加入收藏 | 设为首页 | 会员中心 | 我要投稿 南京站长网 (https://www.025zz.com.cn/)- 科技、建站、经验、云计算、5G、大数据,站长网!
当前位置: 首页 > 服务器 > 搭建环境 > Windows > 正文

为什么ssh-host-config在Windows 8.1上的Cygwin中创建了两个用户

发布时间:2021-02-27 22:05:26 所属栏目:Windows 来源:网络整理
导读:副标题#e# 在尝试解决在 Windows 8.1上使用Cygwin SSH的一些问题时,我想知道为什么ssh-host-config脚本创建两个从头开始配置OpenSSH的新帐户? (这有必要吗?) 当使用默认选择权限升级和服务安装时,这两个帐户是:cyg_server和sshd.我理解第一个仅用于启动C
副标题[/!--empirenews.page--]

在尝试解决在 Windows 8.1上使用Cygwin SSH的一些问题时,我想知道为什么ssh-host-config脚本创建两个从头开始配置OpenSSH的新帐户? (这有必要吗?)

当使用默认选择权限升级和服务安装时,这两个帐户是:cyg_server和sshd.我理解第一个仅用于启动Cygwin SSHd服务,但我不理解第二个的功能.我搜索了Cygwin的档案,唯一的开发人员解释是“因为它的目的是为了这么做.”还建议不要将它们用于实际登录.

这是我的安装:

-----------------------------------------------------------
ssh-keygen: generating new host keys: RSA1 RSA DSA ECDSA ED25519
*** Info: Creating default /etc/ssh_config file
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However,this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep.
*** Query: Should privilege separation be used? (yes/no) yes
*** Info: Note that creating a new user requires that the current account have
*** Info: Administrator privileges.  Should this script attempt to create a
*** Query: new local account 'sshd'? (yes/no) yes
*** Info: Updating /etc/sshd_config file

*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: On Windows Server 2003,Windows Vista,and above,the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires.  You need to have or to create a privileged
*** Info: account.  This script will help you do so.

*** Info: You appear to be running Windows XP 64bit,Windows 2003 Server,*** Info: or later.  On these systems,it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).

*** Info: If you want to enable that functionality,it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.

*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.

*** Info: No privileged account could be found.

*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'cyg_server'? (yes/no) yes
*** Info: Please enter a password for new user cyg_server.  Please be sure
*** Info: that this password matches the password rules given on your system.
*** Info: Entering no password will exit the configuration.
*** Query: Please enter the password:
*** Query: Reenter:

*** Info: User 'cyg_server' has been created with password 'XXXXXXXXXX'.
*** Info: If you change the password,please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'cyg_server' account.

*** Info: Also keep in mind that the user 'cyg_server' needs read permissions
*** Info: on all users' relevant files for the services running as 'cyg_server'.
*** Info: In particular,for the sshd server all users' .ssh/authorized_keys
*** Info: files must have appropriate permissions to allow public key
*** Info: authentication. (Re-)running ssh-user-config for each user will set
*** Info: these permissions correctly. [Similar restrictions apply,for
*** Info: instance,for .rhosts files if the rshd server is running,etc].


*** Info: The sshd service has been installed under the 'cyg_server'
*** Info: account.  To start the service now,call `net start sshd' or
*** Info: `cygrunsrv -S sshd'.  Otherwise,it will start automatically
*** Info: after the next reboot.

*** Info: Host configuration finished. Have fun!
-----------------------------------------------------------

此外,’cyg_server’是一个可见的帐户,可用于Windows登录,但’sshd’似乎是隐藏的.所以我得出的结论是,我必须添加另一个第三个帐户才能正常使用SSH,这看起来相当疯狂!

编辑1:不仅如此,sshd帐户还有一个密码到期日期设置安装后40天,并有一个密码(根据WMIC). (在ssh设置期间,我从未被要求输入此帐户的密码.)

做:wmic useraccount获取AccountType,…,状态:

AccountType  Disabled  Lockout  Name           PasswordChangeable  PasswordExpires  PasswordRequired  Status    
512          FALSE     FALSE    cyg_server     TRUE                FALSE            TRUE              OK        
512          TRUE      FALSE    sshd           TRUE                TRUE             TRUE              Degraded

和净用户sshd:

User name                    sshd
Full Name                    sshd privsep
Comment                      
User's comment               
Country/region code          000 (System Default)
Account active               No
Account expires              Never
Password last set            2014-03-01 23:20:19
Password expires             2014-04-12 23:20:19
Password changeable          2014-03-01 23:20:19
Password required            Yes
User may change password     Yes
Workstations allowed         All
Logon script                 
User profile                 
Home directory               C:cygwin64varempty
Last logon                   Never
Logon hours allowed          All
Local Group Memberships      *Users                
Global Group memberships     *None                 
The command completed successfully.

所以这又打开了两个问题:

>什么是密码设置以及用户未被告知的原因
这个?
>为什么此密码有到期日期?

(编辑:南京站长网)

【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!

热点阅读