diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-01-19 06:37:32 +0100 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-01-19 06:37:32 +0100 |
commit | b100ec95429daa986cb31834e462083adc22e8b6 (patch) | |
tree | 74ea3e32b28515b06a090880c7499113906a93aa /contrib | |
parent | - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>) (diff) | |
download | openssh-b100ec95429daa986cb31834e462083adc22e8b6.tar.xz openssh-b100ec95429daa986cb31834e462083adc22e8b6.zip |
- (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com>
Also removed some of the 'ISSUES' comments that have been verified by djm.
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/cygwin/README | 35 | ||||
-rw-r--r--[-rwxr-xr-x] | contrib/cygwin/ssh-host-config (renamed from contrib/cygwin/ssh-config) | 168 | ||||
-rw-r--r-- | contrib/cygwin/ssh-user-config | 200 |
3 files changed, 343 insertions, 60 deletions
diff --git a/contrib/cygwin/README b/contrib/cygwin/README index 8c9d0bb73..ac0955836 100644 --- a/contrib/cygwin/README +++ b/contrib/cygwin/README @@ -20,18 +20,41 @@ of the files has changed from /usr/local to /usr. The global configuration files are in /etc now. If you are installing OpenSSH the first time, you can generate -global config files, server keys and your own user keys by running +global config files and server keys by running - /usr/bin/ssh-config + /usr/bin/ssh-host-config -If you are updating your installation you may run the above ssh-config +Note that this binary archive doesn't contain default config files in /etc. +That files are only created if ssh-host-config is started. + +If you are updating your installation you may run the above ssh-host-config as well to move your configuration files to the new location and to erase the files at the old location. -Be sure to start the new ssh-config when updating! +To support testing and unattended installation ssh-host-config got +some options: -Note that this binary archive doesn't contain default config files in /etc. -That files are only created if ssh-config is started. +usage: ssh-host-config [OPTION]... +Options: + --debug -d Enable shell's debug output. + --yes -y Answer all questions with "yes" automatically. + --no -n Answer all questions with "no" automatically. + +You can create the private and public keys for a user now by running + + /usr/bin/ssh-user-config + +under the users account. + +To support testing and unattended installation ssh-user-config got +some options as well: + +usage: ssh-user-config [OPTION]... +Options: + --debug -d Enable shell's debug output. + --yes -y Answer all questions with "yes" automatically. + --no -n Answer all questions with "no" automatically. + --passphrase -p word Use "word" as passphrase automatically. Install sshd as daemon via SRVANY.EXE (recommended on NT/W2K), via inetd (results in very slow deamon startup!) or from the command line (recommended diff --git a/contrib/cygwin/ssh-config b/contrib/cygwin/ssh-host-config index 20c8cceb0..6fe2c7795 100755..100644 --- a/contrib/cygwin/ssh-config +++ b/contrib/cygwin/ssh-host-config @@ -1,11 +1,9 @@ #!