Mail Archives: cygwin/2002/10/10/16:07:24
Is there a way to detect this in a troubleshooting script?
The cygwin distribution has the following:
1. A script (or set of scripts) to help the user install/setup
a sshd service.
2. Some documentation (primarily /usr/doc/Cygwin/openssh*) to give
instructions and pointers.
What is sorely needed is a (shell? perl?) script(s) that can be run
which will help diagnose these problems, i.e., missing
files/directories,
invalid permissions, invalid configurations, invalid keys, etc.
> -----Original Message-----
> From: lhall AT pop DOT ma DOT ultranet DOT com [mailto:lhall AT pop DOT ma DOT ultranet DOT com]
> Sent: Thursday, October 10, 2002 3:30 PM
> To: david AT purplebear DOT net; cygwin AT cygwin DOT com
> Subject: Re: sshd problems
>
>
> If you installed via setup and installed for "All Users", you
> should have
> the same mount points needed for both your user and for SYSTEM if you
> didn't
> subsequently edit these mount points. In any case, you
> should be able to
> recover by remounting them like so:
>
> mount -f -s -b "<DOS path to cygwin installation>" /
> mount -f -s -b "<DOS path to cygwin installation>/bin" /usr/bin
> mount -f -s -b "<DOS path to cygwin installation>/lib" /usr/lib
>
> where <DOS path to cygwin installation> would be something
> like C:/cygwin.
>
> Larry
>
>
> Original Message:
> -----------------
> From: David Monk david AT purplebear DOT net
> Date: Thu, 10 Oct 2002 14:05:28 -0500
> To: cygwin AT cygwin DOT com
> Subject: Re: sshd problems
>
>
> A further update on this issue. If I do some forcing, ie.
> using an alternate
> key and chowning /var/empty to myself, I _can_ get sshd to
> run. I can't
> login, but it does run.
> Keeping in mind the weird c:\var\log\sshd.log file
> appearance, I tested it
> out. I deleted c:\var. I started sshd from the shell as
> /usr/sbin/sshd -h
> /home/dmonk/ssh_host_rsa_key -d -d -d. It ran and no
> c:\var\log\sshd.log was
> created. However, when I tried to start the service, the
> c:\var\log\sshd.log
> was created. Somehow, when it runs as LocalSystem, it does
> not have the
> proper cygwin mount points available. This may be the root of
> the issue. How
> can this be fixed?
>
> David
>
> ----- Original Message -----
> From: "David Monk" <david AT purplebear DOT net>
> To: "Harig, Mark A." <maharig AT idirect DOT net>; "Len Giambrone"
> <frodo AT mit DOT edu>
> Cc: <cygwin AT cygwin DOT com>
> Sent: Thursday, October 10, 2002 1:53 PM
> Subject: Re: sshd problems
>
>
> > >From the default installation, then ssh-host-config
> perspective of this
> now,
> > my /var/empty looked like this immediately following
> ssh-host-config:
> >
> > drwxrwxrwx 2 system system 0 Oct 10 13:18 /var/empty
> >
> > Well, the date was different, as I have deleted and
> recreated it manually
> a
> > couple times trying to get this working.
> > Changing it to what you show:
> >
> > drwxr-xr-x 2 system system 0 Oct 10 13:18 /var/empty
> >
> > gives the following, using a separate key to even get sshd to run:
> >
> > $ /usr/sbin/sshd -h /home/dmonk/ssh_host_rsa_key -d -d -d
> > debug1: sshd version OpenSSH_3.4p1
> > debug3: Not a RSA1 key file /home/dmonk/ssh_host_rsa_key.
> > debug1: read PEM private key done: type RSA
> > debug1: private host key: #0 type 1 RSA
> > Disabling protocol version 1. Could not load host key
> > Bad owner or mode for /var/empty
> >
> >
> > Looking through the archives shows there have been a lot of recent
> problems
> > with sshd. My current question is, does anyone now have
> sshd running as a
> > service, using privsep on Windows 2000 with an NTFS filesystem? I am
> > beginning to wonder if it could be due to service pack 3. That was a
> recent
> > update to this system. Unfortunately, I only use sshd on
> this system when
> I
> > need to do things from home, so I can not pinpoint exactly
> when this issue
> > appeared.
