GlassFish - World's first Java EE 7 Application Server


Tip for setting up MKS sshd

1) Make sure MKS home directory is configured

The secure shell service locates a user's home directory from what is configured in the user database – not necessarily from environment variables (like $HOME). So you must make sure the ssh user you are using is configured with a home directory.

Note that when you are using MKS on Windows each user potentially has two home directories. One is the Windows home directory, the other is the MKS home directory. When running commands in an MKS shell (like bash, ksh, etc) you use the MKS home directory. When running commands in a Windows command window you use the Windows home directory.

You can configure these two home directories to be the same. This makes some things more convenient, but has the downside of having a home directory with spaces in the path (which is cumbersome in a Unix environment).

In this example we configure MKS to use the default Windows home directory.

In MKS you use the userinfo command to inspect and update the user database. In this example we are operating on the Administrator user. You'll want to do the following on all machines that will be using ssh. First check the user's settings (easiest to run this in an MKS shell):

$ userinfo Administrator

Look at the Home Directory and Home Directory Drive fields and make sure they match your home directory in a DOS Window (basically you HOMEDRIVE and HOMEPATH environment variables). If they don't update them like this:

$ userinfo -u -fHomeDirDrive:"C:" -fHomeDir:"\Documents and Settings\Administrator" Administrator
$ userinfo Administrator    # Verify settings

Do this on both clients and the sshd server.

Log out and log back in and verify your home directory is what is expected in both an MKS shell and a Windows command shell.

2) Enable MKSAUTH password authentication

We found it is necessary to enable MKSAUTH password authentication to get key authentication to work with SSH. Not sure why. To do this:

  1. Bring up the MKS (it's in the MKS menu under Configuration->Configuration Information)
  2. Select the Authentication tab
  3. Enter the user's password and click the Enable button under "Enable/Disable Password using MKSAUTH".
3) Set up SSH authentication

Follow the Windows procedure here: 3.1SSHSetup

If ssh still prompts for your password then try configuring the server to accept your key by using the MKS configuration tool (I found I sometimes needed to do this – not sure why):

  1. Copy the *.pub key file that was generated using ssh-keygen to the server machine
  2. On the server machine run the MKS Configuration application (it's in the MKS menu under Configuration). Select the Secure Shell Service tab. Click on Configure Passwordless. If you see your key listed then select it and click Delete. Next click on Import Key and select the *.pub key file that you copied over in step 1. Click OK, then OK again.

You should now be able to ssh over from the client without specifying a password.

What about setup-ssh?

I have not tried setup-ssh on MKS yet.

Gotchas
  1. Do not set the HOME environment variable explicitly. If you set HomeDirDrive and HomeDir as described above then the HOME MKS environment variable will default to the right thing.
  2. For sshd do not set the command shell to cmd.exe in the MKS Configuration tool. We have only tested with a unix style shell (the default).
  3. If your home directories are different between Windows and MKS, then be aware that GlassFish uses your Windows home directory to locate your .ssh directory – but ssh(1) and the secure ssh service uses your MKS home directory.