Mail Archives: cygwin/2002/10/10/15:53:35
From the default installation, then ssh-host-config perspective of this now,
my /var/empty looked like this immediately following ssh-host-config:
drwxrwxrwx 2 system system 0 Oct 10 13:18 /var/empty
Well, the date was different, as I have deleted and recreated it manually a
couple times trying to get this working.
Changing it to what you show:
drwxr-xr-x 2 system system 0 Oct 10 13:18 /var/empty
gives the following, using a separate key to even get sshd to run:
$ /usr/sbin/sshd -h /home/dmonk/ssh_host_rsa_key -d -d -d
debug1: sshd version OpenSSH_3.4p1
debug3: Not a RSA1 key file /home/dmonk/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
Disabling protocol version 1. Could not load host key
Bad owner or mode for /var/empty
Looking through the archives shows there have been a lot of recent problems
with sshd. My current question is, does anyone now have sshd running as a
service, using privsep on Windows 2000 with an NTFS filesystem? I am
beginning to wonder if it could be due to service pack 3. That was a recent
update to this system. Unfortunately, I only use sshd on this system when I
need to do things from home, so I can not pinpoint exactly when this issue
appeared.
David
----- Original Message -----
From: "Harig, Mark A." <maharig AT idirect DOT net>
To: "David Monk" <david AT purplebear DOT net>; "Len Giambrone" <frodo AT mit DOT edu>
Cc: <cygwin AT cygwin DOT com>
Sent: Thursday, October 10, 2002 1:41 PM
Subject: RE: sshd problems
According to /usr/doc/Cygwin/openssh-3.4p1-5.README:
>The new ssh-host-config script also adds the /var/empty directory
>needed by privilege separation. When creating the /var/empty directory
>by yourself, please note that in contrast to the README.privsep
document
>the owner sshould not be "root" but the user which is running sshd.
So,
>in the standard configuration this is SYSTEM. The ssh-host-config
script
>chowns /var/empty accordingly.
In /usr/bin/ssh-host-config is the following code:
># Create /var/empty file used as chroot jail for privilege separation
>if [ -f /var/empty ]
>then
> echo "Creating /var/empty failed\!"
>else
> mkdir -p /var/empty
> # On NT change ownership of that dir to user "system"
> if [ $_nt -gt 0 ]
> then
> chown system.system /var/empty
> fi
>fi
For me, I have the following permissions:
$ ls -ld /var/empty
drwxr-xr-x 2 SYSTEM SYSTEM 0 Jul 24 11:39 /var/empty
> -----Original Message-----
> From: David Monk [mailto:david AT purplebear DOT net]
> Sent: Thursday, October 10, 2002 2:31 PM
> To: Len Giambrone
> Cc: cygwin AT cygwin DOT com
> Subject: Re: sshd problems
>
>
> Generating a new key worked, as far as finding the key goes. Then it
> presented me with a /var/empty ownership or permissions
> issue. So, thinking
> along the same lines, I chaned owner of that dir to myself.
> Finally, sshd
> runs. Not as a service unfortunately, but it does run. Also
> unfortunately, I
> can not log in under these circumstances. I get a password
> prompt, but it
> never accepts it. I can only guess this has something to do
> with privlege
> separation.
>
> Anyway, the main problem here, from the beginning of this
> thread, is that
> openssh was working fine, running as a service, using
> privlege separation
> until approx 2 weeks ago. The only thing I could have
> possibly done to break
> that was updating packages. So, somewhere, something in
> cygwin changed.
> Either specifically with the openssh package or with the some
> other aspect,
> but something has definitely changed. Again, this was working
> beautifully I
> know for absolute certainty 3 weeks ago, the server running
> as a service via
> cygrunsrv, utilizing the privlege separation. The only things
> that have been
> done to this system over the last few months has been regular
> virus updates,
> updates for Windows and cygwin updates. I have not messed with any
> configuration files, nor have I changed any file permissions
> within cygwin
> of it's file tree to cause this.
>
> David
(a huge amount of text deleted)
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -