在尝试解决在Windows 8.1上使用Cygwin + SSH的一些问题时，我想知道为什么该ssh-host-config脚本会从头开始创建两个新帐户来配置OpenSSH？（这有必要吗？）

使用默认选择+特权升级和服务安装时，这两个帐户是：cyg_server和sshd。我了解第一个仅用于启动Cygwin SSHd服务，但我不了解第二个的功能。我搜索了Cygwin档案，唯一的开发人员解释是“因为它是设计来这样做的”。还建议不要使用这些来进行实际登录。

这是我的安装：

-----------------------------------------------------------
ssh-keygen: generating new host keys: RSA1 RSA DSA ECDSA ED25519
*** Info: Creating default /etc/ssh_config file
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep.
*** Query: Should privilege separation be used? (yes/no) yes
*** Info: Note that creating a new user requires that the current account have
*** Info: Administrator privileges.  Should this script attempt to create a
*** Query: new local account 'sshd'? (yes/no) yes
*** Info: Updating /etc/sshd_config file

*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []
*** Info: On Windows Server 2003, Windows Vista, and above, the
*** Info: SYSTEM account cannot setuid to other users -- a capability
*** Info: sshd requires.  You need to have or to create a privileged
*** Info: account.  This script will help you do so.

*** Info: You appear to be running Windows XP 64bit, Windows 2003 Server,
*** Info: or later.  On these systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).

*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.

*** Info: Note that creating a new user requires that the current account
*** Info: have Administrator privileges itself.

*** Info: No privileged account could be found.

*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'cyg_server'? (yes/no) yes
*** Info: Please enter a password for new user cyg_server.  Please be sure
*** Info: that this password matches the password rules given on your system.
*** Info: Entering no password will exit the configuration.
*** Query: Please enter the password:
*** Query: Reenter:

*** Info: User 'cyg_server' has been created with password 'XXXXXXXXXX'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'cyg_server' account.

*** Info: Also keep in mind that the user 'cyg_server' needs read permissions
*** Info: on all users' relevant files for the services running as 'cyg_server'.
*** Info: In particular, for the sshd server all users' .ssh/authorized_keys
*** Info: files must have appropriate permissions to allow public key
*** Info: authentication. (Re-)running ssh-user-config for each user will set
*** Info: these permissions correctly. [Similar restrictions apply, for
*** Info: instance, for .rhosts files if the rshd server is running, etc].


*** Info: The sshd service has been installed under the 'cyg_server'
*** Info: account.  To start the service now, call `net start sshd' or
*** Info: `cygrunsrv -S sshd'.  Otherwise, it will start automatically
*** Info: after the next reboot.

*** Info: Host configuration finished. Have fun!
-----------------------------------------------------------

此外，“ cyg_server”是一个可见帐户，可用于Windows登录，但“ sshd”似乎已隐藏。因此，我得出的结论是我必须添加另一个第3个帐户才能正确使用SSH，这似乎很疯狂！

EDIT-1：不仅如此，sshd帐户还具有从安装开始设置40天的密码到期日期，并具有密码（根据WMIC）。（在ssh设置过程中，从未要求我输入此帐户的密码。）

正在执行wmic useraccount get AccountType,...,Status：

AccountType  Disabled  Lockout  Name           PasswordChangeable  PasswordExpires  PasswordRequired  Status    
512          FALSE     FALSE    cyg_server     TRUE                FALSE            TRUE              OK        
512          TRUE      FALSE    sshd           TRUE                TRUE             TRUE              Degraded  

和net user sshd：

User name                    sshd
Full Name                    sshd privsep
Comment                      
User's comment               
Country/region code          000 (System Default)
Account active               No
Account expires              Never
Password last set            2014-03-01 23:20:19
Password expires             2014-04-12 23:20:19
Password changeable          2014-03-01 23:20:19
Password required            Yes
User may change password     Yes
Workstations allowed         All
Logon script                 
User profile                 
Home directory               C:\cygwin64\var\empty
Last logon                   Never
Logon hours allowed          All
Local Group Memberships      *Users                
Global Group memberships     *None                 
The command completed successfully.

