Cygwin - Create and Add Users
Last Updated: 03/23/14
This guide is the fifth part of my Cygwin SSH server series and assumes that the first four guides have already been completed. If you have not yet completed those article, click here to go to the first article. This article is broken up into two sections – Creating a Windows User and Adding New Users to the Server. The first part is by no means Cygwin specific and can be followed to create new Windows users. The second part will go over how to sync the Windows users with the server.
Creating a Windows User
As with the previous tutorial, we will be using the Computer Management utility. This can be accessed by opening the start menu and typing “%windir%\system32\compmgmt”. In the items that appear, click on “compmgmt.msc”.
Expand the “Local Users and Groups” category.
Click on “Users”.
In the white-space in the central section where all of the users are listed, right-click and then click “New User…”.
You will see the screen shown below. Take note of the default settings.
Give your user a username and password. Make sure that the password is secure, as weak passwords (like the one used below) create entry points that can be broken into. If you wish to have fixed passwords set by the admin only, you may check the fields shown below. The settings you choose are completely optional, just make sure that the “Account is disabled” option is left unchecked.
At this point, a new Windows user has been created. To add the newly created user to the user group, read on.
Adding New Users to the Server
Part I – Add user to user group
Now that your user has been creating, you need to add the user to the previously created sshUsers user group. To do this, right-click on the user you just added and click on “Properties”.
In the window that appears, click on the “Member Of” tab.
Click on “Add…”.
Click “Find Now”.
Click on the user group you created for the server in the previous tutorial, sshUsers. Click on “OK” once the group name is selected.
If you wish to separate your SSH users from your local users, you may remove the “Users” group by selecting it and click on “Remove”; otherwise, click “OK”.
At this point a user has been created and added to the user group; however, the user will still not be able to login to the server. To synchronize the Windows users with the server read on.
Part II – Sync ALL Windows user(s) to the server
Before we continue, some notes should be made about this next step. By running these next set of commands you will grant access to ALL users on your computer to your SSH server. Before executing this command you should make sure that you fully understand what that entails. In other words, if you have local users with insecure passwords do NOT do this next step. You should only do this if all of the users have secure passwords and you wish to grant all users access to your server. Limiting the commands to only adding the users in the sshUsers user group will not be covered; however, detailed explanation of the two commands can be found here and here.
Now that all of the warnings have been stated, and hopefully at this point you have at least looked at the referenced links above, it is time to sync the Windows users to the server. To do this, type the commands shown below in the terminal.
mkpasswd --local > /etc/passwd mkgroup --local > /etc/group
This concludes the fifth part of my Cygwin SSH server series. The next article covers how to configure the Windows Firewall. Click here to link to that article.