Cygwin

by

Cygwin ssh (OpenSSH), and Win98 – Use “crypt newpassword” to add a password into /etc/passwd

Cygwin is a UNIX environment, developed by Red Hat, for Windows. It consists of two parts:

  • A DLL (cygwin1.dll) which acts as a UNIX emulation layer providing substantial UNIX API functionality.
  • A collection of tools, ported from UNIX, which provide UNIX/Linux look and feel.

The Cygwin DLL works with all non-beta, non “release candidate”, ix86 versions of Windows since Windows 95, with the exception of Windows CE.

Benefits – Here’s why I like and use Cygwin:

Lots and lots of GNU and FSF software

  • Bash Shell
  • SSH – openssh
  • XFree86 – X-Windows Server for Microsoft Windows
  • cvs
  • grep
  • awk
  • sed
  • df
  • tar
  • cpio

and the list goes on and on. The key thing to note here is that these utilities for the most part come from the same place that the corresponding Linux utilities come from — this means that they will be functionally very similar. So, for example, the ssh is the full version of SSH that does port forwarding and you can transfer files with (sshcopy.html)

Also you get a few server services as will such as SSHD and Apache.

I highly recommend that if you have to use windows and you need to connect to Unix/Linux that you install and use Cygwin, it makes life a lot easier.

  • Install cygwin
  • configure ssh server as a startup service (from cygwin run ssh-host-config, then go check out startup services in the normal fashion)
  • Install VNC
  • Configure VNC as a startup service
  • You may need to configure the sshd service to retry 3 times (on the recovery tab)
  • Then you should be able to ssh to your windows box
  • You should also be able to use vncviewer to connect to your box’s desktop (GUI)
  • If you want to transfer files to/from Windows you can use SSH
    tar -cf – filename | ssh Administrator@mybox.domain.net “(cd destdir && tar -xvf -)”
    see sshcopy.html
  • You can make VNC secure by using SSH:
    At a separate prompt run something like:
    ssh -L 5902:localhost:5900 Administrator@mybox.domain.net
    or
    ssh -C -L 5902:localhost:5900 Administrator@mybox.domain.net

    Then use vncviewer to connect to display #2
    vncviewer localhost:2

    If you get a response of:
    VNC server supports protocol version 3.3 (viewer 3.3)
    VNC connection failed: Local loop-back connections are disabled.

    Then that means you need to add a DWORD key to your registry:
    run regedit and browse to HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WinVNC3 and
    add a DWORD of:
    AllowLoopback
    Value for this key is 1

    Note that this is not added to the existing “default” section which
    has lots of entries.

  • In Cygwin, to access your drives, you use something like:
    cd /cygdrive/c

VNC, ssh, zoneedit.com

Setting up VNC and cygwin to be securely accessed.

For this computer you want to access via VNC but securely via SSH, do the following:

Install Cygwin: I suggest most of the following it is a baseline that worked for me:
admin: cron, cygrunsvr
base: all items
editors: ed, vim
interpreters: expat, expect, gawk, perl, python
mail: ssmtp
net: autossh, openssh, rsync
system: chkconfig, initscripts, man, sysvinit
text: enscript, expat, groff, less
utils: bc, bzip2, clear, cygutils, file, patch, pcre
web: links, lynx, wget
x11: xstartmenuicons, xstartupscripts, fvwm, xorg-x11-base xorg-x11-bin xorg-x11-bindlls xorg-x11-binindir xorg-x11-etc xorg-x11-fenc xorg-x11-fnts xorg-x11-libs-data xorg-x11-xwin xorg-x11-xterm

Now set up ssh:
ssh-host-config
priv sep: yes
create: yes
service: yes
CYGWIN=

net start sshd
cd /etc
cp sshd_config sshd_config.new
vi sshd_config.new
X11Forwarding yes
:wq (save and exit)

mv sshd_config sshd_config.old
mv sshd_config.new sshd_config
ls -ltr sshd_config*
chown SYSTEM sshd_config

Now set up cron for your zoneedit updater:
Take your ip detection script which gets your firewall’s ip address
and put it in /scripts

crontab -e
*/15 * * * * /scripts/myipscript.sh
(save and exit is :wq)

cygrunsrv -I cron -p /usr/sbin/cron -a -D
net start cron

Test ssh:
ssh localhost

Also after reboot check that sshd is started (ssh localhost) and make sure your cron is running.

