Fight for the Internet 1!

Saturday, February 21, 2009

SSH for Windows

How to get SSH to work on Windows

We are going to use Cygwin's SSH package. Briefly, Cygwin is a Linux-like environment for Windows. It consists of two parts:
  • A collection of tools which provide Linux look and feel.
  • A DLL (cygwin1.dll) which acts as a Linux API emulation layer providing substantial Linux API functionality.
Setup SSH in Windows

This guide should work for most Windows. It has been tested on Windows XP, 2000, and Vista.
  1. Download and install Cygwin. Note, if your selected download server is slow, try different one. There are good ones out there.
  2. When selecting the packages to install, make sure to include the following:
    SSH (Net/openssh).
    May also need zLib and TCP_Wrappers (both in Net).
    Be sure to install a good console text editor (Vim or Emacs or whatever).
  3. Set permissions for your SSH daemon configuration files.
    By default, Cygwin sets the file permissions to 600, so you cannot write to anything.
    To change this, you can set the group for the file, or set the permissions:
    chmod ago+w /etc/sshd_config
    or
    chgrp $USER /etc/sshd_config
  4. Next, open the file /etc/sshd_config in your text editor. Set the options as you like. I suggest a non-standard port in the thousands.
  5. Set permissions for HOST DENY/ALLOW configuration files
    By default, Cygwin sets the file permissions to 600, so you cannot write to anything. To change this, you can set the group for the file, or set the permissions:
    chmod ago+w /etc/host.allow
    or
    chgrp $USER /etc/host.allow
  6. Open the /etc/host.allow in a text editor. Make sure you allow sshd with something like this:
    sshd: ALL
    IMPORTANT: If you see a line that looks like:
    ALL : PARANOID : deny

    You MUST remove or comment-out that line.
    Save the file and close it.
  7. Restart SSH Daemon via 'services sshd restart'
  8. Firewall Configuration
    You need to enable an exception through the Windows Firewall for the SSH Port you are going to use.

    Control Panel -> Windows Firewall -> Exceptions : Add Port

    IMPORTANT: Make sure you ALLOW exceptions, as Windows frequently disables them in the firewall by default.

    You may also need to enable an network rule or exception in any other firewall software you use, such as Ghostwall or Zone Alarm.

TROUBLE SHOOTING

PATH Environmental Variables:

You may need to set your Windows PATH variable to include the cygwin executables.

Go to:
Control Panel -> System -> Advanced -> Environmental Variables.

Find the PATH variable and append c:\cygwnin\bin; or wherever you installed cygwin.

CYGWIN Environmental Variable:

Go to:
Control Panel -> System -> Advanced -> Environmental Variables.

Find the CYGWIN variable. If you cannot find it, create it.

Set the value to: ntsec tty

No comments:

Post a Comment