Versions Compared

Old Version 22

changes.mady.by.user Andy Kurth

Saved on

compared with

New Version 23

changes.mady.by.user Andy Kurth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Launch C:\Cygwin\Cygwin.bat
  2. Download the cygwin-sshd-config.sh script to the following location on the Windows VM:
    C:\Cygwin\home\root\cygwin-sshd-config.sh
  3. Make sure the script is set to executable:
    No Format
    chmod +x /home/root/cygwin-sshd-config.sh
  4. Launch C:\Cygwin\Cygwin.bat
  5. Run the script and specify the root account password as an argument, enclose the password in ticks in case special characters are used in the password:
    No Format
    /home/root/cygwin-sshd-config.sh '<PASSWORD>'
    Note: the sshd service probably will not start until the next step is completed
  6. Open Start --> Run --> services.msc
  7. Double-click the Cygwin sshd service
  8. Open the Log On tab
  9. Enter the root account password twice and click OK, you should see a message stating root has been granted the Log On As A Service Right
  10. Click the General tab
  11. Click Start

...

  1. Download the gen-node-key.sh script to the following location on the management node:
    /root/gen-node-key.sh
  2. Set the script to be executable:
    No Format
    chmod +x /root/gen-node-key.sh
  3. Run the script and specify the node as an argument (either the node's DNS name or IP address can be used):
    No Format
    /root/gen-node-key.sh 192.168.22.55
  4. Attempt to connect from the management node to the Windows VM via SSH using the key:
    No Format
    ssh -i /etc/vcl/vcl.key 192.168.22.55

Shell script to configure the Cygwin SSHD service, to be run on Windows XP computer:

cygwin-sshd-config.sh

No Format

if [ $# -ne 1 ]
then
  echo "Usage: $0 '<root password>'"
  exit 1
fi
PASSWORD=$1

echo Stopping sshd service if it is running
net stop sshd 2>/dev/null
echo ----------

echo Deleting sshd service if it already exists
$SYSTEMROOT/system32/sc.exe delete sshd
echo ----------

echo Deleting the sshd user if it already exists
net user sshd /DELETE
echo ----------

echo Deleting '/etc/ssh*'
rm -fv /etc/ssh*
echo ----------

echo Deleting /var/log/sshd.log if it exists
rm -fv /var/log/sshd.log
echo ----------

echo Setting root:Administrators as owner of '/etc' and '/var'
chown -R root:Administrators /etc /var
echo ----------

echo Adding ug+rwx permissions to '/etc' and '/var'
chmod -v ug+rwx /etc /var
echo ----------

echo Adding read permission on /etc/passwd and /etc/group
chmod -v +r /etc/passwd /etc/group
echo ----------

echo Adding ug+w permission on /etc/passwd and /etc/group
chmod -v ug+w /etc/passwd /etc/group
echo ----------

echo Recreating /etc/group
mkgroup -l > /etc/group
echo ----------

echo Recreating /etc/passwd
mkpasswd -l > /etc/passwd
echo ----------

echo Configuring mount points
umount -u /usr/bin 2>/dev/nul
mount -f -s -b C:/cygwin/bin /usr/bin
umount -u /usr/lib 2>/dev/nul
mount -f -s -b C:/cygwin/lib /usr/lib
umount -u / 2>/dev/nul
mount -f -s -b C:/cygwin /
echo ----------

echo Adding execute permission on /var
chmod -v +x /var
echo ----------

echo Running ssh-host-config
ssh-host-config -y
echo ----------

echo Creating /var/empty directory if it does not exist
mkdir /var/empty 2>/dev/NULL
echo ----------

echo Setting root:Administrators as owner of /var/empty
chown -Rv root:Administrators /var/empty
echo ----------

echo Setting permissions to 755 on /var/empty
chmod -Rv 755 /var/empty
echo ----------

echo Setting permissions to 775 on /var/log
chmod -Rv 775 /var/log
echo ----------

echo Creating /var/log/sshd.log file if it does not exist
touch /var/log/sshd.log
echo ----------

echo Setting root:Administrators as owner of '/etc/ssh*' and /var/log/sshd.log
chown -Rv root:Administrators /etc/ssh* /var/log/sshd.log
echo ----------

echo Setting permissions to ug+rw on '/etc/ssh*' and /var/log/sshd.log
chmod -Rv ug+rw /etc/ssh* /var/log/sshd.log
echo ----------

echo Setting permissions to 600 on '/etc/ssh*key'
chmod -v 600 /etc/ssh*key
echo ----------

echo Setting permissions to ug+rwx on /etc
chmod -v ug+rwx /etc
echo ----------

echo Configuring /etc/sshd_config
echo LogLevel VERBOSE
sed -i -r -e "s/.?(LogLevel).*/\1 VERBOSE/" /etc/sshd_config
echo PermitRootLogin yes
sed -i -r -e "s/.?(PermitRootLogin).*/\1 yes/" /etc/sshd_config
echo MaxAuthTries 15
sed -i -r -e "s/.?(MaxAuthTries).*/\1 15/" /etc/sshd_config
echo PasswordAuthentication yes
sed -i -r -e "s/.?(PasswordAuthentication).*/\1 yes/" /etc/sshd_config
echo Banner none
sed -i -r -e "s/.?(Banner).*/\1 none/" /etc/sshd_config
echo UsePrivilegeSeparation yes
sed -i -r -e "s/.?(UsePrivilegeSeparation).*/\1 yes/" /etc/sshd_config
echo StrictModes no
sed -i -r -e "s/.?(StrictModes).*/\1 no/" /etc/sshd_config
echo ----------

echo Configuring the sshd service to log to /var/log/sshd.log
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Services\sshd\Parameters" /v AppArgs /d "-D -e" /t REG_SZ /f
echo ----------

echo Configuring the sshd service to use the root account: $PASSWORD
$SYSTEMROOT/system32/sc.exe config sshd obj= ".\root" password= "$PASSWORD"
echo ----------

echo Configuring firewall port 22 exception
netsh firewall set portopening name = "Cygwin SSHD" protocol = TCP port = 22 mode = ENABLE profile = ALL scope = ALL
echo ----------

echo Starting the sshd service
net start sshd
echo ----------

echo /var/log/sshd.log ending:
tail -n 10 /var/log/sshd.log
echo ----------

echo Done

 

----Shell script to create an SSH key pair on the management node and copy it to the authorized_keys file on a node:

gen-node-key.sh

...

Common Problems