* ** This has been merged into [[cygwin|the cygwin page]]. ** *


A shorter version of [[http://pigtail.net/LRP/printsrv/cygwin-sshd.html|this very verbose HOWTO]].

===== User setup =====
All users MUST have passwords.  Login as an administrator.

===== Install CYGWIN =====
Download cygwin's setup.exe from http://www.cygwin.com/ and save it somewhere with a fair bit of space.  All the package tarballs will be saved there.  Run setup.exe.

Set the "Root Directory" to where you want to install cygwin, e.g. "C:\Program Files\cygwin".  Set "Install For" to "All Users".

Set "Local Package Directory" to the place where you saved setup.exe.

Pick a mirror; "http://mirrors.kernel.org" is always good.

On the giant package selector, pick (at least):

  * openssh
  * zlib
  * diffutils

You can get an alphabetical package list by clicking the little View button for "Full" view.

Install.

===== Setup =====

Right click My Computer, Properties, Advanced, Environment Variables.

Click the "New" new button to add a new entry to System variables:
  CYGWIN=ntsec tty

Edit the global PATH environment variable to add the 'bin' directory under where you installed cygwin:
  ;c:\Program Files\cygwin\bin

Open a cygwin shell.  **If running something with UAC, run the cygwin shell as administrator (right click, run as administrator).**

<code>
$ chmod a+r /etc/passwd /etc/group
$ chmod 777 /var
$ ssh-host-config  -y
</code>

If the script asks you about "privilege separation", "create a local user sshd on this machine", or "install sshd as a service", answer yes.

If it asks for environment variable "CYGWIN", answer "ntsec tty"

Start it up:
  $ net start sshd
or
  $ cygrunsrv --start sshd

If the service fails to start, try:
<code>
$ chown system /etc/ssh*
$ chown system /var/empty
</code>

As an aside, if you want your drive letters to be available as ''/c'' instead of ''/cygdrive/c'', edit /etc/fstab and edit the commented-out cygdrive line so it reads:
<code>none / cygdrive binary,posix=0,user 0 0</code>
Then re-read the file with:
<code>$ mount -a</code>
 
===== Firewall =====
If using Windows firewall, add a program rule that allows all connections to ''<CYGWIN_PATH>\usr\sbin\sshd.exe''.

===== User setup =====

//Optional?  I didn't have to do this step on my Windows 7 install.//

Make sure every Windows user has a password set.  Then, in a bash shell:

<code>
$ mkpasswd -cl > /etc/passwd
$ mkgroup --local > /etc/group
</code>