`

cygwin上安装、启动ssh服务失败、ssh localhost失败的解决方案(转)

 
阅读更多

整个就是一个很奇怪的过程。。。:-((犯了很多经验主义和想当然的错误)

 

安装Cygwin过程中,选择OpenSSH包。安装完成后,运行ssh -V,查看版本无误。运行

ssh localhost

发生错误:ssh: connect to host localhost port 22: Connection refused

因为Cygwin只是自动安装了客户端,服务端没有安装启动,ssh的服务端是作为windows的一个名为sshd的services存在的。

安装服务端,在Cygwin Shell下运行

ssh-host-config

这个发生的奇怪问题就更多了:

1、第一次提示要创建新账户,然后有提示没权限。退出,在win7下用【以管理员身份运行】cygwin。然后这个问题没有了(其实这时就应该仔细看cygwin的提示,就不会发生以下的曲折过程)。

2、在windows服务管理器中启动sshd服务失败。通过win7的服务管理器查看,cygwin sshd服务确实安装上了,但是没有启动。所以,点击启动,但是启动失败。查看var/log/sshd.log日志文件,发现提示启动错误原因是:

/var/empty must be owned by root and not group or world-writable.

于是按提示去修改/var/empty的所属用户。

chown root empty

3、 发生错误,提示没有root用户。因为cygwin用的是当前windows登录的用户(Cygwin中能看到的用户都是windows中的用户,如果没 有创建过root用户,当然就没有。)所以,到windows中创建root,然后继续执行chown root empty(注意执行这个命令要求cygwin是以管理者身份运行的,否者提示权限不足)。修改成功。

4、继续启动服务,仍然失败,log中还是一样的错误信息。于是google,终于找到一个解决方法。其实是提示信息有误导,因为在windows下,其实SYSTEM账号才是和linux下的root相似的,而不是我们自己创建的root。所以,重新修改权限

chown SYSTEM.None empty

再次启动服务:$ cygrunsrv -S sshd  删除服务是 $ cygrunsrv -R sshd)  终于见到了可爱的河马画面(这个应该是河马吧#¥%&&……)(为了这个问题折腾了整整半天。。。)

 

后记

出了问题要学会看log,这比漫无目的的google好,因为把log里的错误在google上搜索要定位准确。

但是,log不是万能的,有些log内容不准确容易误导,就像这个错误,这时候,一定要google了

===================================================================

如果卸载过, 重新安装,会有以下提示( 我第一次想当然的选择  *** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'cyg_server'? (yes/no) no   
这两个回答no,其他yes即可----这就是杯具的伏笔。。。耐心往后看吧。。。)

操作也在以管理员身份运行的Cygwin中完成,否则服务会安装失败。

$ ssh-host-config
*** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/READ
ME.privsep.
*** Query: Should privilege separation be used? (yes/no) yes
*** Info: Updating /etc/sshd_config file
*** Query: Overwrite existing /etc/inetd.d/sshd-inetd file? (yes/no) yes
*** Info: Creating default /etc/inetd.d/sshd-inetd file
*** Info: Updated /etc/inetd.d/sshd-inetd


*** Warning: The following functions require administrator privileges!

*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires.  You need to have or to create a privileged
*** Info: account.  This script will help you do so.

*** Info: You appear to be running Windows 2003 Server or later.  On 2003
*** Info: and later systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).

*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.

*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.

*** Info: No privileged account could be found.

*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'cyg_server'? (yes/no) no
*** ERROR: There was a serious problem creating a privileged user.
*** Query: Do you want to proceed anyway? (yes/no) yes
*** Warning: Expected privileged user 'cyg_server' does not exist.
*** Warning: Defaulting to 'SYSTEM'

*** Info: The sshd service has been installed under the LocalSystem
*** Info: account (also known as SYSTEM). To start the service now, call
*** Info: `net start sshd' or `cygrunsrv -S sshd'.  Otherwise, it
*** Info: will start automatically after the next reboot.

