Cygwin之—配置sshd服务
-
以管理员身份登录
-
给文件授权,以完成sshd 服务的安装
$ chmod +r /etc/group $ chmod +r /etc/passwd $ chmod +rwx /var -
安装 sshd 服务
$ ssh-host-config Query: Should privilege separation be used? (yes/no) yes Query: (Say "no" if it is already installed as a service) (yes/no) yes Query: Enter the value of CYGWIN for the daemon: [ntsec] ntsec Query: Do you want to use a different name? (yes/no) no不同版本的sshd问题不一样,假如有其他提问自己看着办
-
使用 windows 用户本地认证,即使用windows 的用户名和密码登录
(这一步比较关键,之前按照Hadoop开发者的资料操作,没有这个步骤,导致了我的CYGWIN sshd服务启动不起来,老是提示“一些服务自动停止,如果他们没什么可做的......”)
//把windows的用户导入到cygwin下,在安装cygwin的过程中,安装程序会自动执行这个命令的。由于windows下 没有root用户,所以cygwin一般把system和admin的用户,作为root来用
$ mkpasswd -l > /etc/passwd
$ mkgroup -l > /etc/group-
启动
$ cygrunsrv --start cygsshd $ cygrunsrv --stop cygsshd -
客户端登录(假设服务器地址为192.168.1.100)
$ ssh administrator@192.168.1.100
常见问题:
Q: cygrunsrv -S cygsshd不能启动,报告cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error 1062
A: 很可能是/var/log的权限设置不正确。首先执行 mkpasswd 和 mkgroup 重新生成权限信息,再删除sshd服务,重新配置:
$ mkpasswd -l > /etc/passwd
$ mkgroup -l > /etc/group
$ cygrunsrv -R cygsshd
$ ssh-host-config -y
$ cygrunsrv -S cygsshd
$ net start sshd
发生系统错误 1069 --- 表示由于登录失败而无法启动服务
解决方法:在cmd中输入services.msc即可打开windows的服务,在CYGWIN sshd服务中把密码改对就可以了。
(在上面配置ssh的过程中我的用户名是:root 密码是:123456)
如报错服务不存在,确认服务名称
cygrunsrv: Error removing a service: OpenService: Win32 error 1060-
Q: 客户端连接时提示服务器密钥(ssh-rsa)不一致
A: 应该是客户端以前连接时记录的服务器密钥跟新的不一致: 在客户端的cygwin的 /home/xxx(用户名,比如Administrator)/.ssh/known_hosts文件中找到服务器地址所对应的一行,删除掉,重新连接 -
Win7下Cygwin中,使用ssh localhost命令,出现Connection closed by127.0.0.1的问题
解决方案: 1)开始——运行——services.msc 2)右键CYGWINsshd——属性——登录选项卡——选择“此账户”——浏览——高级——立即查找——选择你的账户名(必须为管理员权限)——输入密码(必须要有,空密码不接受)——确定。 3)重启CYGWINsshd服务即可。这样就以你的账户的名义启动了这个服务。然后ssh localhost成功。 -
cygwin登陆命令
chdir D:\cygwin64\bin bash --login -i
这篇文章主要是为我在win7(64位)下搭建hadoop环境所准备的。首先参照在cygwin使用总结这篇文章在cygwin中安装所必须得软件包,然后如下进行操作:
sony@sony-VAIO~ $ ssh-host-config
*** Info: Generating /etc/ssh_host_key
*** Info: Generating /etc/ssh_host_rsa_key
*** Info: Generating /etc/ssh_host_dsa_key
*** Info: Generating /etc/ssh_host_ecdsa_key
*** Info: Creating default /etc/ssh_config file
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/READ
ME.privsep.
*** Query: Should privilege separation be used? (yes/no) no
*** Info: Updating /etc/sshd_config file
*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: netsec] netsec
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires. You need to have or to create a privileged
*** Info: account. This script will help you do so.
*** Info: You appear to be running Windows XP 64bit, Windows 2003 Server,
*** Info: or later. On these systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).
*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.
*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.
*** Info: No privileged account could be found.
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) yes
*** Query: Enter the new user name: sony
*** Query: Reenter: sony
*** Warning: Privileged account 'sony' was specified,
*** Warning: but it does not have the necessary privileges.
*** Warning: Continuing, but will probably use a different account.
*** Warning: The specified account 'sony' does not have the
*** Warning: required permissions or group memberships. This may
*** Warning: cause problems if not corrected; continuing...
*** Query: Please enter the password for user 'sony':
*** Query: Reenter:
*** Info: The sshd service has been installed under the 'sony'
*** Info: account. To start the service now, call `net start sshd' or
*** Info: `cygrunsrv -S sshd'. Otherwise, it will start automatically
*** Info: after the next reboot.
*** Info: Host configuration finished. Have fun!
$ net start sshd
发生系统错误 1069 --- 表示由于登录失败而无法启动服务
解决方法:在cmd中输入services.msc即可打开windows的服务,在服务中把密码改对就可以了。
(在上面配置ssh的过程中我的用户名是:sony 密码是:123456)
sshd服务装成功如下:
sony@sony-VAIO ~ $ net start sshd
CYGWIN sshd 服务正在启动 .
CYGWIN sshd 服务已经启动成功
接下来是配置无密码登陆:
sony@sony-VAIO ~ $ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/sony/.ssh/id_rsa):
Created directory '/home/sony/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/sony/.ssh/id_rsa.
Your public key has been saved in /home/sony/.ssh/id_rsa.pub.
The key fingerprint is:
e8:38:5e:e3:bb:cf:76:03:61:5f:f2:68:ed:a3:49:db sony@sony-VAIO
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| |
| .o . . |
| ..So * |
| o . + o |
| o + o.. |
| . + o..o+o |
| . +=o.+oE. |
+-----------------+
sony@sony-VAIO ~ $ cd .ssh/
sony@sony-VAIO ~/.ssh $ ls
id_rsa id_rsa.pub
sony@sony-VAIO ~/.ssh $ cp id_rsa.pub authorized_keys
sony@sony-VAIO ~/.ssh $ ls
authorized_keys id_rsa id_rsa.pub
验证如下:
sony@sony-VAIO ~/.ssh $ ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is 5f:21:b1:24:80:92:f6:af:3e:e3:a8:f9:cb:a4:4f:ec.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
sony@sony-VAIO ~ $ who
sony tty0 2011-11-25 15:42 (::1)
微信
支付宝本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可。