RE: Using Key Pairs on OpenSSH on Win2k3

Okay, let me see if I can explain my set up a little bit. And you might be right about there being no connection between openssh and the ssl used to connect to the https server, but here goes:

user@svnserver ---(ssh)---> admin@devserver ---(https)---> svnserver

Seems weird to do it that way, but in order to maintain a mirror of our code on the dev server we need to issue an 'update' command to the svn client on the dev server where we want the mirror, and this is triggered by a process on the svn server itself. The first part seems to be working with one weird exception:

If I log onto the devserver and launch a command prompt, the command 'svn' is known by virtue of path. Oddly, if I ssh to that server as the same user, the command 'ssh' is not known. Does Cygwin (or OpenSSH) maintain it's own path variable? If so, where is it kept?

Robert
  _____

From: Welsh, Armand [mailto:Armand.Welsh@sscims.com]
To: ssh@erdelynet.com
Sent: Wed, 28 May 2008 14:33:24 -0700
Subject: RE: Using Key Pairs on OpenSSH on Win2k3

              
I don't think the copSSH and the https based activities are related. Regarding the connection to the other server (via https), how is this connection established? I need more information to understand the issue. Are you connecting (via ssh) to the server, and then on the server using wget or other command line util to get something from a web server? If you are using an SSH tunnel to connect to the https server using the ssh server as a middle point then I would need to know what client libraries on your client computer are used to establish the https session.
   
Armand
  
    _____

  From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf Of Robert Denton
Sent: Wednesday, May 28, 2008 12:49 PM
To: ssh@erdelynet.com
Subject: Re: Using Key Pairs on OpenSSH on Win2k3

  
So I took your advice and installed CopSSH instead and it is working as desired, with one minor snag. First, the application I am using this for is to connect to the copssh server and run some commands. One of the commands involves connection to a different server via https. When I do this I get prompted to accept the certificate. Choosing 'p' for permanent has no effect.

Advice I have gotten from other forums is that I need to download Comodo's Trusted Root Certificate and append it to the end of the ca-bundle.crt that is used by OpenSSH. Unfortunately a search of the system yields no such file. Where does CopSSH place this file? And do you agree that this is the recommended course of action?

Robert
        _____

    From: Welsh, Armand [mailto:Armand.Welsh@sscims.com]
To: ssh@erdelynet.com
Sent: Thu, 22 May 2008 09:17:19 -0700
Subject: Re: Using Key Pairs on OpenSSH on Win2k3

Robert,

Before I look into potential causes, the first I would like to know is: are you using copSSH, the Cygwin installation with the openSSH package installed, or the "openSSH for Windows" project from source forge?

Why do I ask? Al three are openSSH from the cygwin project the following conditions:
Cygwin is the thick install proding the option to turn you windows box into a GNU Linux like operating system (via the bash or other shell and some special mappers built into cygwin). The cygwin project installs a basic configuration of openSSH which works well on older windows systems, but requires specific things be done to get the SSH server to work 100% on windows 2003 and Vista.

CopSSH is a pre-packaged minimal installation of Cygwin with a couple minor enhancement patches that installs Cygwin, openSSH, configures you computer (even vista and win2k3) so that openSSH works without any tweaking at all.

"OpenSSH for Windows" is a dead sourceforge project that is almost identical to copSSH, except that development on the project has stopped a long time ago, and this package requires more tweaking of the ssh settings and the server that the other options, and is running very old ssh code that should not be used anymore in my opinion.

If you want the easy solution, install copSSH and everything will work. If you want to get what you have working and you did not install copSSH then we can offer assistance with making all the appropriate changes, but it will take more time to get SSH services up and running with public keys, but you will have the option of using any piece of the cygwin project easily.

Armand

--
List Info:      http://erdelynet.com/ssh-l/
List Archives:  http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com
If you are having trouble unsubscribing, visit the List Info page for help.