export OUTPUT_CHARSET=
"GB2312"
2.修改
桌面\cygwin\.inputrc
# 支持输入中文
set convert-meta off
set input-meta on
set output-meta on
Cygwin+ Tcl
安装完tcl包
文件加路径该权限即可
#!/usr/bin/tclsh8.5.exe
Cygwin+ SSH
用管理员用户登录,启动 cygwin 命令行,执行以下命令。
配置 sshd
在 cygwin 的命令行中输入以下命令:
$ cd /etc
$ chmod 666 sshd_config
$ vi sshd_config
修改 sshd_config 的以下配置。
PermitRootLogin no # 禁止root登录
StrictModes yes # CYGWIN=ntsec时的安全配置
RhostsRSAAuthentication no # 禁止 rhosts 认证
IgnoreRhosts yes # 禁止 rhosts 认证
PasswordAuthentication no # 禁止密码认证
ChallengeResponseAuthentication no # 禁止密码认证
PermitEmptyPasswords no # 禁止空密码用户登录
最后将 sshd_config 的权限修改回 644。
$ chmod 644 sshd_config
启动 sshd 服务器。
$ cygrunsrv -S sshd 生成公钥和密钥
由于我们上面的设置仅允许密钥方式认证,所以要为我们的用户生成一对公钥和密钥。
在 cygwin 的控制台中执行以下命令,生成 ssh1 的公钥和密钥。
$ ssh-keygen -t rsa1
Generating public/private rsa1 key pair.
Enter file in which to save the key (/home/charlee/.ssh/identity):
Enterpassphrase (empty for no passphrase): 输入密码
Enter same passphrase again: 再次输入密码
Your identification has been sabed in /home/charlee/.ssh/identity
Your public key has been saved in /home/charlee/.ssh/identity.pub
类似的方法,使用下面的命令生成 ssh2 的公钥和密钥。
$ ssh-keygen -t rsa
$ ssh-keygen -t dsa
将公钥导入到认证公钥中:
$ cd .ssh
$ cat identity.pub >> authorized_keys
$ cat id_rsa.pub >> authorized_keys
$ cat id_dsa.pub >> authorized_keys
因为我们在 /etc/sshd_config 的配置中使用了 StrictModes yes 的设置,所以要修改目录权限,命令如下。
$ chmod 755 /home/charlee
然后将密钥 identity、id_rsa、id_dsa 文件用某种方式复制到客户端。我使用的客户端是 Linux,因此只要将这三个文件复制到客户端的 $HOME/.ssh 目录下即可。
登录服务器。在客户端上输入以下命令,即可登录服务器。
$ ssh 192.168.0.2 常见问题
2008-12-11更新
Q: cygrunsrv -S sshd不能启动,报告
cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error 1062:
The service has not been started.
A: 很可能是/var/log的权限设置不正确。首先执行 mkpasswd 和 mkgroup 重新生成权限信息,再删除sshd服务,重新配置:
$ mkpasswd -l > /etc/passwd
$ mkgroup -l > /etc/group
$ cygrunsrv -R sshd
$ ssh-host-config -y
$ cygrunsrv -S sshd
Q: 用公钥登录时老是说Permission denied (publickey).,怎么办?
A: 可以在Windows的事件日志(我的电脑->右键->管理->事件查看器)中看到sshd产生的错误信息。常见的问题是 .ssh/authorized_keys权限设置不正确,该文件必须设置为 0644 才能正常登录
chmod 600 authorized_keys #修改文件属性使之生效(注:属性值大于600时该文件无效)
cd /home/youname/.ssh #转到 .ssh隐含目录
#########
#######
#######
#######
#######
#######
#######
#######
#######
#######
##
我遇到的问题
sshd服务无法开启?
解决,按照上面的提示
1)对/var/log目录 赋权
2)执行用户映射
3)删除sshd服务
4)配置sshd服务
5)开启sshd服务
1)对/var/log目录 赋权
Administrator@8a0dbeec9a074e1 /var
$ ls -rlat log
total 7284
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache2
drwxrwxrwx 1 SYSTEM Administrators 0 Oct 23 17:59 exim
drwxr-xr-x 1 Administrator Administrators 0 Oct 24 20:06 squid
-rwxrwxrwx 1 Administrator None 0 Oct 24 20:48 setup.log.postin
stallXa05528
-rwxr--r--+ 1 Administrator None 0 Oct 26 08:36 wtmp
-rw-r--r--+ 1 Administrator None 0 Oct 26 08:37 messages
drwxr-xr-x 1 Administrator Administrators 0 Oct 26 08:44 ..
-rw-r--r-- 1 Administrator None 0 Oct 26 11:20 lastlog
-rw-r--r-- 1 Administrator None 1257 Oct 26 13:51 setup.log.full
-rw-r--r-- 1 Administrator None 7449455 Oct 26 13:51 setup.log
drwxrwxrwx+ 1 Administrator Administrators 0 Oct 27 21:24 .
