Rafe Hart

Thoughts on security, privacy, and building software.

Secure Shell Daemon (sshd)

23 July 2014

Running an SSH daemon can be very useful, especially if you’d like to securely transfer files too and from your Windows box. The installation process is quite straightforward, but part of it includes the automatic creation of the ‘cyg_server’ account, which you will see at login as an alternate user. This doesn’t really affect your use of windows, but cosmetically it may not be what you prefer.

First, install openssl if you haven’t already, and run the following command

# Daemon Configuration
ssh-host-config
  • Should Privilege Separation be used? Answer: Yes
  • New local account ‘sshd’? Answer: Yes
  • Do you want to install sshd as a service? Answer: Yes
  • Enter the value of CYGWIN for the daemon: [] Answer: ntsec tty
  • Do you want to use a different name? Answer: No
  • Create new privileged user account ‘cyg_server’? Answer: Yes
  • Lastly, it will ask you for a password for the account, which can’t be null

The new service controlled by running

# Start the service
cygrunsrv --start sshd

# Stop the service
cygrunsrv --stop sshd</pre>

Running either of these commands should have the desired effect, but they do not have any output, so it isn’t obvious that they are doing anything. Note that the service will start automatically with windows.

To confirm your service is running, press the start button, type in ‘run’ and when the command box appears, type in ‘services.msc’. If you scroll through the list of services running, you should be able to see the secure shell daemon:

SSH running as a service