整个就是一个很奇怪的过程。。。:-((犯了很多经验主义和想当然的错误)
安装Cygwin过程中,选择OpenSSH包。安装完成后,运行ssh -V,查看版本无误。运行
ssh localhost
发生错误:ssh: connect to host localhost port 22: Connection refused
因为Cygwin只是自动安装了客户端,服务端没有安装启动,ssh的服务端是作为windows的一个名为sshd的services存在的。
安装服务端,在Cygwin Shell下运行
ssh-host-config
这个发生的奇怪问题就更多了:
1、第一次提示要创建新账户,然后有提示没权限。退出,在win7下用【以管理员身份运行】cygwin。然后这个问题没有了(其实这时就应该仔细看cygwin的提示,就不会发生以下的曲折过程)。
2、在windows服务管理器中启动sshd服务失败。通过win7的服务管理器查看,cygwin sshd服务确实安装上了,但是没有启动。所以,点击启动,但是启动失败。查看var/log/sshd.log日志文件,发现提示启动错误原因是:
/var/empty must be owned by root and not group or world-writable.
于是按提示去修改/var/empty的所属用户。
chown root empty
3、 发生错误,提示没有root用户。因为cygwin用的是当前windows登录的用户(Cygwin中能看到的用户都是windows中的用户,如果没 有创建过root用户,当然就没有。)所以,到windows中创建root,然后继续执行chown root empty(注意执行这个命令要求cygwin是以管理者身份运行的,否者提示权限不足)。修改成功。
4、继续启动服务,仍然失败,log中还是一样的错误信息。于是google,终于找到一个解决方法。其实是提示信息有误导,因为在windows下,其实SYSTEM账号才是和linux下的root相似的,而不是我们自己创建的root。所以,重新修改权限
chown SYSTEM.None empty
再次启动服务:$ cygrunsrv -S sshd (删除服务是 $ cygrunsrv -R sshd) 终于见到了可爱的河马画面(这个应该是河马吧#¥%&&……)(为了这个问题折腾了整整半天。。。)
后记:
出了问题要学会看log,这比漫无目的的google好,因为把log里的错误在google上搜索要定位准确。
但是,log不是万能的,有些log内容不准确容易误导,就像这个错误,这时候,一定要google了
===================================================================
如果卸载过, 重新安装,会有以下提示( 我第一次想当然的选择 *** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'cyg_server'? (yes/no) no 这两个回答no,其他yes即可----这就是杯具的伏笔。。。耐心往后看吧。。。)
操作也在以管理员身份运行的Cygwin中完成,否则服务会安装失败。
$ ssh-host-config
*** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/READ
ME.privsep.
*** Query: Should privilege separation be used? (yes/no) yes
*** Info: Updating /etc/sshd_config file
*** Query: Overwrite existing /etc/inetd.d/sshd-inetd file? (yes/no) yes
*** Info: Creating default /etc/inetd.d/sshd-inetd file
*** Info: Updated /etc/inetd.d/sshd-inetd
*** Warning: The following functions require administrator privileges!
*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires. You need to have or to create a privileged
*** Info: account. This script will help you do so.
*** Info: You appear to be running Windows 2003 Server or later. On 2003
*** Info: and later systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).
*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.
*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.