-rw-r--r-- 1 SYSTEM Administrators 1050 Oct 28 17:37 sshd.log
Administrator@8a0dbeec9a074e1 /var
$ chown Administrator:Administrators /log
Administrator@8a0dbeec9a074e1 /var/log
$ ls -rlt
total 7284
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache2
drwxrwxrwx 1 SYSTEM Administrators 0 Oct 23 17:59 exim
drwxr-xr-x 1 Administrator Administrators 0 Oct 24 20:06 squid
-rwxrwxrwx 1 Administrator None 0 Oct 24 20:48 setup.log.postin
stallXa05528
-rwxr--r--+ 1 Administrator None 0 Oct 26 08:36 wtmp
-rw-r--r--+ 1 Administrator None 0 Oct 26 08:37 messages
-rw-r--r-- 1 Administrator None 0 Oct 26 11:20 lastlog
-rw-r--r-- 1 Administrator None 1257 Oct 26 13:51 setup.log.full
-rw-r--r-- 1 Administrator None 7449455 Oct 26 13:51 setup.log
-rw-r--r-- 1 SYSTEM Administrators 1050 Oct 28 17:37 sshd.log
Administrator@8a0dbeec9a074e1 /var/log
$ chown -R Administrator:Administrators *
Administrator@8a0dbeec9a074e1 /var/log
$ ls -rtl
total 7284
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache2
drwxrwxrwx 1 Administrator Administrators 0 Oct 23 17:59 exim
drwxr-xr-x 1 Administrator Administrators 0 Oct 24 20:06 squid
-rwxrwxrwx 1 Administrator Administrators 0 Oct 24 20:48 setup.log.postin
stallXa05528
-rwxr--r--+ 1 Administrator Administrators 0 Oct 26 08:36 wtmp
-rw-r--r--+ 1 Administrator Administrators 0 Oct 26 08:37 messages
-rw-r--r-- 1 Administrator Administrators 0 Oct 26 11:20 lastlog
-rw-r--r-- 1 Administrator Administrators 1257 Oct 26 13:51 setup.log.full
-rw-r--r-- 1 Administrator Administrators 7449455 Oct 26 13:51 setup.log
-rw-r--r-- 1 Administrator Administrators 1050 Oct 28 17:37 sshd.log
Administrator@8a0dbeec9a074e1 /var/log
Administrator@8a0dbeec9a074e1 /var/log
$ cd ~
2)执行用户映射
通过wnidows建用户然后更新passwd
- root@2012-0521-2127 ~
- $ mkpasswd -l > /etc/passwd
- Administrator@8a0dbeec9a074e1 ~
- $ mkgroup -l > /etc/group
cygwin 下如何建立用户账户.(域环境)站
1. 在域里建立一个账户normal
2. 在需要ssh登录的主机上,配置好cygwin和sshd
3.使用mkpasswd -l > /etc/passwd 来建立local password条目,别忘记先备份一下
3.是用mkpasswd -d -u normal >> /etc/passwd 在passwd里追加一个域用户. -d 表示domain
4.如果这个时候登录,不会成功,因为里面gid还不在group文件里呢.需要这样mkgroup -d >> /etc/group,把用户所在的组gid也添加进去
5.其实意思就是,利用mkpasswd来添加用户,可以是本地的也可以是域里的,利用mkgroup添加用户相应的组信息能识别
6.域用户如果在本地组里,也就是说混合用也可以
3)删除sshd服务
Administrator@8a0dbeec9a074e1 ~
$ cygrunsrv -R sshd
4)配置sshd服务
Administrator@8a0dbeec9a074e1 ~
$ ssh-host-config -y
*** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/READ
ME.privsep.
*** Query: Should privilege separation be used? (yes/no) yes
*** Info: Updating /etc/sshd_config file
*** Query: Overwrite existing /etc/inetd.d/sshd-inetd file? (yes/no) yes
*** Info: Creating default /etc/inetd.d/sshd-inetd file
*** Info: Updated /etc/inetd.d/sshd-inetd
*** Warning: The following functions require administrator privileges!
*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: The sshd service has been installed under the LocalSystem
*** Info: account (also known as SYSTEM). To start the service now, call
*** Info: `net start sshd' or `cygrunsrv -S sshd'. Otherwise, it
*** Info: will start automatically after the next reboot.
*** Info: Host configuration finished. Have fun!
5)开启sshd服务并使用
- root@2012-0521-2127 ~
- $ sygrunsrv -S sshd
- -bash: sygrunsrv: command not found
-
- root@2012-0521-2127 ~
- $ cygrunsrv -S sshd
-
- root@2012-0521-2127 ~
- $ ps -ef | grep sshd
- SYSTEM 4048 3564 ? 21:26:52 /usr/sbin/sshd
- SYSTEM 3564 2744 ? 21:21:28 /usr/sbin/sshd
-
- root@2012-0521-2127 ~
- $ ssh localhost -l root
- The authenticity of host 'localhost (127.0.0.1)' can't be established.
- ECDSA key fingerprint is b4:be:19:39:1c:80:e5:d2:18:82:8d:e4:2f:71:ea:85.
- Are you sure you want to continue connecting (yes/no)? yes
- Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
- root@localhost's password:
- Last login: Sat Aug 4 21:26:55 2012 from localhost
- root@2012-0521-2127 ~