/bin/sh # -# ssh-config, Copyright 2000, Red Hat Inc. +# ssh-host-config, Copyright 2000, Red Hat Inc. # # This file is part of the Cygwin port of OpenSSH. -# set -x - # Subdirectory where the new package is being installed PREFIX=/usr @@ -16,8 +14,19 @@ SYSCONFDIR=/etc OLDPREFIX=/usr/local OLDSYSCONFDIR=${OLDPREFIX}/etc +progname=$0 +auto_answer="" + request() { + if [ "${auto_answer}" = "yes" ] + then + return 0 + elif [ "${auto_answer}" = "no" ] + then + return 1 + fi + answer="" while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ] do @@ -32,6 +41,48 @@ request() fi } +# Check options + +while : +do + case $# in + 0) + break + ;; + esac + + option=$1 + shift + + case "$option" in + -d | --debug ) + set -x + ;; + + -y | --yes ) + auto_answer=yes + ;; + + -n | --no ) + auto_answer=no + ;; + + *) + echo "usage: ${progname} [OPTION]..." + echo + echo "This script creates an OpenSSH host configuration." + echo + echo "Options:" + echo " --debug -d Enable shell's debug output." + echo " --yes -y Answer all questions with \"yes\" automatically." + echo " --no -n Answer all questions with \"no\" automatically." + echo + exit 1 + ;; + + esac +done + # Check for running ssh/sshd processes first. Refuse to do anything while # some ssh processes are still running @@ -71,6 +122,7 @@ fi # Check for an old installation in ${OLDPREFIX} unless ${OLDPREFIX} isn't # the same as ${PREFIX} +old_install=0 if [ "${OLDPREFIX}" != "${PREFIX}" ] then if [ -f "${OLDPREFIX}/sbin/sshd" ] @@ -116,6 +168,7 @@ then rm -f ${OLDPREFIX}/sbin/sshd.exe rm -f ${OLDPREFIX}/sbin/sftp-server.exe fi + old_install=1 fi fi @@ -124,13 +177,19 @@ fi if [ ! -f "${SYSCONFDIR}/ssh_host_key" ] then echo "Generating ${SYSCONFDIR}/ssh_host_key" - ssh-keygen -f ${SYSCONFDIR}/ssh_host_key -N '' + ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null +fi + +if [ ! -f "${SYSCONFDIR}/ssh_host_rsa_key" ] +then + echo "Generating ${SYSCONFDIR}/ssh_host_rsa_key" + ssh-keygen -t rsa -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' > /dev/null fi if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ] then echo "Generating ${SYSCONFDIR}/ssh_host_dsa_key" - ssh-keygen -d -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' + ssh-keygen -t dsa -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' > /dev/null fi # Check if ssh_config exists. If yes, ask for overwriting @@ -151,7 +210,7 @@ fi if [ ! -f "${SYSCONFDIR}/ssh_config" ] then - echo "Creating default ${SYSCONFDIR}/ssh_config file" + echo "Generating ${SYSCONFDIR}/ssh_config file" cat > ${SYSCONFDIR}/ssh_config << EOF # This is ssh client systemwide configuration file. This file provides # defaults for users, and the values can be changed in per-user configuration @@ -179,7 +238,6 @@ then # BatchMode no # CheckHostIP yes # StrictHostKeyChecking no -# IdentityFile ~/.ssh/identity # Port 22 # Protocol 2,1 # Cipher 3des @@ -190,6 +248,11 @@ Host * ForwardAgent no ForwardX11 no FallBackToRsh no + +# Try authentification with the following identities + IdentityFile ~/.ssh/identity + IdentityFile ~/.ssh/id_rsa + IdentityFile ~/.ssh/id_dsa EOF fi @@ -211,15 +274,20 @@ fi if [ ! -f "${SYSCONFDIR}/sshd_config" ] then - echo "Creating default ${SYSCONFDIR}/sshd_config file" + echo "Generating ${SYSCONFDIR}/sshd_config file" cat > ${SYSCONFDIR}/sshd_config << EOF # This is ssh server systemwide configuration file. Port 22 -#Protocol 2,1 +# +Protocol 2,1 ListenAddress 0.0.0.0 #ListenAddress :: -#HostKey /etc/ssh_host_key +# +# Uncomment the following lines according to the used authentication +HostKey /etc/ssh_host_key +HostKey /etc/ssh_host_rsa_key +HostKey /etc/ssh_host_dsa_key ServerKeyBits 768 LoginGraceTime 600 KeyRegenerationInterval 3600 @@ -262,63 +330,55 @@ UseLogin no EOF fi -# Ask user if user identity should be generated - -if [ "X${HOME}" = "X" ] -then - echo '$HOME is nonexistant. Cannot create user identity files.' - exit 1 -fi - -if [ ! -d "${HOME}" ] +# Add port 22/tcp to services +_sys="`uname -a`" +_nt=`expr "$_sys" : "CYGWIN_NT"` +if [ $_nt -gt 0 ] then - echo '$HOME is not a valid directory. Cannot create user identity files.' - exit 1 -fi - -# If HOME is the root dir, set HOME to empty string to avoid error messages -# in subsequent parts of that script. -if [ "X${HOME}" = "X/" ] -then - HOME='' + _wservices="${SYSTEMROOT}\\system32\\drivers\\etc\\services" + _wserv_tmp="${SYSTEMROOT}\\system32\\drivers\\etc\\srv.out.