转自:http://hi.baidu.com/angivo/blog/item/7f43bef5ade0e42fbc3109f7.html
sshd服务是一种安全连接,它能让你访问服务器上的命令行界面。Windows本身没有提供该服务,所以我们可以通过 cygwin 来进行安装。
安装 cygwin
首先安装 cygwin。安装时间为 2006-10-8,Cygwin DLL版本为 1.5.21-1。除了默认的软件包之外,又增加了以下软件包。
- Admin
- cron-3.0.1-19
- cygrunsrv-1.17-1
- shutdown-1.7-1
- syslog-ng-1.6.11-1
- Archive
- unzip-5.50-5
- zip-2.3-6
- Devel
- subversion-1.3.2-1
- Editors:
- vim-7.0.076-1
- Interpreters
- gawk-3.1.5-4
- perl-5.8.7-5
- expat-1.95.8-1
- Libs
- Net
- lftp-3.5.1-1
- openssh-4.4p1-1
- openssl-0.98d-1
- openssl097-0.9.7l-1
- ping-1.0-1
- netcat-1.10-2
- Shells
- ash-20040127-3
- bsah-3.1-9
- bash-completion-20060301-1
- mc-4.6.1-2
- Utils
- patch-2.5.8-8
- time-1.7-1
- Web
- wget-1.10.2-1
安装
用管理员用户登录,启动 cygwin 命令行,执行以下命令。
配置 sshd
在 cygwin 的命令行中输入以下命令:
修改 sshd_config 的以下配置。
最后将 sshd_config 的权限修改回 644。
启动 sshd 服务器。
生成公钥和密钥
由于我们上面的设置仅允许密钥方式认证,所以要为我们的用户生成一对公钥和密钥。
在 cygwin 的控制台中执行以下命令,生成 ssh1 的公钥和密钥。
类似的方法,使用下面的命令生成 ssh2 的公钥和密钥。
将公钥导入到认证公钥中:
因为我们在 /etc/sshd_config 的配置中使用了 StrictModes yes 的设置,所以要修改目录权限,命令如下。
然后将密钥 identity、id_rsa、id_dsa 文件用某种方式复制到客户端。我使用的客户端是 Linux,因此只要将这三个文件复制到客户端的 $HOME/.ssh 目录下即可。
登录服务器。在客户端上输入以下命令,即可登录服务器。
常见问题
2008-12-11更新
Q: cygrunsrv -S sshd不能启动, 告
A: 很可能是/var/log的权限设置不正确。首先执行 mkpasswd 和 mkgroup 重新生成权限信息,再删除sshd服务,重新配置:
Q: 用公钥登录时老是说Permission denied (publickey).,怎么办/p> A: 可以在Windows的事件日志(我的电脑->右键->管理->事件查看器)中看到sshd产生的错误信息。常见的问题是 .ssh/authorized_keys权限设置不正确,该文件必须设置为 0644 才能正常登录
##########################################################################
我遇到的问题
sshd服务无法开启br>解决,按照上面的提示
1)对/var/log目录 赋权
2)执行用户映射
3)删除sshd服务
4)配置sshd服务
5)开启sshd服务
1)对/var/log目录 赋权
Administrator@8a0dbeec9a074e1 /var
$ ls -rlat log
total 7284
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache2
drwxrwxrwx 1 SYSTEM Administrators 0 Oct 23 17:59 exim
drwxr-xr-x 1 Administrator Administrators 0 Oct 24 20:06 squid
-rwxrwxrwx 1 Administrator None 0 Oct 24 20:48 setup.log.postin
stallXa05528
-rwxr–r–+ 1 Administrator None 0 Oct 26 08:36 wtmp
-rw-r–r–+ 1 Administrator None 0 Oct 26 08:37 messages
drwxr-xr-x 1 Administrator Administrators 0 Oct 26 08:44 ..
-rw-r–r– 1 Administrator None 0 Oct 26 11:20 lastlog
-rw-r–r– 1 Administrator None 1257 Oct 26 13:51 setup.log.full
-rw-r–r– 1 Administrator None 7449455 Oct 26 13:51 setup.log
drwxrwxrwx+ 1 Administrator Administrators 0 Oct 27 21:24 .
