To set up sshd on cygwin:
- install cygwin including the openssh package
- create local (or domain?) user “cyg_server” and make it member of the “Administrators” group
- Local Computer Policy -> Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment
- right click “Act as part of the operating system” -> Properties -> Add User or Group
- right click “Create a token object” -> Properties -> Add User or Group
- right click “Replace a process level token” -> Properties -> Add User or Group
Perform a “gpupdate” to sync the policy changes in the domain.
- start a bash (cygwin terminal) with Administrative privileges
- mkpasswd -l -d YOUR_DOMAIN > /etc/passwd #(skip -d YOUR_DOMAIN if not using a domain)
- mkgroup -l -d YOUR_DOMAIN > /etc/group #(skip -d YOUR_DOMAIN if not using a domain)
- ssh-host-config -y
- “cygrunsrv -S sshd” or “net start sshd”
After ages of flawless X11 forwarding over SSH, today I started getting authentication errors and couldn’t even get a remote xterm to display locally over my ssh tunnel.
I tried ssh -Y, ssh -X and changes in sshd_conf on the remote server and ssh_conf locally, even though I knew that nothing had changed except a few patches to unrelated software on the local machine. Of course that didn’t help.
I ran xauth on the remote server, no indication of any errors.
It turned out that the remote /home filesystem was out of space, and this prevented the ssh X11 forwarding from working properly. I write this as a note-to-self, as it could happen again…
So, you have correct permissions on your home directory and all the way up to /, with no other-writable directories in the path, as well as correct permissions on the .ssh directory in $HOME, and it still doesn’t work? You probably have SELinux, and need to put the newly created files in the correct security context. Do it with restorecon like this:
chmod 700 ~/.ssh
restorecon -R -v