为什么ssh-host-config在Windows 8.1上的Cygwin中创建了两个用户
副标题[/!--empirenews.page--]
在尝试解决在 Windows 8.1上使用Cygwin SSH的一些问题时,我想知道为什么ssh-host-config脚本创建两个从头开始配置OpenSSH的新帐户? (这有必要吗?) 当使用默认选择权限升级和服务安装时,这两个帐户是:cyg_server和sshd.我理解第一个仅用于启动Cygwin SSHd服务,但我不理解第二个的功能.我搜索了Cygwin的档案,唯一的开发人员解释是“因为它的目的是为了这么做.”还建议不要将它们用于实际登录. 这是我的安装: ----------------------------------------------------------- ssh-keygen: generating new host keys: RSA1 RSA DSA ECDSA ED25519 *** Info: Creating default /etc/ssh_config file *** Info: Creating default /etc/sshd_config file *** Info: Privilege separation is set to yes by default since OpenSSH 3.3. *** Info: However,this requires a non-privileged account called 'sshd'. *** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep. *** Query: Should privilege separation be used? (yes/no) yes *** Info: Note that creating a new user requires that the current account have *** Info: Administrator privileges. Should this script attempt to create a *** Query: new local account 'sshd'? (yes/no) yes *** Info: Updating /etc/sshd_config file *** Query: Do you want to install sshd as a service? *** Query: (Say "no" if it is already installed as a service) (yes/no) yes *** Query: Enter the value of CYGWIN for the daemon: [] *** Info: On Windows Server 2003,Windows Vista,and above,the *** Info: SYSTEM account cannot setuid to other users -- a capability *** Info: sshd requires. You need to have or to create a privileged *** Info: account. This script will help you do so. *** Info: You appear to be running Windows XP 64bit,Windows 2003 Server,*** Info: or later. On these systems,it's not possible to use the LocalSystem *** Info: account for services that can change the user id without an *** Info: explicit password (such as passwordless logins [e.g. public key *** Info: authentication] via sshd). *** Info: If you want to enable that functionality,it's required to create *** Info: a new account with special privileges (unless a similar account *** Info: already exists). This account is then used to run these special *** Info: servers. *** Info: Note that creating a new user requires that the current account *** Info: have Administrator privileges itself. *** Info: No privileged account could be found. *** Info: This script plans to use 'cyg_server'. *** Info: 'cyg_server' will only be used by registered services. *** Query: Do you want to use a different name? (yes/no) no *** Query: Create new privileged user account 'cyg_server'? (yes/no) yes *** Info: Please enter a password for new user cyg_server. Please be sure *** Info: that this password matches the password rules given on your system. *** Info: Entering no password will exit the configuration. *** Query: Please enter the password: *** Query: Reenter: *** Info: User 'cyg_server' has been created with password 'XXXXXXXXXX'. *** Info: If you change the password,please remember also to change the *** Info: password for the installed services which use (or will soon use) *** Info: the 'cyg_server' account. *** Info: Also keep in mind that the user 'cyg_server' needs read permissions *** Info: on all users' relevant files for the services running as 'cyg_server'. *** Info: In particular,for the sshd server all users' .ssh/authorized_keys *** Info: files must have appropriate permissions to allow public key *** Info: authentication. (Re-)running ssh-user-config for each user will set *** Info: these permissions correctly. [Similar restrictions apply,for *** Info: instance,for .rhosts files if the rshd server is running,etc]. *** Info: The sshd service has been installed under the 'cyg_server' *** Info: account. To start the service now,call `net start sshd' or *** Info: `cygrunsrv -S sshd'. Otherwise,it will start automatically *** Info: after the next reboot. *** Info: Host configuration finished. Have fun! ----------------------------------------------------------- 此外,’cyg_server’是一个可见的帐户,可用于Windows登录,但’sshd’似乎是隐藏的.所以我得出的结论是,我必须添加另一个第三个帐户才能正常使用SSH,这看起来相当疯狂! 编辑1:不仅如此,sshd帐户还有一个密码到期日期设置安装后40天,并有一个密码(根据WMIC). (在ssh设置期间,我从未被要求输入此帐户的密码.) 做:wmic useraccount获取AccountType,…,状态: AccountType Disabled Lockout Name PasswordChangeable PasswordExpires PasswordRequired Status 512 FALSE FALSE cyg_server TRUE FALSE TRUE OK 512 TRUE FALSE sshd TRUE TRUE TRUE Degraded 和净用户sshd: User name sshd Full Name sshd privsep Comment User's comment Country/region code 000 (System Default) Account active No Account expires Never Password last set 2014-03-01 23:20:19 Password expires 2014-04-12 23:20:19 Password changeable 2014-03-01 23:20:19 Password required Yes User may change password Yes Workstations allowed All Logon script User profile Home directory C:cygwin64varempty Last logon Never Logon hours allowed All Local Group Memberships *Users Global Group memberships *None The command completed successfully. 所以这又打开了两个问题: >什么是密码设置以及用户未被告知的原因 (编辑:南京站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |