Академический Документы
Профессиональный Документы
Культура Документы
Windows XP (SP2)
The ssh server is an emulation of the UNIX environment and OpenSSH for Windows, by
Redhat, called cygwin
Cygwin_WindowsXP 1 / 10
9. Choose a download site that is "close" to you. (e.g. “cse.yzu.edu.tw”). When a
selection screen comes up (you can resize the windows to see better), click the little
a. Find the package "openssh", click on the word "skip" so that an appears in
Column B, see picture below.
b. (Optional) find the package tcp_wrappers1, click on the word "skip" so that
an appears in Column B.
Notes: If you add "tcp_wrapper", you will most likely get "ssh-exchange-
identification: Connection closed by remote host" error.
If you get this error, then edit the file /etc/hosts.allow and add these two lines
before the PARANOID line. (After you finish the installation.)
ALL: 127.0.0.1/32 : allow
ALL: [::1]/128: allow.
1
tcp_wrappers provide host-based access control and add an additional layer of protection by
defining which hosts are allowed or not allowed to connect to your PC. You can edit
"/etc/hosts.allow" or “/etc/hosts.deny”.
Cygwin_WindowsXP 2 / 10
Configuration of Variables
1. Right click My Computer, and then select Properties > Advanced tab >
Environment Variables;
Click New button to add a new entry to System variables:
variable name is CYGWIN
variable value is ntsec tty
Note: ntsec is to get a more UNIX-like permission structure based upon the security
features of Windows NT, http://erdelynet.com/archive/ssh-l/2004-06/2571.html for more
information.
2. Right click My Computer > Properties > Advanced > Environment Variables
Select the Path variable and click the Edit button, and then append ;c:\cygwin\bin to
the end of the existing variable string.
3. Open a cygwin window by double clicking the icon; a black screen pops open.
Set permission to these files and folder, at the prompt sign, type
chmod +r /etc/passwd
chmod +r /etc/group
chmod 755 /var
4. To generate the DSA security keys, at the prompt sign, type ssh-host-config -y
(It may take several minutes to generate the dsa security keys on a slower-end
computer.)
Cygwin_WindowsXP 3 / 10
5. If the script asks you about "privilege separation", answer yes
If the script asks about "create a local user sshd on this machine", answer yes
If the script asks you about "install sshd as a service", answer yes
6. When the script stops and asks you for "environment variable CYGWIN=" answer
“ntsec tty”
Cygwin_WindowsXP 4 / 10
> chown sshd_server /var/empty; and start the sshd service again:
> net start sshd
If you get "ssh-exchange-identification: Connection closed by remote host" error.
Edit the file /etc/hosts.allow and add these two lines before the line of PARANOID.
ALL: 127.0.0.1/32 : allow
ALL: [::1]/128: allow
2. To stop the sshd service, type > net stop sshd or cygrunsrv –stop sshd.
Cygwin_WindowsXP 5 / 10
4. Click OK.
Cygwin_WindowsXP 6 / 10
Test sshd Service
1. To test sshd whether it is working, double click Cygwin to pop up a command
window.
2. At the command point, type
> whoami
> ssh localhost or
> ssh -v localhost
or
> ssh $USERNAME@127.0.0.1
3. If ssh complains "The authenticity of host xx.xx.xx.xx can't be established .... Are you
sure you want to continue connecting (yes/no)?" Answer yes
4. If you get an error message like "ssh-exchange-identification: Connection closed by
remote host", it is probably caused by McAfee 8.0i. Error is also related to
/etc/hosts.allow file.
5. If you get an error message like "entry point _getreent", or "QuerryService Status:
Win32 error 1062", it is probably caused by the existance of an older version of
"cygwin1.dll" located in the search path. Do a full serarch of "cygwin1.dll" and
remove the old version, except the current version at c:\cygwin\bin
6. If you get a prompt without error messages, type
> cd /cygdrive/c
> ls
7. if you see a directory listing, success! Type exit to end the cygwin ssh session.
Cygwin_WindowsXP 7 / 10
How to Update SSL / sshd
1. Check whether your ssl and sshd are up-to-date or not, go to
http://cygwin.com/packages/openssl/ and click on the latest packet link:
(Sample)
Wed Mar 25 17:38:35 2009 41 etc/profile.d/openssl.sh
Wed Mar 25 17:38:35 2009 109 etc/profile.d/openssl.csh
Wed Mar 25 17:38:36 2009 237568 usr/bin/cygssl-0.9.8.dll
Wed Mar 25 17:38:35 2009 361472 usr/bin/openssl.exe
2. Compare to the ssl which is installed in your PC. Double click cygwin icon to
open a window, and change to the directory /etc/profile.d.
From this figure, the ssl dated to Jan 8, 2009 is older than the current one listed at
http://cygwin.com/packages/openssl/.
3. Then run the setup.exe again to patch ssl (refer to the section of “Installation of
Cygwin and SSH” starting from step 5).
4. Similarly, compare to the sshd which is installed in your PC. Change to the directory
/usr/sbin and type ls –l to list the files.
Cygwin_WindowsXP 8 / 10
From this figure, the sshd.exe dated to Nov 21, 2008 is up-to-date.
1. To open an Command Windows, click Start -> Run, and then input “cmd”
3. Login to you office-pc when prompted. You can minimize the active PuTTY session and
keep the program running.
Cygwin_WindowsXP 9 / 10
Start your Remote Desktop program as usual,
1. Login your office-pc on the remote desktop. After you successfully login, you will see your
Remote Desktop Window similar as the one below.
2. After you have finished using Remote Desktop, exit from the program as normal and then
close the PuTTY program.
Cygwin_WindowsXP 10 / 10