as the Windows user, pop a console command screen by clickingStart... run ....CMD
Thanks to Magno Corr between a of Brazil for the tip in (7A)

(8)Pop a cygwin window, harmonize Windows user information with cygwin, otherwise they cannot login
Mkpasswd-Cl>/etc/passwd
Mkgroup -- local>/etc/group

If your XP logs on to a domain, you most likely have to manually edit/etc/group. See this page.

If your local accountNameIs the same as the domain name, then you wowould need to use Windows's user admin function
Rename the loacal account fromNameToName. Local
Then rebuild the passwd and group files as shown above, then edit the/etc/group file as shown above. Open firewall's TCP port 22
 (Thanks to Christopher poda of Venturi wireless, Sunnyvale, California)

If your XP logs on to a domain, you may be want to edit/etc/passwd to replace/Home/UsernameBy// Unc_server/path_to_home
(Thanks to Geoff Thomas)

MkpasswdCreates a password file from Windows 'user list, Click here for more details.
MkgroupCreates a group file from Windows 'user list, Click here for more details.
Thanks to John skiggn of Cingular Wireless in Redmond, Washington for his tweak on domain user/etc/group

Test to see if sshd is working, pop a cygwin window (Note: The command below isCase Sensitive)
Whoami
SSH localhost
Or
Ssh-vvv localhost
Or
SSH "$ USERNAME@127.0.0.1"

If SSH complains "the authenticity of host xx. xx can't be established... are you sure you want to continue connecting (Yes/No )? "AnswerYes(Thanks to Daniel Griscom of suitable systems)

If you get an error message like"Ssh-exchange-Identification: Connection closed by remote host",
It is probably caused by McAfee 8.0i, see this page about the fix. (thanks to Ron dosuppliers of University of Delaware, USA)

Error is also related/Etc/hosts. AllowFile, see http://www.cygwin.com/ml/cygwin/2008-12/msg00678.html

If you get an error message like"Entry point _ getreent", Or"Querryservice status: Win32 error 1062.", It is probably
Caused by the existance of an older version of "cygwin1.dll" located in the search path.
Do a full serarch of "cygwin1.dll" and remove the old version, cannot the current version at c: \ cygwin \ bin (thanks to Joe Britton)

If you get a prompt without error messages, Type
CD/cygdrive/C
LSC
If you see a directory listing,Success!
(TypeExitTo end the cygwin SSH session)
Thanks to Roger pack for his tips clarifying between Microsoft'sLs.exe(Installed by MS compilers) and cygwin'sLs.exe

If you have a Windows username that contains space, expand the space into \ [space],
E.g. If the Windows login name isMickey Mouse
SSH Mickey \ mouse@127.0.0.1

If you have a UNIX system that does not know what to do with term cygwin, add these scripts to. Login

If you have troubles SSH into the server, try runSsh-user-configc