After Cygwin is installed, you must configure CYGWIN sshd
to run as an automatic service, start the service, and update Cygwin
environment user accounts and groups for users to log in to the remote
server on the Windows system.
Procedure
To configure your Cygwin environment to work correctly
with the workbench, complete the following steps:
- Right click My Computer, and click to modify
the PATH variable and to create a new environment variable. In either
the User or System variables section (use the System variables if
any account using this computer can use Cygwin):
- Select the PATH variable, click Edit,
and append ;c:\cygwin\bin to the end of the
existing variable string.
- Click New to add a new environment
variable that is named CYGWIN. In the Variable name text
box, enter CYGWIN, and in the Variable
value text box, enter binmode tty ntsec.
- Save the changes by clicking OK until
the My Computer window closes.
- Start Cygwin. You can double-click the shortcut on your
desktop if one was created when you installed Cygwin. A
command window is opens.
- Run the ssh-host-config command by typing ssh-host-config after
the $ prompt.
By default, privilege separation is set to Yes when OpenSSH 3.3 or newer versions are used. You
can specify No to the privilege separation option and set the service to allow public key
authentication that uses the sshd-server account.
Respond
to the prompts that are displayed as follows:
- When you are asked Query: Should privilege separation be used?, enter
the appropriate response based on your environment:
- Enter yes to create an unprivileged user.
- Enter no to use the sshd-server account.
- When you are asked Query: Do you want to
install sshd as a service?, enter the appropriate response
based on your environment:
- Enter yes to install sshd as a service.
- Enter no if sshd is already installed as
a service.
- When you are asked Query: Enter the value
of CYGWIN for the daemon: [ntsec], enter ntsec
tty.
- Start the sshd service. In a Windows command prompt, type net
start sshd or, in a bash prompt, type cygrunsrv
-start sshd. To verify that the sshd service
is running, you can type ps –a and check that
/usr/sbin/sshd is in the list of running processes, or you can click to do this
checking.
To stop the service, in a Windows command
prompt, type net stop sshd. Alternatively,
you can change to the C:\cygwin\bin directory
(or open a bash shell) and type cygrunsrv -stop sshd.
- After start the service, test the service by entering the
following information from a bash prompt: ssh localhost
-l your_username. If you are informed that the authenticity
of localhost cannot be established and are asked Are you
sure you want to continue connecting?, enter yes.
When you are prompted for your account password on localhost, enter
the password that you use when you log on to the computer.
- Create the accounts that will be able to log in to the
computer:
- Create the Windows accounts
first. Click . Make each user a member of the Administrators group.
Complete this step for each user that you want to add before you create
the corresponding Cygwin accounts.
- Make a backup copy of the /etc/passwd file.
- Synchronize the Cygwin environment user accounts with
the operating system user repository. Run the following command: mkpasswd
-l > /etc/passwd
- After the users and groups are synchronized in the Cygwin
environment, stop and start the sshd service The sshd service
reads the /etc/passwd only when the service starts again, which causes
the account for a user to be recognized.
- If you need to create groups of accounts, create the Windows groups first. Then synchronize
the Cygwin user groups. After creating the Windows groups, run the following command: mkgroup
-l > /etc/group. When you add groups, you also
need to stop and start the sshd service to have the new group recognized.
- Verify that the Cygwin sshd service has been added as a
service that starts automatically. To complete this verification,
click .