*** Info: No privileged account could be found.
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'cyg_server'? (yes/no) no
*** ERROR: There was a serious problem creating a privileged user.
*** Query: Do you want to proceed anyway? (yes/no) yes
*** Warning: Expected privileged user 'cyg_server' does not exist.
*** Warning: Defaulting to 'SYSTEM'
*** Info: The sshd service has been installed under the LocalSystem
*** Info: account (also known as SYSTEM). To start the service now, call
*** Info: `net start sshd' or `cygrunsrv -S sshd'. Otherwise, it
*** Info: will start automatically after the next reboot.
*** Info: Host configuration finished. Have fun!
pwzfb@pwzfb-PC ~
$ cygrunsrv -S sshd
===================================================================================
耐心的看到这了吗,更多的问题又来了。虽然sshd服务启动了,但随后在使用ssh-keygen搭建无密码登陆环境中出错了
% ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
% cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
以上两个命令创建了无密码登陆的公钥(具体原理参看:OpenSSH 密钥管理)运行ssh localhost 或者 ssh 127.0.0.1 登陆本机,杯具又一次发生,总是发生:Connection closed by $hostname这样的错误。
首先确认在没有无密码登陆的情况下是否能够ssh登陆成功,先删除刚才在home用户目录下创建的.ssh文件夹及其下的文件,然后用ssh localhost登陆,没有问题。一旦使用key authentication无密码登陆时,就发生错误。
又 犯了寻找问题根源的错误,用Connection closed by ,cygen,ssh localhost等作为关键字遍搜google,文章无数,解决方案繁多,但是没有一个有效,主要是说 hosts.allow,hosts.deny,ssh_config等文件需要修改的问题,我是改了一遍又一遍没有效果。
。。。。
最 后思考,使用sshd服务登陆失败,在windows的事件管理器中应该有log呀,清空原先的log,执行ssh localhost指令,果然发现一条错误log,大概是:seteuid *****: Permission denied 。应该是服务没有某项设置用户的权限,于是循着这个线索为关键字,继续找google。
先想到我用的家庭高级版win7没有启动administrator用户,于是F8到安全模式,运行net user administrator /active:yes 激 活超户,然后用此用户登录执行cygwin重设无密码登陆环境,问题依旧。(其实想想根本不用这么费事,用以管理员身份运行cygwin不就等同于登录 administrator运行cygwin吗,当时也是晕了。而且这也是想当然的错误,因为在服务管理器中可以看到,sshd服务运行在本地系统这个内 置账号下,其实与我登陆的账户没有关系。。。权限不足也是指运行服务的这个本地系统账户(即SYSTEM)权限不足。)
后来在google上看到cygwin的一个官方mail问答。终于找到答案。参考Installing the Cygwin SSH daemon 。问题关键就是一个特殊的权限问题,在SYSTEM账户下运行的sshd服务需要有改变user id的特权(关于权限的问题,在cygwin的/usr/share/doc/Cygwin/openssh.README 中已经说得很明确了:2003 Server has a funny new feature. When starting services under SYSTEM account, these services have nearly all user rights which SYSTEM holds...except for the "Create a token object" right, which is needed to allow public key authentication :-( )。所以事件日志会有seteuid的错误。
至于解决方案,就是让cygwin帮你创建两个特殊用户sshd和cyg_server,其中sshd服务在cyg_server用户下运行,cyg_server有相应的权限(在/usr/share/doc/Cygwin/openssh.README 中也有说明)。
。。。。。
后记的后记:
问 题是解决了,但是当我按步骤重新操作时才发现,运行ssh-host-config时给的提示非常明确,但是自己犯经验主义错误(因为之前在Red hat Linux下安装不会存在这些提示和问题,因为linux的root用户有足够的权限),根本没有仔细看,遗漏了这么明确和重要的提示,走了很多弯路才成 功,哎。。。教训啊。。
......
*** Info: Creating default /etc/inetd.d/sshd-inetd file
*** Info: Updated /etc/inetd.d/sshd-inetd
*** Warning: The following functions require administrator privileges!
*** Query: Do you want to install sshd as a service?
yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires. You need to have or to create a privileged
*** Info: account. This script will help you do so.
*** Info: You appear to be running Windows 2003 Server or later. On 2003
*** Info: and later systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).
*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.
*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.
*** Info: No privileged account could be found.
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'cyg_server'? (yes/no) yes
*** Info: Please enter a password for new user cyg_server. Please be sure
*** Info: that this password matches the password rules given on your system.
*** Info: Entering no password will exit the configuration.
*** Query: Please enter the password:
*** Query: Reenter:
*** Info: User 'cyg_server' has been created with password '*****'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'cyg_server' account.
