any special security concerns with openssh under cygwin?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I have vague memories of some security colleagues of mine sorta poo
pooing sshd under cygwin for some reason several years ago.  I can't
recall why, but it had to do with something unique to cygwin.  Dunno
if they were all wet or not, but they made their case enuogh such that
the company despite really not wanting to, spent money for every
Windows server we deployed to use the Vandyke Vshell server
recommended solution.

Anyone harzard a guess as to what details may have been behind this
recommendation, whether it was valid, and whether the issue still
exists today?  

Sorry for such an open ended question, but if ever there was a place
someone might know, I figured this ng would be it!

Todd H. /

Re: any special security concerns with openssh under cygwin?

On 28 Sep, 05:09, (Todd H.) wrote:
Quoted text here. Click to load it

No idea what they were kvethching about, but the file permission
issues for host keys and private keys in the Windows world are
fascinating. And getting sshd running, in spite of the unexplained and
difficult to diagnose interference by anti-virus clients like McAfee's
products, make it a poor choice as a platform for providing SSH

Quoted text here. Click to load it

The McAfee one can be addressed by modifying the init script to use
"sshd -R" instead of "sshd", an entirely undocumented command line
option to avoid the use of certain software techniques that can be
explained by Darren Tucker far better than by me.

Site Timeline