Fair cop - you're right, and I didn't even see it when I was responding.
I realize/remember now that you are correct.
So, I will separate my request from the original poster's (as I have now
forked into a different topic) and ask my own question.
I *need* to be able to change the home directory for an SSH install, for
reasons internal to our processes. This is why we are still using
OpenSSH for Windows ... because it allows us to do that. When I
investigated CopSSH (about two years ago) it was not possible to do
this. Can anyone on this list tell me if the CopSSH package has been
modified in the interim to make this possible?
(Lest anyone ask why we would need to do this; the SSH tool is used for
one account only, and locked down to that account. We need to be able to
access the code repository over SSH from up to several hundred computers
using SSH, and the repository can be upwards of 5 GB. Most customers do
not have or will not grant this amount of space on their C: drive --
where the $HOME variable usually points, and TBH we don't really want
the code buried in C:\Windows\Documents and
Settings\<username>\foo\bar\baz -- much easier to reference it when it's
on a top-level somewhere without spaces in the path.)
So, restating the question: is it (now) possible to change the HOME
directory of a user in CopSSH? If so, how is it accomplished?
Thanks;
-- Shane
________________________________
From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf Of
Welsh, Armand
Sent: Wednesday, May 28, 2008 6:08 PM
To: ssh@erdelynet.com
Subject: RE: Using Key Pairs on OpenSSH on Win2k3
What you are doing here is changing the home directory, not the
path. If you place the home directory into the default PATH then this
sort of works, but but it is not a good idea to point a user's home
directory to someplace other than a home directory, because the home
directory often will contain files that are unique to the user. To
change the path, you should nodify the login shell scripts to set the
PATH. See my other email about how to change the default.
Note: The only real difference between copSSH and openSSH is
that copSSH is the cygwin openSSH without the bloat of unnecessary GNU
tools, and with the convenience of preconfiguring a workable system.
OpenSSH for Windows (not to be confused with Cygwin's version) is out
dated and full of security holes..
________________________________
From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf Of
Travis, Shane (GE Healthcare)
Sent: Wednesday, May 28, 2008 4:20 PM
To: ssh@erdelynet.com
Subject: RE: Using Key Pairs on OpenSSH on Win2k3
OpenSSH allows you to change the path for a user. Open the file
<openssh_install_dir>\etc\passwd
and find the entry for the user you are using to log in, and
change the path from
/home/<user>
to
/cygdrive/<drive_letter>/<path>
Example: If want to change the path to C:\rx then the home
directory should be set to /cygdrive/c/rx
At one point when I investigated CopSSH, it was not capable of
doing this, which is why our organization is still using OpenSSH. If
users of CopSSH know for a fact that this has changed, and can explain
the mechanism, I for two (OP is 'for one') would love to hear.
--
Shane Travis <shane.travis@ge.com>
Lead Service System Designer
GE Healthcare IITS - Centricity Pharmacy
T: 306 667 7942 F: 306 933 0111
________________________________
From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On
Behalf Of Robert Denton
Sent: Wednesday, May 28, 2008 4:57 PM
To: ssh@erdelynet.com
Subject: RE: Using Key Pairs on OpenSSH on Win2k3
Okay, let me see if I can explain my set up a little
bit. And you might be right about there being no connection between
openssh and the ssl used to connect to the https server, but here goes:
user@svnserver ---(ssh)---> admin@devserver
---(https)---> svnserver
Seems weird to do it that way, but in order to maintain
a mirror of our code on the dev server we need to issue an 'update'
command to the svn client on the dev server where we want the mirror,
and this is triggered by a process on the svn server itself. The first
part seems to be working with one weird exception:
If I log onto the devserver and launch a command prompt,
the command 'svn' is known by virtue of path. Oddly, if I ssh to that
server as the same user, the command 'ssh' is not known. Does Cygwin (or
OpenSSH) maintain it's own path variable? If so, where is it kept?
Robert
________________________________
From: Welsh, Armand
[mailto:Armand.Welsh@sscims.com]
To: ssh@erdelynet.com
Sent: Wed, 28 May 2008 14:33:24 -0700
Subject: RE: Using Key Pairs on OpenSSH on
Win2k3
I don't think the copSSH and the https based
activities are related. Regarding the connection to the other server
(via https), how is this connection established? I need more
information to understand the issue. Are you connecting (via ssh) to
the server, and then on the server using wget or other command line util
to get something from a web server? If you are using an SSH tunnel to
connect to the https server using the ssh server as a middle point then
I would need to know what client libraries on your client computer are
used to establish the https session.
Armand
________________________________
From: ssh@erdelynet.com
[mailto:ssh@erdelynet.com] On Behalf Of Robert Denton
Sent: Wednesday, May 28, 2008 12:49 PM
To: ssh@erdelynet.com
Subject: Re: Using Key Pairs on OpenSSH on
Win2k3
So I took your advice and installed CopSSH
instead and it is working as desired, with one minor snag. First, the
application I am using this for is to connect to the copssh server and
run some commands. One of the commands involves connection to a
different server via https. When I do this I get prompted to accept the
certificate. Choosing 'p' for permanent has no effect.
Advice I have gotten from other forums is that I
need to download Comodo's Trusted Root Certificate and append it to the
end of the ca-bundle.crt that is used by OpenSSH. Unfortunately a
search of the system yields no such file. Where does CopSSH place this
file? And do you agree that this is the recommended course of action?
Robert
________________________________
From: Welsh, Armand
[mailto:Armand.Welsh@sscims.com]
To: ssh@erdelynet.com
Sent: Thu, 22 May 2008 09:17:19 -0700
Subject: Re: Using Key Pairs on OpenSSH
on Win2k3
Robert,
Before I look into potential causes, the
first I would like to know is: are you using copSSH, the Cygwin
installation with the openSSH package installed, or the "openSSH for
Windows" project from source forge?
Why do I ask? Al three are openSSH from
the cygwin project the following conditions:
Cygwin is the thick install proding the
option to turn you windows box into a GNU Linux like operating system
(via the bash or other shell and some special mappers built into
cygwin). The cygwin project installs a basic configuration of openSSH
which works well on older windows systems, but requires specific things
be done to get the SSH server to work 100% on windows 2003 and Vista.
CopSSH is a pre-packaged minimal
installation of Cygwin with a couple minor enhancement patches that
installs Cygwin, openSSH, configures you computer (even vista and
win2k3) so that openSSH works without any tweaking at all.
"OpenSSH for Windows" is a dead
sourceforge project that is almost identical to copSSH, except that
development on the project has stopped a long time ago, and this package
requires more tweaking of the ssh settings and the server that the other
options, and is running very old ssh code that should not be used
anymore in my opinion.
If you want the easy solution, install
copSSH and everything will work. If you want to get what you have
working and you did not install copSSH then we can offer assistance with
making all the appropriate changes, but it will take more time to get
SSH services up and running with public keys, but you will have the
option of using any piece of the cygwin project easily.
Armand
-- List Info: http://erdelynet.com/ssh-l/ List Archives: http://erdelynet.com/archive/ssh-l/ To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com If you are having trouble unsubscribing, visit the List Info page for help.Received on Thu May 29 11:33:38 2008
This archive was generated by hypermail 2.1.8 : Thu May 29 2008 - 11:33:39 EDT