Shell script to configure the Cygwin SSHD service, to be run on Windows XP computer:
if [ $# -ne 1 ] then echo "Usage: $0 '<root password>'" exit 1 fi PASSWORD=$1echo Stopping sshd service if it is running net stop sshd 2>/dev/null echo ----------echo Deleting sshd service if it already exists $SYSTEMROOT/system32/sc.exe delete sshd echo ----------echo Deleting the sshd user if it already exists net user sshd /DELETE echo ----------echo Deleting '/etc/ssh*' rm -fv /etc/ssh* echo ----------echo Deleting /var/log/sshd.log if it exists rm -fv /var/log/sshd.log echo ----------echo Setting root:Administrators as owner of '/etc' and '/var' chown -R root:Administrators /etc /var echo ----------echo Adding ug+rwx permissions to '/etc' and '/var' chmod -v ug+rwx /etc /var echo ----------echo Adding read permission on /etc/passwd and /etc/group chmod -v +r /etc/passwd /etc/group echo ----------echo Adding ug+w permission on /etc/passwd and /etc/group chmod -v ug+w /etc/passwd /etc/group echo ----------echo Recreating /etc/group mkgroup -l > /etc/group echo ----------echo Recreating /etc/passwd mkpasswd -l > /etc/passwd echo ----------echo Configuring mount points umount -u /usr/bin 2>/dev/nul mount -f -s -b C:/cygwin/bin /usr/bin umount -u /usr/lib 2>/dev/nul mount -f -s -b C:/cygwin/lib /usr/lib umount -u / 2>/dev/nul mount -f -s -b C:/cygwin / echo ----------echo Adding execute permission on /var chmod -v +x /var echo ----------echo Running ssh-host-config ssh-host-config -y echo ----------echo Creating /var/empty directory if it does not exist mkdir /var/empty 2>/dev/NULL echo ----------echo Setting root:Administrators as owner of /var/empty chown -Rv root:Administrators /var/empty echo ----------echo Setting permissions to 755 on /var/empty chmod -Rv 755 /var/empty echo ----------echo Setting permissions to 775 on /var/log chmod -Rv 775 /var/log echo ----------echo Creating /var/log/sshd.log file if it does not exist touch /var/log/sshd.log echo ----------echo Setting root:Administrators as owner of '/etc/ssh*' and /var/log/sshd.log chown -Rv root:Administrators /etc/ssh* /var/log/sshd.log echo ----------echo Setting permissions to ug+rw on '/etc/ssh*' and /var/log/sshd.log chmod -Rv ug+rw /etc/ssh* /var/log/sshd.log echo ----------echo Setting permissions to 600 on '/etc/ssh*key' chmod -v 600 /etc/ssh*key echo ----------echo Setting permissions to ug+rwx on /etc chmod -v ug+rwx /etc echo ----------echo Configuring /etc/sshd_config echo LogLevel VERBOSE sed -i -r -e "s/.?(LogLevel).*/\1 VERBOSE/" /etc/sshd_config echo PermitRootLogin yes sed -i -r -e "s/.?(PermitRootLogin).*/\1 yes/" /etc/sshd_config echo MaxAuthTries 15 sed -i -r -e "s/.?(MaxAuthTries).*/\1 15/" /etc/sshd_config echo PasswordAuthentication yes sed -i -r -e "s/.?(PasswordAuthentication).*/\1 yes/" /etc/sshd_config echo Banner none sed -i -r -e "s/.?(Banner).*/\1 none/" /etc/sshd_config echo UsePrivilegeSeparation yes sed -i -r -e "s/.?(UsePrivilegeSeparation).*/\1 yes/" /etc/sshd_config echo StrictModes no sed -i -r -e "s/.?(StrictModes).*/\1 no/" /etc/sshd_config echo ----------echo Configuring the sshd service to log to /var/log/sshd.log reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Services\sshd\Parameters" /v AppArgs /d "-D -e" /t REG_SZ /f echo ----------echo Configuring the sshd service to use the root account: $PASSWORD $SYSTEMROOT/system32/sc.exe config sshd obj= ".\root" password= "$PASSWORD" echo ----------echo Configuring firewall port 22 exception netsh firewall set portopening name = "Cygwin SSHD" protocol = TCP port = 22 mode = ENABLE profile = ALL scope = ALL echo ----------echo Starting the sshd service net start sshd echo ----------echo /var/log/sshd.log ending: tail -n 10 /var/log/sshd.log echo ----------echo Done
Shell script to create an SSH key pair on the management node:
if [ $# -ne 1 ] then echo "Usage: $0 <node>" exit 1 fi NODE=$1echo Creating /home/root/.ssh directory on $NODE ssh -o BatchMode=no $NODE 'mkdir /home/root/.ssh' echo ----------echo Creating SSH keys on management node: '/etc/vcl/vcl.key(.pub)' ssh-keygen -t rsa -f /etc/vcl/vcl.key -N '' -b 1024 -C 'root on VCL management node' echo ----------echo Copying public key to authorized_keys on $NODE scp -o BatchMode=no /etc/vcl/vcl.key.pub $NODE:/home/root/.ssh/authorized_keys echo ----------echo Setting PermitRootLogin to no in sshd_config on $NODE ssh -i /etc/vcl/vcl.key root@$NODE 'sed -i -r -e "s/.?(PermitRootLogin).*/\1 no/" /etc/sshd_config' ssh -i /etc/vcl/vcl.key root@$NODE 'grep PermitRootLogin /etc/sshd_config' echo ----------echo Setting PasswordAuthentication to no in sshd_config on $NODE ssh -i /etc/vcl/vcl.key root@$NODE 'sed -i -r -e "s/.?(PasswordAuthentication).*/\1 no/" /etc/sshd_config' ssh -i /etc/vcl/vcl.key root@$NODE 'grep PasswordAuthentication /etc/sshd_config' echo ----------echo Done