-This package describes important Cygwin specific stuff concerning OpenSSH.
-
-The binary package is usually built for recent Cygwin versions and might
-not run on older versions. Please check http://cygwin.com/ for information
-about current Cygwin releases.
-
-Build instructions are at the end of the file.
-
-===========================================================================
-Important change since 3.7.1p2-2:
-
-The ssh-host-config file doesn't create the /etc/ssh_config and
-/etc/sshd_config files from builtin here-scripts anymore, but it uses
-skeleton files installed in /etc/defaults/etc.
-
-Also it now tries hard to create appropriate permissions on files.
-Same applies for ssh-user-config.
-
-After creating the sshd service with ssh-host-config, it's advisable to
-call ssh-user-config for all affected users, also already exising user
-configurations. In the latter case, file and directory permissions are
-checked and changed, if requireed to match the host configuration.
-
-Important note for Windows 2003 Server users:
----------------------------------------------
-
-2003 Server has a funny new feature. When starting services under SYSTEM
-account, these services have nearly all user rights which SYSTEM holds...
-except for the "Create a token object" right, which is needed to allow
-public key authentication :-(
-
-There's no way around this, except for creating a substitute account which
-has the appropriate privileges. Basically, this account should be member
-of the administrators group, plus it should have the following user rights:
-
- Create a token object
- Logon as a service
- Replace a process level token
- Increase Quota
-
-The ssh-host-config script asks you, if it should create such an account,
-called "sshd_server". If you say "no" here, you're on your own. Please
-follow the instruction in ssh-host-config exactly if possible. Note that
-ssh-user-config sets the permissions on 2003 Server machines dependent of
-whether a sshd_server account exists or not.
-===========================================================================
-
-===========================================================================
-Important change since 3.4p1-2:
-
-This version adds privilege separation as default setting, see
-/usr/doc/openssh/README.privsep. According to that document the
-privsep feature requires a non-privileged account called 'sshd'.
-
-The new ssh-host-config file which is part of this version asks
-to create 'sshd' as local user if you want to use privilege
-separation. If you confirm, it creates that NT user and adds
-the necessary entry to /etc/passwd.
-
-On 9x/Me systems the script just sets UsePrivilegeSeparation to "no"
-since that feature doesn't make any sense on a system which doesn't
-differ between privileged and unprivileged users.
-
-The new ssh-host-config script also adds the /var/empty directory
-needed by privilege separation. When creating the /var/empty directory
-by yourself, please note that in contrast to the README.privsep document
-the owner sshould not be "root" but the user which is running sshd. So,
-in the standard configuration this is SYSTEM. The ssh-host-config script
-chowns /var/empty accordingly.
-===========================================================================
-
-===========================================================================
-Important change since 3.0.1p1-2:
-
-This version introduces the ability to register sshd as service on
-Windows 9x/Me systems. This is done only when the options -D and/or
--d are not given.
-===========================================================================