*** Info: Also keep in mind that the user 'cyg_server' needs read permissions
*** Info: on all users' relevant files for the services running as 'cyg_server'.
*** Info: In particular, for the sshd server all users' .ssh/authorized_keys
*** Info: files must have appropriate permissions to allow public key
*** Info: authentication. (Re-)running ssh-user-config for each user will set
*** Info: these permissions corrently. [Similary restrictions apply, for
*** Info: instance, for .rhosts files if the rshd server is running, etc].
*** Info: The sshd service has been installed under the 'cyg_server'
*** Info: account. To start the service now, call `net start sshd' or
*** Info: `cygrunsrv -S sshd'. Otherwise, it will start automatically
*** Info: after the next reboot.
*** Info: Host configuration finished. Have fun!
相关推荐
本文将详细介绍如何在Windows环境下使用Cygwin运行并启动Autossh服务,以确保SSH连接的稳定性和持久性。 **什么是Cygwin?** Cygwin是一款开源软件,它为Windows系统提供了类Unix的开发环境和命令行接口。Cygwin...
- [Cygwin 上安装、启动 ssh 服务失败、ssh localhost 失败的解决方案](http://pwcrab.blog.163.com/blog/static/16990382220107267443810/) - [如何在 Cygwin 中安装并配置 SSH]...
win8 上还是用32位的 cygwin吧,64位的cygwin 无法运行"ssh localhost
在Windows操作系统上搭建Hadoop开发环境,通常会借助于Cygwin模拟Linux环境,并通过Eclipse作为集成开发环境。本文将详细介绍如何在Windows 7 32位系统中使用Cygwin和Eclipse来构建一个Hadoop的单机开发环境。 首先...
本教程将详细解释这个过程,并着重解决一个常见的问题——Cygwin SSHD服务启动失败。 首先,我们需要理解Hadoop是什么。Hadoop是一个开源框架,用于处理和存储大量数据,它采用了分布式计算模型,使得数据可以在多...
- **启用SSH服务**:通过运行`ssh-host-config`并全部选择Yes来启动Cygwin的SSH服务。确保Cygwin配置为`ntsec`模式,并通过`net start sshd`命令启动SSH服务。 - **生成密钥对**: - **方法A**:使用Cygwin内置的`...
本文将详细介绍如何在Windows环境中搭建Hadoop,并在Vista或Win7系统上安装SSH服务,以便远程管理和操作Hadoop集群。 首先,Hadoop是Apache开源项目,主要用于处理和存储大量数据,其核心包括HDFS(Hadoop ...
### Windows 下安装 Hadoop 的详细步骤 #### 一、Cygwin 安装与配置 ...此外,对于 Cygwin 的安装和配置,以及 SSH 服务的启动和测试,都需要仔细检查每一步是否正确完成。这些准备工作是成功安装 Hadoop 的基础。
- 安装并启动SSH服务:在所有机器上运行`sudo apt-get install ssh`和`sudo apt-get install rsync`。 - 生成SSH密钥对:在每个节点上运行`ssh-keygen -t rsa`,这会在~/.ssh目录下生成id_rsa(私钥)和id_rsa.pub...
在Windows上搭建Hadoop+Eclipse开发环境是一项重要的工作,它涉及到多个步骤,包括JDK、Cygwin、SSHD服务、Hadoop的安装与配置,以及Eclipse插件的安装。以下是对这些步骤的详细说明: 1. **安装JDK**:首先需要...
- 在Windows服务管理器中启动CYGWIN sshd服务。 4. **配置SSH登录** - 运行`ssh-keygen`生成密钥对,一路回车即可。 - 使用`cp id_rsa.pub authorized_keys`命令将公钥复制到authorized_keys文件。 - 退出并...
【描述】: "本教程详细讲解在Windows 7操作系统中如何安装Hadoop,并配置Eclipse进行MapReduce程序的调试,涵盖可能出现的问题及其解决方案。" 【知识点详解】: 在Windows 7上安装Hadoop并使用Eclipse进行...
如果配置了SSH,还可以通过`ssh localhost rsync --daemon`启动,并通过SSH进行远程同步。 7. **使用rsync**:现在你可以开始使用rsync命令了。例如,`rsync -avz /src/path /dest/path`会将`/src/path`下的文件和...