SSH tunneling using Cygwin: The Desktop Unix Emulator
Before we can tunnel with Cygwin, it must be correctly installed.
The most important consideration for installing Cygwin is creating the appropriate Unix folders. Cygwin's website offers complete and detailed instructions; the below is an abbreviated version.
- Download and install Cygwin. Cygnus gives you the option of installing from the Web, but it is faster (and ultimately more efficient) to install from a local disk. Be sure to download and save the file where you can easily find it.
- Click on Cygwin's "setup.exe" icon and follow the screen prompts, accepting the default options. You will be asked for text format and whether you want Cygwin to be for yourself alone or shared with other users. For ease of use, select Unix for the text format and "All" for the shred option. Cygwin will then install, and create icons in your start menu as well as on your desktop. If no icons are created, run the setup again. The setup will not reinstall Cygwin, but it will take you to the end, where you can check the boxes indicating you want the icons installed.
- Create the Unix folders. You can create the standard directories from within Cygwin, as Cygwin's configuration instructions suggest (see http://www.cygwin.com for configuration instructions), or you can set them up from within Windows. Using the Windows method has some advantages, especially if you are not entirely familiar with Unix commands and protocols. Since Cygwin is able to read both Win32 (Windows) and Unix (POSIX) file paths, either method is acceptable. Very clear instructions for creating the Unix directories can be found at http://www.itd.umich.edu/itcsdocs/s4148/s4148.pdf. Although the instructions are specifically for a slightly earlier version of the program, they still pertain: the typical Unix directories must still be created.
- Modify the cygwin.bat file. The .bat file specifies the commands and their sequence that bash must go through. Where the "Unix" directory on the "C" drive contains the traditional Unix directories, you can name it anything you want as long a you do not use any characters that confuse Unix, e.g., hyphens, spaces, etc. Configure your cygwin.bat file using a text editor such as Notepad. Do not use Microsoft Word or anything that imparts formatting. The C:\Cygwin directories, and C:\unix directories include your crucial home directory. Configure the .bat file so that it looks like this:
SET HOME=C:\unix\HOME\[your home directory name]
CHDIR C:\Unix\HOME\[your home directory name]
- For Cygwin to run more efficiently, you may want to configure the shortcut icon on your desktop so that it starts the program in the right directory. This is not necessary, if you have stipulated the HOME directory in the .bat file.
Cygwin offers some further refinements, and you can further refine your configuration if needed. If you are familiar with Unix commands and file structures, you will find this easy; if you are not, Cygwin is quite forgiving, and you can get started with a minimum of fuss.
Depending on how your site is configured, you can access CVS through an SSH tunnel using a key generated locally or using a public key set up by the site administrator. If you are unsure of which method your site uses, check with your site administrator.
To generate a key locally:
- From Cygwin, or another UNIX-type command prompt, type: "ssh-keygen.exe -d" and press Enter. You should see:
- Generating DSA parameter and key.
- Enter file in which to save the key (/home/Administrator/.ssh/id_dsa): [press Enter key for default location]
- Enter passphrase (empty for no passphrase): [please leave blank, and press Enter]
- Enter same passphrase again: [please leave blank, and press Enter]
- Your identification has been saved in /home/Administrator/.ssh/id_dsa.
- Your public key has been saved in /home/Administrator/.ssh/id_dsa.pub.
- Copy the "id_dsa.pub" from your computer. Name the new copy "[username]_id_dsa.pub", i.e. "jmorse_id_dsa.pub" and attach it to an issue for technical support. The key will need to be installed on the CVS server for you to gain access through the CVS tunnel. Consult with your support representative about a location to upload the *_id_dsa.pub key.
Every time you wish to access the CVS repository you will need to run Cygwin or other UNIX shell and login with:
ssh -x -2 -L 2401:localhost:2401 tunnel@[project.domain]
where [project.domain] equals the name of your CVS server.
You should get a message saying "Host key not found, are you sure you want to continue". Type "yes". You need to use the whole word. You get another line and the cursor moves to the left side of the window and blinks. You can minimize the window, but do not close it. Closing this window will disconnect the tunnel.
If you are accessing the tunnel using a public key generated by the system administrator, you will be prompted for a password. Please request the password from your site administrator or project owner.
Note: If you have generated your own key and are still prompted for a password, your key may not be properly added to the server yet. If that is the case, please contact technical support.
The tunnel will continue running as long as this window is running, except in cases of network error or other connectivity issues. To stop the tunnel, press ctrl-break.