> >
> > David
> >
> >
> > ----- Original Message -----
> > From: "Harig, Mark A." <maharig AT idirect DOT net>
> > To: "David Monk" <david AT purplebear DOT net>; "Len Giambrone"
> <frodo AT mit DOT edu>
> > Cc: <cygwin AT cygwin DOT com>
> > Sent: Thursday, October 10, 2002 1:41 PM
> > Subject: RE: sshd problems
> >
> >
> > According to /usr/doc/Cygwin/openssh-3.4p1-5.README:
> >
> > >The new ssh-host-config script also adds the /var/empty directory
> > >needed by privilege separation. When creating the
> /var/empty directory
> > >by yourself, please note that in contrast to the README.privsep
> > document
> > >the owner sshould not be "root" but the user which is running sshd.
> > So,
> > >in the standard configuration this is SYSTEM. The ssh-host-config
> > script
> > >chowns /var/empty accordingly.
> >
> > In /usr/bin/ssh-host-config is the following code:
> >
> > ># Create /var/empty file used as chroot jail for privilege
> separation
> > >if [ -f /var/empty ]
> > >then
> > > echo "Creating /var/empty failed\!"
> > >else
> > > mkdir -p /var/empty
> > > # On NT change ownership of that dir to user "system"
> > > if [ $_nt -gt 0 ]
> > > then
> > > chown system.system /var/empty
> > > fi
> > >fi
> >
> > For me, I have the following permissions:
> >
> > $ ls -ld /var/empty
> > drwxr-xr-x 2 SYSTEM SYSTEM 0 Jul 24 11:39 /var/empty
> >
> > > -----Original Message-----
> > > From: David Monk [mailto:david AT purplebear DOT net]
> > > Sent: Thursday, October 10, 2002 2:31 PM
> > > To: Len Giambrone
> > > Cc: cygwin AT cygwin DOT com
> > > Subject: Re: sshd problems
> > >
> > >
> > > Generating a new key worked, as far as finding the key
> goes. Then it
> > > presented me with a /var/empty ownership or permissions
> > > issue. So, thinking
> > > along the same lines, I chaned owner of that dir to myself.
> > > Finally, sshd
> > > runs. Not as a service unfortunately, but it does run. Also
> > > unfortunately, I
> > > can not log in under these circumstances. I get a password
> > > prompt, but it
> > > never accepts it. I can only guess this has something to do
> > > with privlege
> > > separation.
> > >
> > > Anyway, the main problem here, from the beginning of this
> > > thread, is that
> > > openssh was working fine, running as a service, using
> > > privlege separation
> > > until approx 2 weeks ago. The only thing I could have
> > > possibly done to break
> > > that was updating packages. So, somewhere, something in
> > > cygwin changed.
> > > Either specifically with the openssh package or with the some
> > > other aspect,
> > > but something has definitely changed. Again, this was working
> > > beautifully I
> > > know for absolute certainty 3 weeks ago, the server running
> > > as a service via
> > > cygrunsrv, utilizing the privlege separation. The only things
> > > that have been
> > > done to this system over the last few months has been regular
> > > virus updates,
> > > updates for Windows and cygwin updates. I have not messed with any
> > > configuration files, nor have I changed any file permissions
> > > within cygwin
> > > of it's file tree to cause this.
> > >
> > > David
> >
> > (a huge amount of text deleted)
> >
> > --
> > Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> > Bug reporting: http://cygwin.com/bugs.html
> > Documentation: http://cygwin.com/docs.html
> > FAQ: http://cygwin.com/faq/
> >
> >
> >
>
>
> --
> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting: http://cygwin.com/bugs.html
> Documentation: http://cygwin.com/docs.html
> FAQ: http://cygwin.com/faq/
>
>
> --------------------------------------------------------------------
> mail2web - Check your email from the web at
> http://mail2web.com/ .
>
>
>
> --
> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting: http://cygwin.com/bugs.html
> Documentation: http://cygwin.com/docs.html
> FAQ: http://cygwin.com/faq/
>
>
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -