Directory permissions for Cygwin SSH (Windows 7)

I am a fan of Linux but due to bad Intel wireless drivers in Linux, I had to switch to Windows 7. I have installed Cygwin in Windows and want to configure SSH to remotely connect to my laptop.

I searched with Google and found information for installing openssh server on Win 7, but I am getting the following error when running ssh-host-config:

bala@bala-PC ~
$ ssh-host-config
yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/READ
ME.privsep.
*** Query: Should privilege separation be used? (yes/no) no
*** Info: Updating /etc/sshd_config file

*** Warning: The following functions require administrator privileges!

*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires.  You need to have or to create a privileged
*** Info: account.  This script will help you do so.

*** Warning: The owner and the Administrators need
*** Warning: to have .w. permission to /var/run.
*** Warning: Here are the current permissions and ACLS:
*** Warning:     drwxr-xr-x 1 bala None 0 2010-01-17 22:34 /var/run
*** Warning:     # file: /var/run
*** Warning:     # owner: bala
*** Warning:     # group: None
*** Warning:     user::rwx
*** Warning:     group::r-x
*** Warning:     other:r-x
*** Warning:     mask:rwx
*** Warning:
*** Warning: Please change the user and/or group ownership,
*** Warning: permissions, or ACLs of /var/run.

*** ERROR: Problem with /var/run directory. Exiting.

The permissions of this folder are shown as read-only (only applies to this folder), checked in gray. I tried to un开发者_运维问答check but after I open the properties again, the box is again checked. Is there a way to change the permissions of this folder?

Sorry to unbury such an old thread, but this question always came up when I googled this specific problem.

After a few months, I finally found a solution. When I set up cygwin, I didn't have my user and group accounts correctly created in cygwin. The main way to do this is to run:

mkpasswd -l > /etc/passwd
mkgroup -l > /etc/group

If you are logging in using a domain user and passwd, you can do:

mkpasswd -l -d > /etc/passwd 
mkgroup -l -d > /etc/group

Or, if you have an incredibly large network like mine, you may not really want that. An alternative is to just user your local users and group plus whatever one you are currently logged in as:

mkpasswd -l > /etc/passwd
mkpasswd -c >> /etc/passwd
mkgroup -l > /etc/group
mkgroup -c >> /etc/group

After I did this, I was finally able to run ssh-host-config correctly to create the service.

I'm running cygwin 1.7 on Windows 7 x64 and sshd. I don't remember getting this error when I ran sshd_config, but I just looked at my /var/run directory and it's set to 777.

Try this in a cygwin shell chmod 777 /var/run

I had a lot of trouble with this myself. I have found that the default install steps work just fine provided that I:

1. Start the Cygwin shell as an Administrative user with the "Run As Administrator" option.
2. Have UAC disabled.
3. Have real-time virus protection disabled.

Once these steps have been taken, the default install steps are:

1. Install "openssh" from the Cygwin installer.
2. Start the Cygwin shell as an Administrative user with the "Run As Administrator" option.
3. Run "ssh-host-config" from the Cygwin shell.
4. Privilege Separation: yes
5. New local account "sshd": yes
6. Install sshd as service: yes
7. CYGWIN value: ntsec tty
8. Different name for "cyg_server": no
9. Create new privileged user account "cyg_server": yes
10. Set "cyg_server" password and keep in a safe place
11. net start sshd

After that, everything seems to work fine on both Windows 7 Professional and Home.

If you already have a failed Cygwin sshd installation, it may be best to do a full uninstall and start fresh.

Here are the Cygwin uninstall instructions if you need them: http://cygwin.com/faq/faq.html#faq.setup.uninstall-all

I first had to remove the broken installation:

cygrunsrv --remove sshd
rm -rf /var/log/sshd* /etc/ssh_host* /etc/sshd_config /var/empty

then generate passwd & group as mentioned above:

mkpasswd -l > /etc/passwd
mkgroup -l > /etc/group

then I ran:

ssh-host-config -y
cygrunsrv --start sshd

and finaly the "setuid failed" messages dissapeared and login worked.

In a cygwin shell, make sure you are administrator then:

takeown /F "C:\cygwin" /R
icacls "C:\cygwin" /grant Everyone:\(F\) /T
icacls "C:\cygwin"
chmod 777 -R "c:\cygwin"

In Windows Explorer, for folder /var:

Properties.
Security.
Add group Administrators with full control for the folder and subfolders.

It works for me.

I was only able to run the ssh-host-config script successfully when I installed Cygwin on a hard drive of type NTFS. The ssh-host-config script did not work when I had Cygwin installed on a flash drive of type exFAT.

I was having the same problem. My problem, I believe, was because I had a custom /etc/fstab file where I was mounting the root folder with "noacl" option. Here is how I solved the problem:

1. Move the custom /etc/fstab out of the way:

    mv /etc/fstab /etc/fstab.bak
   

   Alternatively, you can edit your /etc/fstab file and remove the noacl option.

2. Close all Cygwin bash windows and any other Cygwin processes or services. If you have any Cygwin process running, it will keep things mounted with the old /etc/fstab settings.

3. Start a new Cygwin bash window.

4. You may need to run the following.

   chmod +r /etc/passwd
   chmod o+x /var
   chmod +w /var/run
   

5. Cross your fingers, run ssh-host-config, and it should now complete without errors.

6. If you moved your /etc/fstab in Step 1, you can move it back now:

    mv /etc/fstab.bak /etc/fstab
   

7. If you created new users after you first installed Cygwin, update /etc/passwd, otherwise those users may not be able login via ssh:

   mkpasswd -l > /etc/passwd
   

8. Also, go to Windows Firewall, and allow C:/cygwin/usr/sbin/sshd.exe and C:/cygwin/usr/sbin/sftp-server.exe

for windows Users run "Cygwin Terminal" by right-clicking on shortcut and run it as a administrator....

Now Run "ssh-host-config" from the Cygwin Terminal...It will definitely work.