Make sure if you have a firewall on your internet connection (hardware firewall appliance) that you forward 22 to this computer. It is also advisable that your firewall hand you a “fixed ip address” so that your computer doesn’t move around.

If you have a local firewall on your Windows then you will need to allow inbout ssh connections:
Either choose to allow c:\cygwin\usr\sbin\sshd.exe or choose to allow port 22.

To Windows/Cygwin directly:
ssh -N -L 9999:localhost:5900 user@cygwin
vncviewer :9999

Unrelated – To Windows via Linux gateway:
ssn -N -L 9998:192.168.0.10:5900 user@cygwin
vncviewer :9998

Win98 and ssh, you must use “crypt” to set your user’s password in /etc/passwd.

Just run “crypt newpassword”.

http://www.planb-security.net/howto/w2k-ssh-client.html
http://archive.erdelynet.com/ssh-l/2004-06/msg00034.php

I added the cron and ssh services in regedit for Win98:
HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/current version/RunOnce/

sshd
c:\cygwin\usr\sbin\sshd.exe
cron
c:\cygwin\usr\sbin\cron.exe

I tried adding the paths to AppPath, but that didn’t seem to work:
sshd.exe
default=c:\cygwin\usr\sbin\sshd.exe
Path
c:\cygwin\bin

cron.exe
default=c:\cygwin\usr\sbin\cron.exe
Path
c:\cygwin\bin

We wound up doing the following copies from Bash, I couldn’t figure out how to set up the path:

cp -a /bin/cygwin1.dll /cygdrive/c/windows
cp -a /bin/cygcrypt-0.dll /cygdrive/c/windows
cp -a /bin/cygcrypto-0.9.7.dll /cygdrive/c/windows
cp -a /bin/cygz.dll /cygdrive/c/windows

So on Win98 we did successfully get cron and sshd (from Cygwin) running in “RunServices”.
Had to copy over 4 dlls into c:\windows to get sshd working.
Had to use “crypt newpassword” to populate the password field in /etc/password for the ssh user(s).
Was able to use ssh -N -L 9999:localhost:5900 user@windowsbox to set up a tunnel (from both Linux and Windows).
Was able to follow that ssh command with “vncviewer :9999” (from both Linux and Windows) to gain access to the
Windows desktop securely.

Win98 Setup instructions for secure remote access via ssh and vnc:

  1. Install VNC server
  2. Configure VNC to start as a service, set a password
  3. Install Cygwin including cron (Admin), OpenSSH (Net), and ssmtp (Mail)
  4. In regedit add cron and sshd to RunOnce:
    • HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/RunServices/
    • cron “c:\cygwin\usr\sbin\cron.exe”
    • sshd “c:\cygwin\usr\sbin\sshd.exe”
  5. Copy 4 needed dlls for ssh and crypt, from Bash (Cygwin prompt) do:
    • cp -a /bin/cygwin1.dll /cygdrive/c/windows
    • cp -a /bin/cygcrypt-0.dll /cygdrive/c/windows
    • cp -a /bin/cygcrypto-0.9.7.dll /cygdrive/c/windows
    • cp -a /bin/cygz.dll /cygdrive/c/windows
  6. Set a password for any user(s) you want to log in via ssh:
    • crypt newpasswd >> /etc/passwd
    • write /etc/passwd
  7. Configure your firewall(s) to allow 22 through to your Windows box
  8. Add an entry into crontab (crontab -e) to run your net detect script and update zoneedit.com

Secure client access to the above Win98 configuration

From windows you must add vncviewer and OpenSSH from Cygwin.

Linux already has OpenSSH and usually has vncviewer.

From either of the above configurations (Windows or Linux), do the following 2 separate steps in order:

  1. ssh -N -L 9999:localhost:5900 user@windows (this will appear to hang, just minimize this window)
  2. vncviewer :9999

To quote the cygwin site:
http://www.cygwin.com

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.