$$" +else + _wservices="${WINDIR}\\SERVICES" + _wserv_tmp="${WINDIR}\\SERV.$$" fi +_services=`cygpath -u "${_wservices}"` +_serv_tmp=`cygpath -u "${_wserv_tmp}"` -if [ -e "${HOME}/.ssh" -a ! -d "${HOME}/.ssh" ] -then - echo '$HOME/.ssh is existant but not a directory. Cannot create user identity files.' - exit 1 -fi +mount -b -f "${_wservices}" "${_services}" +mount -b -f "${_wserv_tmp}" "${_serv_tmp}" -if [ ! -e "${HOME}/.ssh" ] +if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ] then - mkdir "${HOME}/.ssh" - if [ ! -e "${HOME}/.ssh" ] + awk '{ if ( $2 ~ /^23\/tcp/ ) print "sshd 22/tcp #SSH daemon\r"; print $0; }' < "${_services}" > "${_serv_tmp}" + if [ -f "${_serv_tmp}" ] then - echo "Creating users ${HOME}/.ssh directory failed" - exit 1 + if mv "${_serv_tmp}" "${_services}" + then + echo "Added sshd to ${_services}" + else + echo "Adding sshd to ${_services} failed\!" + fi + rm -f "${_serv_tmp}" + else + echo "Adding sshd to ${_services} failed\!" fi fi -if [ ! -f "${HOME}/.ssh/identity" ] +umount "${_services}" +umount "${_serv_tmp}" + +# Add sshd line to inetd.conf +if [ -f /etc/inetd.conf ] then - if request "Shall I create an RSA identity file for you?" - then - echo "Generating ${HOME}/.ssh/identity" - ssh-keygen -f "${HOME}/.ssh/identity" - fi + grep -q "^[# \t]*sshd" /etc/inetd.conf || echo "# sshd stream tcp nowait root /usr/sbin/sshd -i" >> /etc/inetd.conf fi -if [ ! -f "${HOME}/.ssh/id_dsa" ] +if [ "${old_install}" = "1" ] then - if request "Shall I create an DSA identity file for you? (yes/no) " - then - echo "Generating ${HOME}/.ssh/id_dsa" - ssh-keygen -d -f "${HOME}/.ssh/id_dsa" - fi + echo + echo "Note: If you have used sshd as service or from inetd, don't forget to" + echo " change the path to sshd.exe in the service entry or in inetd.conf." fi echo -echo "Note: If you have used sshd as service or from inetd, don't forget to" -echo " change the path to sshd.exe in the service entry or in inetd.conf." -echo -echo "Configuration finished. Have fun!" +echo "Host configuration finished. Have fun!" diff --git a/contrib/cygwin/ssh-user-config b/contrib/cygwin/ssh-user-config new file mode 100644 index 000000000..5a76adbaf --- /dev/null +++ b/contrib/cygwin/ssh-user-config @@ -0,0 +1,200 @@ +#!/bin/sh +# +# ssh-user-config, Copyright 2000, Red Hat Inc. +# +# This file is part of the Cygwin port of OpenSSH. + +progname=$0 +auto_answer="" +auto_passphrase="no" +passphrase="" + +request() +{ + if [ "${auto_answer}" = "yes" ] + then + return 0 + elif [ "${auto_answer}" = "no" ] + then + return 1 + fi + + answer="" + while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ] + do + echo -n "$1 (yes/no) " + read answer + done + if [ "X${answer}" = "Xyes" ] + then + return 0 + else + return 1 + fi +} + +# Check options + +while : +do + case $# in + 0) + break + ;; + esac + + option=$1 + shift + + case "$option" in + -d | --debug ) + set -x + ;; + + -y | --yes ) + auto_answer=yes + ;; + + -n | --no ) + auto_answer=no + ;; + + -p | --passphrase ) + with_passphrase="yes" + passphrase=$1 + shift + ;; + + *) + echo "usage: ${progname} [OPTION]..." + echo + echo "This script creates an OpenSSH user configuration." + echo + echo "Options:" + echo " --debug -d Enable shell's debug output." + echo " --yes -y Answer all questions with \"yes\" automatically." + echo " --no -n Answer all questions with \"no\" automatically." + echo " --passphrase -p word Use \"word\" as passphrase automatically." + echo + exit 1 + ;; + + esac +done + +# Ask user if user identity should be generated + +if [ ! -f /etc/passwd ] +then + echo '/etc/passwd is nonexistant. Please generate an /etc/passwd file' + echo 'first using mkpasswd. Check if it contains an entry for you and' + echo 'please care for the home directory in your entry as well.' + exit 1 +fi + +uid=`id -u` +pwdhome=`awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < /etc/passwd` + +if [ "X${pwdhome}" = "X" ] +then + echo 'There is no home directory set for you in /etc/passwd.' + echo 'Setting $HOME is not sufficient!' + exit 1 +fi + +if [ ! -d "${pwdhome}" ] +then + echo "${pwdhome} is set in /etc/passwd as your home directory" + echo 'but it is not a valid directory. Cannot create user identity files.' + exit 1 +fi + +# If home is the root dir, set home to empty string to avoid error messages +# in subsequent parts of that script. +if [ "X${pwdhome}" = "X/" ] +then + # But first raise a warning! + echo 'Your home directory in /etc/passwd is set to root (/). This is not recommended!' + if request "Would you like to proceed anyway?" + then + pwdhome='' + else + exit 1 + fi +fi + +if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ] +then + echo "${pwdhome}/.ssh is existant but not a directory. Cannot create user identity files." + exit 1 +fi + +if [ ! -e "${pwdhome}/.ssh" ] +then + mkdir "${pwdhome}/.ssh" + if [ ! -e "${pwdhome}/.ssh" ] + then + echo "Creating users ${pwdhome}/.ssh directory failed" + exit 1 + fi +fi + +if [ ! -f "${pwdhome}/.ssh/identity" ] +then + if request "Shall I create an SSH1 RSA identity file for you?" + then + echo "Generating ${pwdhome}/.ssh/identity" + if [ "${with_passphrase}" = "yes" ] + then + ssh-keygen -t rsa1 -N "${passphrase}" -f "${pwdhome}/.ssh/identity" > /dev/null + else + ssh-keygen -t rsa1 -f "${pwdhome}/.ssh/identity" > /dev/null + fi + if request "Do you want to use this identity to login to this machine?" + then + echo "Adding to ${pwdhome}/.ssh/authorized_keys" + cat "${pwdhome}/.ssh/identity.pub" >> "${pwdhome}/.ssh/authorized_keys" + fi + fi +fi + +if [ ! -f "${pwdhome}/.ssh/id_rsa" ] +then + if request "Shall I create an SSH2 RSA identity file for you? (yes/no) " + then + echo "Generating ${pwdhome}/.ssh/id_rsa" + if [ "${with_passphrase}" = "yes" ] + then + ssh-keygen -t rsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_rsa" > /dev/null + else + ssh-keygen -t rsa -f "${pwdhome}/.ssh/id_rsa" > /dev/null + fi + if request "Do you want to use this identity to login to this machine?" + then + echo "Adding to ${pwdhome}/.ssh/authorized_keys2" + cat "${pwdhome}/.ssh/id_rsa.pub" >> "${pwdhome}/.ssh/authorized_keys2" + fi + fi +fi + +if [ ! -f "${pwdhome}/.ssh/id_dsa" ] +then + if request "Shall I create an SSH2 DSA identity file for you? (yes/no) " + then + echo "Generating ${pwdhome}/.ssh/id_dsa" + if [ "${with_passphrase}" = "yes" ] + then + ssh-keygen -t dsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_dsa" > /dev/null + else + ssh-keygen -t dsa -f "${pwdhome}/.ssh/id_dsa" > /dev/null + fi + if request "Do you want to use this identity to login to this machine?" + then + echo "Adding to ${pwdhome}/.ssh/authorized_keys2" + cat "${pwdhome}/.ssh/id_dsa.pub" >> "${pwdhome}/.ssh/authorized_keys2" + fi + fi +fi + +echo +echo "Configuration finished. Have fun!" |