*** Info: Host configuration finished. Have fun!

 

pwzfb@pwzfb-PC ~
$ cygrunsrv -S sshd

 

===================================================================================

耐心的看到这了吗,更多的问题又来了。虽然sshd服务启动了,但随后在使用ssh-keygen搭建无密码登陆环境中出错了

% ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
% cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

以上两个命令创建了无密码登陆的公钥(具体原理参看OpenSSH 密钥管理运行ssh localhost 或者 ssh 127.0.0.1 登陆本机,杯具又一次发生,总是发生:Connection closed by $hostname这样的错误。

首先确认在没有无密码登陆的情况下是否能够ssh登陆成功,先删除刚才在home用户目录下创建的.ssh文件夹及其下的文件,然后用ssh localhost登陆,没有问题。一旦使用key authentication无密码登陆时,就发生错误。

又 犯了寻找问题根源的错误,用Connection closed by ,cygen,ssh localhost等作为关键字遍搜google,文章无数,解决方案繁多,但是没有一个有效,主要是说 hosts.allow,hosts.deny,ssh_config等文件需要修改的问题,我是改了一遍又一遍没有效果。

。。。。

最 后思考,使用sshd服务登陆失败,在windows的事件管理器中应该有log呀,清空原先的log,执行ssh localhost指令,果然发现一条错误log,大概是:seteuid *****: Permission denied 。应该是服务没有某项设置用户的权限,于是循着这个线索为关键字,继续找google。

先想到我用的家庭高级版win7没有启动administrator用户,于是F8到安全模式,运行net user administrator /active:yes 激 活超户,然后用此用户登录执行cygwin重设无密码登陆环境,问题依旧。(其实想想根本不用这么费事,用以管理员身份运行cygwin不就等同于登录 administrator运行cygwin吗,当时也是晕了。而且这也是想当然的错误,因为在服务管理器中可以看到,sshd服务运行在本地系统这个内 置账号下,其实与我登陆的账户没有关系。。。权限不足也是指运行服务的这个本地系统账户(即SYSTEM)权限不足。)

 

Cygwin上安装、启动ssh服务失败、ssh localhost失败的解决方案 - 并刀如水 - 并刀如水
 

后来在google上看到cygwin的一个官方mail问答。终于找到答案。参考Installing the Cygwin SSH daemon 。问题关键就是一个特殊的权限问题,在SYSTEM账户下运行的sshd服务需要有改变user id的特权(关于权限的问题,在cygwin的/usr/share/doc/Cygwin/openssh.README 中已经说得很明确了:2003 Server has a funny new feature.  When starting services under SYSTEM  account, these services have nearly all user rights which SYSTEM holds...except for the "Create a token object" right, which is needed to allow public key authentication :-( )。所以事件日志会有seteuid的错误。

至于解决方案,就是让cygwin帮你创建两个特殊用户sshd和cyg_server,其中sshd服务在cyg_server用户下运行,cyg_server有相应的权限(在/usr/share/doc/Cygwin/openssh.README 中也有说明)。

。。。。。

后记的后记:

问 题是解决了,但是当我按步骤重新操作时才发现,运行ssh-host-config时给的提示非常明确,但是自己犯经验主义错误(因为之前在Red hat Linux下安装不会存在这些提示和问题,因为linux的root用户有足够的权限),根本没有仔细看,遗漏了这么明确和重要的提示,走了很多弯路才成 功,哎。。。教训啊。。

......
*** Info: Creating default /etc/inetd.d/sshd-inetd file
*** Info: Updated /etc/inetd.d/sshd-inetd


*** Warning: The following functions require administrator privileges!

*** Query: Do you want to install sshd as a service?
yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires.  You need to have or to create a privileged
*** Info: account.  This script will help you do so.

*** Info: You appear to be running Windows 2003 Server or later.  On 2003
*** Info: and later systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).

*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.

*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.

*** Info: No privileged account could be found.

*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'cyg_server'? (yes/no) yes
*** Info: Please enter a password for new user cyg_server.  Please be sure
*** Info: that this password matches the password rules given on your system.
*** Info: Entering no password will exit the configuration.
*** Query: Please enter the password:
*** Query: Reenter:

*** Info: User 'cyg_server' has been created with password '*****'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'cyg_server' account.

*** Info: Also keep in mind that the user 'cyg_server' needs read permissions
*** Info: on all users' relevant files for the services running as 'cyg_server'.

*** Info: In particular, for the sshd server all users' .ssh/authorized_keys
*** Info: files must have appropriate permissions to allow public key
*** Info: authentication. (Re-)running ssh-user-config for each user will set
*** Info: these permissions corrently. [Similary restrictions apply, for
*** Info: instance, for .rhosts files if the rshd server is running, etc].


*** Info: The sshd service has been installed under the 'cyg_server'
*** Info: account.  To start the service now, call `net start sshd' or
*** Info: `cygrunsrv -S sshd'.  Otherwise, it will start automatically
*** Info: after the next reboot.

*** Info: Host configuration finished. Have fun!

 
分享到:
评论

相关推荐

    使用cygwin 运行启动autossh服务

    本文将详细介绍如何在Windows环境下使用Cygwin运行并启动Autossh服务,以确保SSH连接的稳定性和持久性。 **什么是Cygwin?** Cygwin是一款开源软件,它为Windows系统提供了类Unix的开发环境和命令行接口。Cygwin...

    win7下Cygwin搭建Hadoop开发环境

    - [Cygwin 上安装、启动 ssh 服务失败、ssh localhost 失败的解决方案](http://pwcrab.blog.163.com/blog/static/16990382220107267443810/) - [如何在 Cygwin 中安装并配置 SSH]...

    32位的 cygwin 安装文件

    win8 上还是用32位的 cygwin吧,64位的cygwin 无法运行"ssh localhost

    Cygwin+Eclipse搭建Hadoop单机开发环境离线包-cygwin-setup

    在Windows操作系统上搭建Hadoop开发环境,通常会借助于Cygwin模拟Linux环境,并通过Eclipse作为集成开发环境。本文将详细介绍如何在Windows 7 32位系统中使用Cygwin和Eclipse来构建一个Hadoop的单机开发环境。 首先...

    在Windows上安装Hadoop教程

    本教程将详细解释这个过程,并着重解决一个常见的问题——Cygwin SSHD服务启动失败。 首先,我们需要理解Hadoop是什么。Hadoop是一个开源框架,用于处理和存储大量数据,它采用了分布式计算模型,使得数据可以在多...

    Cygwin_初始配置.pdf

    - **启用SSH服务**:通过运行`ssh-host-config`并全部选择Yes来启动Cygwin的SSH服务。确保Cygwin配置为`ntsec`模式,并通过`net start sshd`命令启动SSH服务。 - **生成密钥对**: - **方法A**:使用Cygwin内置的`...

    Windows上安装Hadoop

    本文将详细介绍如何在Windows环境中搭建Hadoop,并在Vista或Win7系统上安装SSH服务,以便远程管理和操作Hadoop集群。 首先,Hadoop是Apache开源项目,主要用于处理和存储大量数据,其核心包括HDFS(Hadoop ...

    windows安装hadoop

    ### Windows 下安装 Hadoop 的详细步骤 #### 一、Cygwin 安装与配置 ...此外,对于 Cygwin 的安装和配置,以及 SSH 服务的启动和测试,都需要仔细检查每一步是否正确完成。这些准备工作是成功安装 Hadoop 的基础。

    Hadoop的安装.pdf

    - 安装并启动SSH服务:在所有机器上运行`sudo apt-get install ssh`和`sudo apt-get install rsync`。 - 生成SSH密钥对:在每个节点上运行`ssh-keygen -t rsa`,这会在~/.ssh目录下生成id_rsa(私钥)和id_rsa.pub...

    在windows上建立hadoop+eclipse开发环境

    在Windows上搭建Hadoop+Eclipse开发环境是一项重要的工作,它涉及到多个步骤,包括JDK、Cygwin、SSHD服务、Hadoop的安装与配置,以及Eclipse插件的安装。以下是对这些步骤的详细说明: 1. **安装JDK**:首先需要...

    windows上建立hadoop+eclipse开发环境

    - 在Windows服务管理器中启动CYGWIN sshd服务。 4. **配置SSH登录** - 运行`ssh-keygen`生成密钥对,一路回车即可。 - 使用`cp id_rsa.pub authorized_keys`命令将公钥复制到authorized_keys文件。 - 退出并...

    win7安装hadoop及eclipse调试mapreduce的配置方法

    【描述】: "本教程详细讲解在Windows 7操作系统中如何安装Hadoop,并配置Eclipse进行MapReduce程序的调试,涵盖可能出现的问题及其解决方案。" 【知识点详解】: 在Windows 7上安装Hadoop并使用Eclipse进行...

    rsync相关文件.7z

    如果配置了SSH,还可以通过`ssh localhost rsync --daemon`启动,并通过SSH进行远程同步。 7. **使用rsync**:现在你可以开始使用rsync命令了。例如,`rsync -avz /src/path /dest/path`会将`/src/path`下的文件和...

Global site tag (gtag.js) - Google Analytics