$ ssh-host-config
*** Info: Generating /etc/ssh_host_key
*** Info: Generating /etc/ssh_host_rsa_key
*** Info: Generating /etc/ssh_host_dsa_key
*** Info: Creating default /etc/ssh_config file
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/REAME.privsep.
*** Query: Should privilege separation be used? (yes/no) no
*** Info: Updating /etc/sshd_config file
*** Info: Creating default /etc/inetd.d/sshd-inetd file
*** Info: Updated /etc/inetd.d/sshd-inetd
*** Warning: The following functions require administrator privileges!
*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Info: Note that the CYGWIN variable must contain at least "ntsec"
*** Info: for sshd to be able to change user context without password.
*** Query: Enter the value of CYGWIN for the daemon: [ntsec] ntsec
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires. You need to have or to create a privileged
*** Info: account. This script will help you do so.
*** Info: You appear to be running Windows 2003 Server or later. On 2003
*** Info: and later systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).
*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.
*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.
*** Info: No privileged account could be found.
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) yes
*** Query: Enter the new user name: username
*** Query: Reenter: username
*** Warning: Privileged account 'username' was specified,
*** Warning: but it does not have the necessary privileges.
*** Warning: Continuing, but will probably use a different account.
*** Warning: The specified account 'username' does not have the
*** Warning: required permissions or group memberships. This may
*** Warning: cause problems if not corrected; continuing...
*** Query: Please enter the password for user 'username': ******
*** Query: Reenter: ******
*** Info: The sshd service has been installed under the 'username'
*** Info: account. To start the service now, call `net start sshd' or
*** Info: `cygrunsrv -S sshd'. Otherwise, it will start automatically
*** Info: after the next reboot.
*** Info: Host configuration finished. Have fun!
$ net start sshd
发生系统错误 1069。
由于登录失败而无法启动服务。
-- 这是由于用户密码输入错误导致的,以后更改用户后sshd也可能发生这个问题,在 services.msc 里的登录标签里更改用户设置即可!
$ net start sshd
CYGWIN sshd 服务正在启动 .
CYGWIN sshd 服务已经启动成功。
密钥设置:
$ cd /home/username/
$ mkdir .ssh && chmod.exe 700 .ssh
$ cd .ssh/
$ vi authorized_keys (将管理机的公钥放置其中即可)
$ chmod.exe 600 authorized_keys
创建密钥对:
$ ssh-keygen -t rsa
$ 一路回车即可!
删除 sshd 服务:
$ net stop sshd
$ cygrunsrv -R sshd
终端相关设置:
# 设置PS1显示,中文显示,别名
vi /etc/profile
export PS1="[\u@\h \W]\$"
export LC_ALL=zh_CN.GB2312
export LC_CTYPE=zh_CN.GB2312
export LANG=zh_CN.GB2312
export LESSCHARSET=latin1
export LC_MESSAGES=zh_CN.eucCN
export XMODIFIERS="@im=Chinput"3
stty cs8 -istrip
stty pass8
alias ls='ls --color --show-control-chars --time-style=long-iso'
alias ll='ls -l --color --show-control-chars --time-style=long-iso'
# 设置终端输入可以是中文
vi ~/.inputrc
set meta-flag on
set input-meta on
set output-meta on
set convert-meta off
echo "set meta-flag on" >> ~/.inputrc
echo "set input-meta on" >> ~/.inputrc
echo "set output-meta on" >> ~/.inputrc
echo "set convert-meta off" >> ~/.inputrc
# 设置方向键可用,shell高亮显示
vi ~/.vimrc
set nocp
syntax on
echo "set nocp" >> ~/.vimrc
echo "syntax on" >> ~/.vimrc
*******注意:如果终端的任何设置发现没有生效,那么请重新打开另外的终端尝试!
***********: 设置好ssh服务后如果从终端连接提示 connect closed 或者 refuse,哪么请检查key文件的权限,确保.ssh 700 authorized_keys 700.
***********: 如果设置密钥后密钥不生效,请检查是否将 .ssh 目录建立在 /home/username 下,并正确设置了权限.
***********: 存在任何其他不能连接的问题,建议首先查看 windows 事件日志,也许能能从这里找到结果.