因此，这又引发了两个问题：

1. 设置的密码是什么，为什么没有通知用户？
2. 为什么此密码有有效期？

编辑2：无法进入Cygwin开发人员列表，我不得不自己做进一步的调查。到目前为止，我对问题1尚无答案，但是用于设置的ssh-host-config脚本还有其他一些问题。最重要的是，您始终可以同时删除sshd和cyg_server帐户，并使用其设置作为参考来设置一个正确的管理员帐户。

问题2：Windows 8.1的默认密码有效期设置为42天。必须使用常规Windows工具（UI，WMIC，网络用户等）更改或禁用此功能。

更新2019：此答案和问题已过时。参见Bill_Stewart的答案。

从 man 5 sshd_config

 UsePrivilegeSeparation
     Specifies whether sshd separates privileges by creating an
     unprivileged child process to deal with incoming network traffic.
     After successful authentication, another process will be created
     that has the privilege of the authenticated user.  The goal of
     privilege separation is to prevent privilege escalation by con-
     taining any corruption within the unprivileged processes.  The
     default is "yes".

因此，sshd需要两种类型的帐户：

1. 具有的能力setuid。
2. 一个非特权帐户。

安装脚本说明普通的SYSTEM帐户没有setuid特权，因此需要其他特权帐户。

至于为什么ssh-host-config创建两个用户帐户，大多数由Dan回答。有关为何需要单独帐户的更多信息，setuid可以在这里找到，这是一个复杂的过程。

至于您的第一个子问题，我相信它也是默认值，例如/usr/share/csih/cygwin-service-installation-helperssh-host-config使用的密码expiry-in ，用户是这样创建的（使用Windows net命令），${unpriv_user}名称在哪里，例如sshd，您已选择它，它${dos_var_empty}是Windows / DOS样式的路径/var/empty：

net user "${unpriv_user}" /add /fullname:"${unpriv_user} privsep" \
"/homedir:${dos_var_empty}" /active:no

Microsoft的文档说/passwordreq，如果需要密码，则默认值是yes，然后Windows会分配一些默认密码（可能是因为未指定密码，尤其是因为/active:no）。

对于第二个子问题，就像您在第二次编辑中所说的那样，至少对于Windows 8.1 Pro，默认值似乎是42天后的密码到期，尽管我的帐户或新cyg_server帐户均未启用该密码。这可能是由于相同的组合- cyg_server指定了一个密码并处于活动状态，但是sshd没有指定一个密码且处于非活动状态（可能是在激活帐户时强制分配密码）。如果您想知道确切的详细信息，我可能会尝试创建更多类似的帐户并关闭/指定密码，然后看看会发生什么。

原始答案

sshdCygwin实际上不使用单独的禁用帐户（有一个例外；请参阅下文）。我在Cygwin邮件列表中询问了此问题：

是否仍然需要sshd禁用的用户帐户？

Corinna Vinschen（Cygwin维护者）的回复如下：

不，实际上不是。如今，sshd服务器检查是否应使用privsep chrrot [sic]环境，以及该进程是否在“ root：root”下启动。在Cygwin下这永远不会匹配，因此我们可以放弃sshd用户要求。

（请参阅https://cygwin.com/ml/cygwin/2019-01/msg00120.html）

关于仅sftp的更新

以上是正确的，因为该sshd帐户不是严格要求的。您唯一需要的时间是，如果您想使用中的ChrootDirectory设置sshd_config将帐户限制为仅SFTP。

FWIW，我创建了一个软件包，该软件包提供了一个易于使用的安装程序，用于配置CySSH的OpenSSH的Cygwin版本（以及其他几个工具，包括rsync）。如果有人感兴趣，它在GitHub上：

https://github.com/Bill-Stewart/CygSSH

软件包中的文档描述了sshd使用该帐户的情况。