You will need the following:
The following instructions assume the following locations on the management node:
rpm -i /install/VMware-server-1.0.8-126538.i386.rpm
vmware-config.pl
vmware-server-console &
net user root <PASSWORD>
net localgroup Administrators root /ADD
chmod +x /home/root/cygwin-sshd-config.sh
/home/root/cygwin-sshd-config.sh '<PASSWORD>'
chmod +x /root/gen-node-key.sh
/root/gen-node-key.sh 192.168.22.55
ssh -i /etc/vcl/vcl.key 192.168.22.55
Shell script to configure the Cygwin SSHD service, to be run on Windows XP computer:
cygwin-sshd-config.sh
if [ $# -ne 1 ] then echo "Usage: $0 '<root password>'" exit 1 fi PASSWORD=$1 echo Stopping sshd service if it is running net stop sshd 2>/dev/null echo ---------- echo Deleting sshd service if it already exists $SYSTEMROOT/system32/sc.exe delete sshd echo ---------- echo Deleting the sshd user if it already exists net user sshd /DELETE echo ---------- echo Deleting '/etc/ssh*' rm -fv /etc/ssh* echo ---------- echo Deleting /var/log/sshd.log if it exists rm -fv /var/log/sshd.log echo ---------- echo Setting root:Administrators as owner of '/etc' and '/var' chown -R root:Administrators /etc /var echo ---------- echo Adding ug+rwx permissions to '/etc' and '/var' chmod -v ug+rwx /etc /var echo ---------- echo Adding read permission on /etc/passwd and /etc/group chmod -v +r /etc/passwd /etc/group echo ---------- echo Adding ug+w permission on /etc/passwd and /etc/group chmod -v ug+w /etc/passwd /etc/group echo ---------- echo Recreating /etc/group mkgroup -l > /etc/group echo ---------- echo Recreating /etc/passwd mkpasswd -l > /etc/passwd echo ---------- echo Configuring mount points umount -u /usr/bin 2>/dev/nul mount -f -s -b C:/cygwin/bin /usr/bin umount -u /usr/lib 2>/dev/nul mount -f -s -b C:/cygwin/lib /usr/lib umount -u / 2>/dev/nul mount -f -s -b C:/cygwin / echo ---------- echo Adding execute permission on /var chmod -v +x /var echo ---------- echo Running ssh-host-config ssh-host-config -y echo ---------- echo Creating /var/empty directory if it does not exist mkdir /var/empty 2>/dev/NULL echo ---------- echo Setting root:Administrators as owner of /var/empty chown -Rv root:Administrators /var/empty echo ---------- echo Setting permissions to 755 on /var/empty chmod -Rv 755 /var/empty echo ---------- echo Setting permissions to 775 on /var/log chmod -Rv 775 /var/log echo ---------- echo Creating /var/log/sshd.log file if it does not exist touch /var/log/sshd.log echo ---------- echo Setting root:Administrators as owner of '/etc/ssh*' and /var/log/sshd.log chown -Rv root:Administrators /etc/ssh* /var/log/sshd.log echo ---------- echo Setting permissions to ug+rw on '/etc/ssh*' and /var/log/sshd.log chmod -Rv ug+rw /etc/ssh* /var/log/sshd.log echo ---------- echo Setting permissions to 600 on '/etc/ssh*key' chmod -v 600 /etc/ssh*key echo ---------- echo Setting permissions to ug+rwx on /etc chmod -v ug+rwx /etc echo ---------- echo Configuring /etc/sshd_config echo LogLevel VERBOSE sed -i -r -e "s/.?(LogLevel).*/\1 VERBOSE/" /etc/sshd_config echo PermitRootLogin yes sed -i -r -e "s/.?(PermitRootLogin).*/\1 yes/" /etc/sshd_config echo MaxAuthTries 15 sed -i -r -e "s/.?(MaxAuthTries).*/\1 15/" /etc/sshd_config echo PasswordAuthentication yes sed -i -r -e "s/.?(PasswordAuthentication).*/\1 yes/" /etc/sshd_config echo Banner none sed -i -r -e "s/.?(Banner).*/\1 none/" /etc/sshd_config echo UsePrivilegeSeparation yes sed -i -r -e "s/.?(UsePrivilegeSeparation).*/\1 yes/" /etc/sshd_config echo StrictModes no sed -i -r -e "s/.?(StrictModes).*/\1 no/" /etc/sshd_config echo ---------- echo Configuring the sshd service to log to /var/log/sshd.log reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Services\sshd\Parameters" /v AppArgs /d "-D -e" /t REG_SZ /f echo ---------- echo Configuring the sshd service to use the root account: $PASSWORD $SYSTEMROOT/system32/sc.exe config sshd obj= ".\root" password= "$PASSWORD" echo ---------- echo Configuring firewall port 22 exception netsh firewall set portopening name = "Cygwin SSHD" protocol = TCP port = 22 mode = ENABLE profile = ALL scope = ALL echo ---------- echo Starting the sshd service net start sshd echo ---------- echo /var/log/sshd.log ending: tail -n 10 /var/log/sshd.log echo ---------- echo Done
----Shell script to create an SSH key pair on the management node and copy it to the authorized_keys file on a node:
gen-node-key.sh
if [ $# -ne 1 ] then echo "Usage: $0 <node>" exit 1 fi NODE=$1 echo Creating /home/root/.ssh directory on $NODE ssh -o BatchMode=no $NODE 'mkdir /home/root/.ssh' echo ---------- echo Creating SSH keys on management node: '/etc/vcl/vcl.key(.pub)' ssh-keygen -t rsa -f /etc/vcl/vcl.key -N '' -b 1024 -C 'root on VCL management node' echo ---------- echo Copying public key to authorized_keys on $NODE scp -o BatchMode=no /etc/vcl/vcl.key.pub $NODE:/home/root/.ssh/authorized_keys echo ---------- echo Setting PermitRootLogin to no in sshd_config on $NODE ssh -i /etc/vcl/vcl.key root@$NODE 'sed -i -r -e "s/.?(PermitRootLogin).*/\1 no/" /etc/sshd_config' ssh -i /etc/vcl/vcl.key root@$NODE 'grep PermitRootLogin /etc/sshd_config' echo ---------- echo Setting PasswordAuthentication to no in sshd_config on $NODE ssh -i /etc/vcl/vcl.key root@$NODE 'sed -i -r -e "s/.?(PasswordAuthentication).*/\1 no/" /etc/sshd_config' ssh -i /etc/vcl/vcl.key root@$NODE 'grep PasswordAuthentication /etc/sshd_config' echo ---------- echo Done