一、安装openSSH与openSS
因为工作关系我需要在Cygwin执行 curl -s "https://get.sdkman.io" | bash 命令将Sdkman下载到本地。
在刚开始的时候我没有配置openSSH和openSSL,执行curl命令的时候一直提示以下错误信息
sdkman curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to sdkman
后来查找一些资料后发现是因为没有安装和配置openSSH、openSSL导致的,然后我就到Cygwin安装页面中选择了openSSH、openSS相关的资源文件
安装完之后别高兴得太早,还需要对他们做一些比较繁琐的配置和启用。(配置的过程中可能会失败多次,失败后请卸载后重新配置)
二、配置openSSH与openSS
1、以管理员身份重新启动Cygwin64 Terminal程序。
注意:这一步是必须的,不然没权限创建sshd服务。
2、查看ssh版本号
$ ssh -V
3、配置ssh
$ ssh-host-config
执行完这一个命令后请严格按照以下提示一步一步执行:
*** Info: Generating missing SSH host keys
ssh-keygen: generating new host keys: RSA1 RSA DSA ECDSA ED25519
*** Info: Creating default /etc/ssh_config file
*** Info: Creating default /etc/sshd_config file
*** Info: StrictModes is set to 'yes' by default.
*** Info: This is the recommended setting, but it requires that the POSIX
*** Info: permissions of the user's home directory, the user's .ssh
*** Info: directory, and the user's ssh key files are tight so that
*** Info: only the user has write permissions.
*** Info: On the other hand, StrictModes don't work well with default
*** Info: Windows permissions of a home directory mounted with the
*** Info: 'noacl' option, and they don't work at all if the home
*** Info: directory is on a FAT or FAT32 partition.
*** Query: Should StrictModes be used? (yes/no) no
*** Info: Privilege separation is set to 'sandbox' by default since
*** Info: OpenSSH 6.1. This is unsupported by Cygwin and has to be set
*** Info: to 'yes' or 'no'.
*** Info: However, using privilege separation requires a non-privileged account
*** Info: called 'sshd'.
*** Info: For more info on privilege separation read
/usr/share/doc/openssh/README.privsep.
*** Query: Should privilege separation be used? (yes/no) no
*** Info: Updating /etc/sshd_config file
*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires. You need to have or to create a privileged
*** Info: account. This script will help you do so.
*** Info: You appear to be running Windows XP 64bit, Windows 2003 Server,
*** Info: or later. On these systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).
*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.
*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.
*** Info: No privileged account could be found.
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'cyg_server'? (yes/no) yes
*** Info: Please enter a password for new user cyg_server. Please be sure
*** Info: that this password matches the password rules given on your system.
*** Info: Entering no password will exit the configuration.
*** Query: Please enter the password:
*** Query: Reenter:
*** Info: User 'cyg_server' has been created with password 'cyg_server'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'cyg_server' account.
*** Info: Also keep in mind that the user 'cyg_server' needs read permissions
*** Info: on all users' relevant files for the services running as 'cyg_server'.
*** Info: In particular, for the sshd server all users' .ssh/authorized_keys
*** Info: files must have appropriate permissions to allow public key
*** Info: authentication. (Re-)running ssh-user-config for each user will set
*** Info: these permissions correctly. [Similar restrictions apply, for
*** Info: instance, for .rhosts files if the rshd server is running, etc].
*** Info: The sshd service has been installed under the 'cyg_server'
*** Info: account. To start the service now, call `net start sshd' or
*** Info: `cygrunsrv -S sshd'. Otherwise, it will start automatically
*** Info: after the next reboot.
*** Info: Host configuration finished. Have fun!
上面会提示创建一个用户cyg_server,并提示你输入该用户的密码,请牢记这里输入的密码。
注意:如果这里输入有误也没有关系,请执行以下命令:
$ cygrunsrv -R sshd
删除ssd服务之后,再重新配置ssh。
4、配置完之后到服务列表中查看并启用sshd(自动),启用步骤如下:
4.1、右击我的电脑/计算机,点击管理,打开计算机管理。
依次选择服务和应用程序——服务。
4.2、使用快捷键和命令:
同时按下win+r键,在运行窗口中输入services.msc,即可打开服务。
用以上两种方法打开服务后,双击想要打开的的服务,选择启动。
以windows updata为例:
在服务状态选择“启动”,就可以打开服务,根据是否需要开机启动,启动类型可以选择自动或者手动,自动为开机自启。
注意下图,sshd必须要用cyg_server用户登陆的,换成“本地系统账户”是不行的。
三、启动OpenSSH服务
以下是openSSH开启和停止命令
$ net start sshd
$ net stop sshd
四、配置OpenSSH用户密码
输入以下命令
$ ssh-user-config
请按照以下提示一步一步执行:
*** Query: Shall I create a SSH2 DSA identity file for you? (yes/no) yes
*** Query: Shall I create a SSH2 ECDSA identity file for you? (yes/no) yes
*** Query: Shall I create a (deprecated) SSH1 RSA identity file for you? (yes/no) no
*** Query: Do you want to use this identity to login to this machine? (yes/no) no
注意:这里输入的密码必须4位以上,不然会创建失败。
创建成功的话会在cygwin\home\User\.ssh目录下会存在以下文件:
五、测试是否安装成功
在Cygwin64 Terminal中输入
$ ssh [email protected]
输入密码如果没报错,说明OpenSSH安装配置成功,如下图:
注意:如果这里提示22端口没开的话,请执行 net start sshd 命令开启openSSH,因为ssh默认端口是22,如果开启失败则说明安装失败,请按照本教程重新安装。