Back to Alexis' home page
[for a fast recap, see at the end]
Today I decided to install sshd (the SSH server) on my Win2k
box. A friend of mine gave me a link to this page:
which describes pretty well the steps to follow to install the
SSH server and stick it as a service in your Services window.
It didn't work.mistery solved!
I'm a geek. I looked into the problem all by myself.
The very first problem was that somehow the two extra packages
that you have to have installed were not. These are:
* Note that zlib is installed by default by cygwin Base and thus
I did not have to add it.
So, I had to go twice in the Setup.exe to get these to install.
Somehow, the openssl was auto-selected when I selected openssh
so I left it there.
I added the system wide environment variables (that's for when
you reboot in case you were wondering...) Notice that the
doc there says to stick ";c:\cygwin\bin" at the end of your
Path variable. I actually put the correct path to my Cygwin
install which is somewhere else. So should you if you don't
have Cygwin in the default dirs.
Point 5 is... run to ssh-host-config script. That's a big
mess (the script itself.) But that's because Microsoft changes
things all the time even between minor versions. So don't blame
The script will mostly run... except that for me it did not create
the sshd user and thus it could not install the sshd service. In
other words, it was not very useful. I had to read the script to
see what it was doing...
I runs net add user ... or something like that to create a
new user. The problem is: if you do not have that net command
available, it won't work. I'm not too sure whether that net command
is supposed to be a Windows command which somehow is not in my
path or a Cygwin command which is not installed by default or the
Anyhow, I created the user by hand going in the administration
tools and doing an Add User. The user has no privileges and you cannot
login as sshd. To do that I go in:
Control Panel\Administrative Tools\Computer Management
This tools shows a list of things you can look at, among them you
System Tools\Local Users and Group\Users
You will need to open up what is currently closed. Then right click in
the list of users and select New User.... In that window, set
the User Name to sshd, the Full Name to whatever you'd like, the
description is left to your discretion, no password, clear the
User must change password at next login, then set User cannot
change password and Password never expires and Account
is disabled. This last one is what prevents people from using
the sshd account to logon to your computer.
Then next I could run the Cygwin command to start the service
and later to register it. That's done with the cygrunsrv.
You can try cygrunsrv -Q sshd to see whether sshd is
properly installed as a service and whether it is currently
running. By the way, the service is named "CYGWIN sshd", that's
important if you search for it in your Services window. You
can open that Services tool from:
Control Panel\Administrative Tools\Services
Also, in a standard MS-Windows DOS window you can type:
to see whether someone is listening on port 22 (or whatever you
set it too... the ssh-host-config can be used to define
a different port with the --port option.)
The fast recap:
1. make sure that openssh and tcp_wrappers get
2. run ssh-host-config a few times, the second time don't
hesitate to say "replace existing files"
3. create a new user named 'sshd' with no password, and not
active (i.e. you cannot logon as sshd)
4. re-run ssh-host-config or use the cygrunsrv
command to start the server and eventually make it permanent
(see the help with --help on the command line)
The mystery is resolved:
The net.exe command is actually a MS-Windows command (I thought
maybe it was, but well...) So my... why did that break for me
then? Ha! Because I have a HOME environment variable in my
Computer Advanced Setup which points to my MinGW environment
and Cygwin uses it to load a MinGW .bashrc which messes up
the PATH variable. (MinGW uses /c/... where Cygwin uses
Anyway, my install works, good luck to you! 8-}
Back to Alexis' home page