FlexDeploy Cygwin Install Guide

FlexDeploy utilizes OpenSSH within a Unix shell for communicating to all endpoints.  For Microsoft Windows, Cygwin is required to provide the Unix-like environment containing the required SSH libraries. The following instructions can be used to install the Cygwin on a Windows client.

Installation Steps

Download Cygwin from the following location: https://www.cygwin.com/. 

Installation will download necessary packages, so if your server does not have Internet access you will have to use Download Without Installing on a server to gather necessary packages, then transfer that folder to server where you want to install Cygwin and select Install from Local Directory option. Another option is to just install Cygwin on your laptop which also download packages in Local Package Directory which you can transfer to server where you want to install Cygwin.

Run the installer (setup-x86_64.exe) and follow the prompts. Make sure to run this as Administrator user, because this allows to set up the Cygwin environment so that all users can start a Cygwin shell out of the box.

As explained earlier, select appropriate option for Download Source.

Make sure to select All Users as that will allow you to connect as any user on the system.

This is most important step, as FlexDeploy requires SSH connectivity and that is the reason we are installing Cygwin. Type "openssh" into the search dialog. Drill down to Net > openssh. Click on the Skip and it will change to some version number. This process may be slightly different depending on Cygwin version being installed.

Make sure that you select a version. Don't click next if it still says Skip. 

Click Finish.

Next you will need to setup CYGWIN sshd service.

Setup sshd Service

Navigate to the location you installed Cygwin and run Cygwin.bat as administrator.

Once the bash window opens, run:  ssh-host-config

Follow as shown below. These steps may be slightly different based on version of Cygwin.

Verify your Firewall configuration as you may need to open port 22 if you have a firewall enabled.

Start the CYGWIN sshd service from the services console (Computer Management > Services)

Using a SSH client (such as PuTTY) attempt to log in to the host with user that has local access to the machine. If successful then the environment is setup and ready for use.

Troubleshooting Tips

  • If you get permissions issue, launch cygwin terminal on target server as user that you will be connecting from FlexDeploy, then adjust .bashrc file in home folder to have following entry.
    • umask 022
  • If you installed CYGWIN sshd as cyg_server user, it should be able to allow Endpoint connection as any user on the server, but that may not work always. In this situation you can try these options.
    1. Make sure that cyg_server account is added to Replace a process level token policy using gpedit.msc. Reference - https://technet.microsoft.com/en-us/library/dn221975(v=ws.11).aspx, https://technet.microsoft.com/en-us/library/cc957225.aspx
    2. Another option is to run CYGWIN sshd as user that you want to connect as from FlexDeploy Endpoint. Here are the steps to make that change.
      1. Make sure the account you want to connect as is Administrator account. See my example of flexuser that I used instead of cyg_server

      2. Stop CYGWIN sshd service. 
      3. Edit CYGWIN sshd service and make it use user that you want to connect as from FlexDeploy Endpoint. See example below.

      4. Click OK.
      5. Run Cygwin terminal as Administrator.
      6. Run ssh-host-config option and follow prompts.

      7. Now start CYGWIN sshd service.

If you experience problems starting sshd, check the sshd.log in Cygwin64/var/log. That will indicate the issue that is occurring and should help with resolution.

If you receive an error like the permissions are too big for some folder or file, then you should perform a command in the bash window to reduce the permissions. An example would be chmod 700 /var/empty

If you receive a wrong password error, and are using a username in the format domain\user, try is without the domain.

Adding public key in authorized_keys file also works fine similar to Unix systems, make sure to use proper case user name in Endpoint configuration. i.e. if home folder is /home/Administrator then use Administrator as user name in endpoint configuration, otherwise ssh public key will not be found. You can do this using Cygwin terminal (instead of Windows Explorer or other tools) to make sure that file is created in proper folder.

Alternatively, you can copy file from remote server to Cygwin server using command like.

ssh-copy-id -i <path to pub file> username@cygwinserverhost

There will .ssh folder similar to Unix. For example, /home/<user>/.ssh/authorized_keys. In one situation noticed /home/<user>/.ssh folder path which worked and adding file to c:/users/<user>/.ssh/authorized_keys did not work.

The following macros are not currently supported in the footer:
  • style