marty-mcgee · December 17, 2020 00:32 · xgqfrms · Nov 26, 2015
diff --git a/install_cygwin_sshd.txt b/install_cygwin_sshd.txt
 Installing CYGWIN 64-bit with SSH (and other optional packages)
  1) Download cygwin setup.exe from http://www.cygwin.com as "cygwin-setup-x86_64.exe"
    - Execute cygwin-setup-x86_64.exe
    - Install from internet (for new packages)
    - Root directory: `c:\webserver\cygwin` + all users
    - Local package directory: use default value
    - Select a mirror to download files from
    - Select these (optional) packages:
      - net > openssh 6.8p1-1
      - admin > cygrunsrv 1.62-1
      - (audio > audiofile 0.3.6-1)
      - (editors > emacs 24.5-1)
      - (editors > emacs-w32 native Windows GUI 24.5-1)
      - (editors > nano 2.4.1-1)
      - (editors > vim 7.4.729-1)
    - Click continue
    - When everything is installed configure SSHD
  
  2) Set /var directory permissions for cygwin ssh privileges
    - directory /var needs group name "Users" or "Root" for cygwin
    - strip the ACL on the /var directory first, then change permissions:
    $ setfacl -b /var
    $ chown :Users /var
    $ chmod 757 /var
    $ chmod ug-s /var
    $ chmod +t /var
    
  3) Configure SSHD
    - open a cygwin terminal: start > RIGHT MOUSE ON "Cygwin64 Terminal" AND "RUN AS ADMINISTRATOR"
    - $ ssh-host-config
      - (Overwrite existing /etc/ssh_config: yes)
      - (Overwrite existing /etc/sshd_config: yes)
      - Should StrictModes be used? yes
      - (You have the required privileges: yes)
      - Should privilege separation be used: yes
      - New local account 'sshd': yes
      - Do you want to install 'sshd' as a service: yes 
      - (fails if dir permissions incorrect for /var, see #2)
      - Enter the value of CYGWIN for the daemon: [] (name CYGWIN: just press enter)
      - Do you want to use a different name: no
      +++ you can skip next step (it'll probably fail anyway) +++
      - Create new privileged user account '[username]\cyg_server': yes
        - enter password
        - re-enter password
      +++ end of skip +++
     
  4) Add a SSHD account
    - Open control panel
    - Create a new account with administrator rights
    - set a password for this new account

  5) Add the user to SSHD password
    $ cd /etc/
    $ cp passwd passwd_bak (backup passwd if you already have run mkpasswd.exe)
    $ /bin/mkpasswd.exe -l -u [new_username] >> /etc/passwd
      (for example: /bin/mkpasswd.exe -l -u roxlu >> /etc/passwd to add the password for roxlu)

  6) Open SSHD port (22) on Firewall
   - open Control Panel
   - click on System and Security
   - click on Windows Firewall
   - on left, click on Advanced Settings
     - click: select "Inbound Rules"
     - click: New Rule ...
        - [x] Port
          NEXT

        - TCP 
          Specific ports: 22
          NEXT

        - [x] Allow the connection
          NEXT

        - [x] Domain
          [x] Private
          [x] Public
          NEXT
  
  7) Start Windows Service (daemon)
    - check if the SSHD daemon is running
      - open Control Panel
      - search for "services"
      - click on "View Local Services" 
      - search for "CYGWIN sshd"
      - make sure it's there and running, else try re-installing sshd
      
  8) Testing and Troubleshooting
    - 1st check if you can connect to the SSHD server on the same machine:
      - open a Cygwin Terminal
      $ ssh -l [new_username] localhost
      
    - If you cannot connect to the server on localhost check if the sshd daemon/service is running (see #7)
    
    - Hint for git users:
      $ git config --global core.askpass "git-gui--askpass"

 That's it !! Good luck.
	Installing CYGWIN 64-bit with SSH (and other optional packages)
	1) Download cygwin setup.exe from http://www.cygwin.com as "cygwin-setup-x86_64.exe"
	- Execute cygwin-setup-x86_64.exe
	- Install from internet (for new packages)
	- Root directory: `c:\webserver\cygwin` + all users
	- Local package directory: use default value
	- Select a mirror to download files from
	- Select these (optional) packages:
	- net > openssh 6.8p1-1
	- admin > cygrunsrv 1.62-1
	- (audio > audiofile 0.3.6-1)
	- (editors > emacs 24.5-1)
	- (editors > emacs-w32 native Windows GUI 24.5-1)
	- (editors > nano 2.4.1-1)
	- (editors > vim 7.4.729-1)
	- Click continue
	- When everything is installed configure SSHD

	2) Set /var directory permissions for cygwin ssh privileges
	- directory /var needs group name "Users" or "Root" for cygwin
	- strip the ACL on the /var directory first, then change permissions:
	$ setfacl -b /var
	$ chown :Users /var
	$ chmod 757 /var
	$ chmod ug-s /var
	$ chmod +t /var

	3) Configure SSHD
	- open a cygwin terminal: start > RIGHT MOUSE ON "Cygwin64 Terminal" AND "RUN AS ADMINISTRATOR"
	- $ ssh-host-config
	- (Overwrite existing /etc/ssh_config: yes)
	- (Overwrite existing /etc/sshd_config: yes)
	- Should StrictModes be used? yes
	- (You have the required privileges: yes)
	- Should privilege separation be used: yes
	- New local account 'sshd': yes
	- Do you want to install 'sshd' as a service: yes
	- (fails if dir permissions incorrect for /var, see #2)
	- Enter the value of CYGWIN for the daemon: [] (name CYGWIN: just press enter)
	- Do you want to use a different name: no
	+++ you can skip next step (it'll probably fail anyway) +++
	- Create new privileged user account '[username]\cyg_server': yes
	- enter password
	- re-enter password
	+++ end of skip +++

	4) Add a SSHD account
	- Open control panel
	- Create a new account with administrator rights
	- set a password for this new account

	5) Add the user to SSHD password
	$ cd /etc/
	$ cp passwd passwd_bak (backup passwd if you already have run mkpasswd.exe)
	$ /bin/mkpasswd.exe -l -u [new_username] >> /etc/passwd
	(for example: /bin/mkpasswd.exe -l -u roxlu >> /etc/passwd to add the password for roxlu)

	6) Open SSHD port (22) on Firewall
	- open Control Panel
	- click on System and Security
	- click on Windows Firewall
	- on left, click on Advanced Settings
	- click: select "Inbound Rules"
	- click: New Rule ...
	- [x] Port
	NEXT

	- TCP
	Specific ports: 22
	NEXT

	- [x] Allow the connection
	NEXT

	- [x] Domain
	[x] Private
	[x] Public
	NEXT

	7) Start Windows Service (daemon)
	- check if the SSHD daemon is running
	- open Control Panel
	- search for "services"
	- click on "View Local Services"
	- search for "CYGWIN sshd"
	- make sure it's there and running, else try re-installing sshd

	8) Testing and Troubleshooting
	- 1st check if you can connect to the SSHD server on the same machine:
	- open a Cygwin Terminal
	$ ssh -l [new_username] localhost

	- If you cannot connect to the server on localhost check if the sshd daemon/service is running (see #7)

	- Hint for git users:
	$ git config --global core.askpass "git-gui--askpass"

	That's it !! Good luck.