-rw-r–r– 1 SYSTEM Administrators 1050 Oct 28 17:37 sshd.log
Administrator@8a0dbeec9a074e1 /var
$ chown Administrator:Administrators /log
Administrator@8a0dbeec9a074e1 /var/log
$ ls -rlt
total 7284
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache2
drwxrwxrwx 1 SYSTEM Administrators 0 Oct 23 17:59 exim
drwxr-xr-x 1 Administrator Administrators 0 Oct 24 20:06 squid
-rwxrwxrwx 1 Administrator None 0 Oct 24 20:48 setup.log.postin
stallXa05528
-rwxr–r–+ 1 Administrator None 0 Oct 26 08:36 wtmp
-rw-r–r–+ 1 Administrator None 0 Oct 26 08:37 messages
-rw-r–r– 1 Administrator None 0 Oct 26 11:20 lastlog
-rw-r–r– 1 Administrator None 1257 Oct 26 13:51 setup.log.full
-rw-r–r– 1 Administrator None 7449455 Oct 26 13:51 setup.log
-rw-r–r– 1 SYSTEM Administrators 1050 Oct 28 17:37 sshd.log
Administrator@8a0dbeec9a074e1 /var/log
$ chown -R Administrator:Administrators *
Administrator@8a0dbeec9a074e1 /var/log
$ ls -rtl
total 7284
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache
drwxr-xr-x 1 Administrator Administrators 0 Oct 23 17:55 apache2
drwxrwxrwx 1 Administrator Administrators 0 Oct 23 17:59 exim
drwxr-xr-x 1 Administrator Administrators 0 Oct 24 20:06 squid
-rwxrwxrwx 1 Administrator Administrators 0 Oct 24 20:48 setup.log.postin
stallXa05528
-rwxr–r–+ 1 Administrator Administrators 0 Oct 26 08:36 wtmp
-rw-r–r–+ 1 Administrator Administrators 0 Oct 26 08:37 messages
-rw-r–r– 1 Administrator Administrators 0 Oct 26 11:20 lastlog
-rw-r–r– 1 Administrator Administrators 1257 Oct 26 13:51 setup.log.full
-rw-r–r– 1 Administrator Administrators 7449455 Oct 26 13:51 setup.log
-rw-r–r– 1 Administrator Administrators 1050 Oct 28 17:37 sshd.log
Administrator@8a0dbeec9a074e1 /var/log
Administrator@8a0dbeec9a074e1 /var/log
$ cd ~
2)执行用户映射
Administrator@8a0dbeec9a074e1 ~
$ mkpasswd -l > /etc/passwd
Administrator@8a0dbeec9a074e1 ~
$ mkgroup -l > /etc/group
3)删除sshd服务
Administrator@8a0dbeec9a074e1 ~
$ cygrunsrv -R sshd
4)配置sshd服务
Administrator@8a0dbeec9a074e1 ~
$ ssh-host-config -y
*** Query: Overwrite existing /etc/ssh_config file(yes/no) yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file(yes/no) yes
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called ‘sshd’.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/READ
ME.privsep.
*** Query: Should privilege separation be used(yes/no) yes
*** Info: Updating /etc/sshd_config file
*** Query: Overwrite existing /etc/inetd.d/sshd-inetd file(yes/no) yes
*** Info: Creating default /etc/inetd.d/sshd-inetd file
*** Info: Updated /etc/inetd.d/sshd-inetd
*** Warning: The following functions require administrator privileges!
*** Query: Do you want to install sshd as a servicebr>*** Query: (Say “no” if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: The sshd service has been installed under the LocalSystem
*** Info: account (also known as SYSTEM). To start the service now, call
*** Info: `net start sshd’ or `cygrunsrv -S sshd’. Otherwise, it
*** Info: will start automatically after the next reboot.
*** Info: Host configuration finished. Have fun!
5)开启sshd服务
Administrator@8a0dbeec9a074e1 ~
$ cygrunsrv -S sshd
Administrator@8a0dbeec9a074e1 ~
$ cygrunsrv -S sshd
Administrator@8a0dbeec9a074e1 ~
$ ps -ef|grep sshd
SYSTEM 1316 6200 nbsp; 19:42:30 /usr/sbin/sshd
Administrator@8a0dbeec9a074e1 ~
$ ssh root@172.16.4.132
The authenticity of host ‘172.16.4.132 (172.16.4.132)’ can’t be established.
RSA key fingerprint is b0:f3:36:d2:46:45:2f:04:7f:50:0b:e4:81:f2:5d:bf.
Are you sure you want to continue connecting (yes/no)yes
Warning: Permanently added ‘172.16.4.132’ (RSA) to the list of known hosts.
root@172.16.4.132’s password:
____________________, ______________________________________
.QQQQQQQQQQQQQQQQQQQQQQQQL_ | |
.gQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ__ | |
gQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ== | _.—.) |
QQQQQQQQQQQQQQQQQQQQQQQQQQQF= | (^–^)_.-” `; |
QQQQQQQQQ================! | ) ee ( | |
QQQQQQQQ | (_.__._) / |
QQQQQQQQ | `–‘, ,’ |
QQQQQQQQ ~”jjj__, | jgs )_|–‘)_| |
QQQQQQQQ “jjjjjjjjjj___ | “”‘ “”‘ |
QQQQQQQQ ~jjjjjjjjjjjjjjjjj__ | |
QQQQQQQQ _jjjjjjjjjjjjjj/~~~~ | The Hippo says: Welcome to |
QQQQQQQQ .{jjjjjjj/~~~~~ | _ |
QQQQQQQQ .{/~~~~` | ____ _ _ ____ _ _ _ (_) ____ |
QQQQQQQQ | / ___)| | | | / _ || | | || || _ / |
QQQQQQQQ |( (___ | |_| |( (_| || | | || || | | ||
QQQQQQQQQL_______________, | /____) /__ | /___ | /___/ |_||_| |_||
QQQQQQQQQQQQQQQQQQQQQQQQQQQL___ | (___/ (____| |
4QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ___ | |
(=QQQQQQQQQQQQQQQQQQQQQQQQQQQQQ==== | -.-. -.– –. .– .. -. |
(QQQQQQQQQQQQQQQQQQQQQQQQF= |______________________________________|
root@8a0dbeec9a074e1 ~
声明:本站部分文章及图片源自用户投稿,如本站任何资料有侵权请您尽早请联系jinwei@zod.com.cn进行处理,非常感谢!