Configuration Common Windows: Difference between revisions

MSYS2 on corporate PC

• Use installer msys2-x86_64-20240507.ex.

• Issue Install is stuck at 50% (see Issue #2580).
• Looking in task manager with see a bash process, running /usr/bin/pacman-key --refresh-keys.
• We kill the process and let the install proceed.

• Setup http_proxy variables in .bashrc, see Proxy.
• Tell pacman to use our corporate certificates.

• Collect corporate root certificate by visiting one of the msys2 repository (https://repo.msys2.org) (see SO for chrome).
• Append corporate ROOT and intermediate SSL certificates (in Base64 format, see SSL) into etc/ssl/certs/ca-bundle.crt.
• Alternatively, copy all certificate in /etc/pki/ca-trust/source/anchors/ (in PEM format), then run update-ca-trust (but didn't seem to work for me).
• Edit /etc/pacman.conf, here using curl:

XferCommand = /usr/bin/curl --cacert /etc/ssl/certs/ca-bundle.crt -L -C - -f -o %o %u

• Alternatively use option --ca-directory=/usr/ssl/certs with wget.

• Install a few packages:

pacman -S openssh openssl vim base base-devel gcc procps

• Download, build and install autossh (autossh-1.4e.tgz).
• Download, build and install connect-proxy (https://github.com/larryhou/connect-proxy.git, commit 63a650a)
• Install Git For Windows.
• Setup auto ssh forward for IMAP:

• This assumes that the SSH key shares the same password as the proxy
• File bin/echo-proxy-pass:

#!/bin/bash
echo "$HTTP_PROXY_PASSWORD"
unset HTTP_PROXY_PASSWORD

• File bin/startup.sh:

# Add our ssh keys - eval because ssh-add.list contains '~'
DISPLAY="0:0" SSH_ASKPASS="echo-proxy-pass" SSH_ASKPASS_REQUIRE=force ssh-add  ~/.ssh/id_ed25519_winmail < /dev/null
pgrep -x autossh > /dev/null || autossh -M 0 -f -N -n -q -L 9143:localhost:9143 -L 9025:localhost:9025 ovhi
# Check that ssh is running fine (must keep same PID)
ps faux|grep "bin/ssh$" && sleep 2 && ps faux|grep "bin/ssh$"