To use a Secure Shell (SSH) public/private key-pair to access target Windows® operating systems, change the ownership of Cygwin files and directories to root.
Use the information provided in this topic only if you want to use the SSH public/private key authentication method to access remote installation targets that are running any of the Windows operating systems. You can skip this topic if you plan to use the user name and password authentication method to access the installation targets.
Ensure that software from an independent software vendor, such as a Cygwin SSH server, is installed on the Windows installation target.
The normal setup of a Cygwin sshd server to run as a Windows service designates the server to run under the Local SYSTEM account or, for a Windows 2003 Server, to run under a local account ssd_server specifically created with special privileges to run the service. With an SSH server configured and started on the Windows target, the server authenticates user logins using a public/private key-pair. However, with this setup, installation programs that are located on the Windows target and invoked by the centralized installation manager, which is using public SSH public/private key authentication to gain access to the installation target, are run using the identity of the account under which the SSH server is running. As a result, this causes problems with certain centralized installation manager operations when the files or directories on the target system, that the operation is to operate on, are created using different identities. To work around this, change the service that the Cygwin sshd server runs under to log on with the same account, root, that is used to install software on that specific Windows installation target.
Assuming that a local ID root that has Administrator authority to install software on the Windows installation target has been created, the following steps outline how to change the Cygwin sshd server to run under the ID root: