Mail Archives: cygwin/2002/10/10/16:15:23
I would also try running sshd as a service configured with
cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a "-D -e" -e "CYGWIN=binmode ntsec tty"
This will throw *all* your logging into /var/log/sshd.log rather than into the
event log, and may provide some insight.
-Len
"Harig, Mark A." <maharig AT idirect DOT net> writes:
> According to /usr/doc/Cygwin/openssh-3.4p1-5.README:
>
> >The new ssh-host-config script also adds the /var/empty directory
> >needed by privilege separation. When creating the /var/empty directory
> >by yourself, please note that in contrast to the README.privsep
> document
> >the owner sshould not be "root" but the user which is running sshd.
> So,
> >in the standard configuration this is SYSTEM. The ssh-host-config
> script
> >chowns /var/empty accordingly.
>
> In /usr/bin/ssh-host-config is the following code:
>
> ># Create /var/empty file used as chroot jail for privilege separation
> >if [ -f /var/empty ]
> >then
> > echo "Creating /var/empty failed\!"
> >else
> > mkdir -p /var/empty
> > # On NT change ownership of that dir to user "system"
> > if [ $_nt -gt 0 ]
> > then
> > chown system.system /var/empty
> > fi
> >fi
>
> For me, I have the following permissions:
>
> $ ls -ld /var/empty
> drwxr-xr-x 2 SYSTEM SYSTEM 0 Jul 24 11:39 /var/empty
>
> > -----Original Message-----
> > From: David Monk [mailto:david AT purplebear DOT net]
> > Sent: Thursday, October 10, 2002 2:31 PM
> > To: Len Giambrone
> > Cc: cygwin AT cygwin DOT com
> > Subject: Re: sshd problems
> >
> >
> > Generating a new key worked, as far as finding the key goes. Then it
> > presented me with a /var/empty ownership or permissions
> > issue. So, thinking
> > along the same lines, I chaned owner of that dir to myself.
> > Finally, sshd
> > runs. Not as a service unfortunately, but it does run. Also
> > unfortunately, I
> > can not log in under these circumstances. I get a password
> > prompt, but it
> > never accepts it. I can only guess this has something to do
> > with privlege
> > separation.
> >
> > Anyway, the main problem here, from the beginning of this
> > thread, is that
> > openssh was working fine, running as a service, using
> > privlege separation
> > until approx 2 weeks ago. The only thing I could have
> > possibly done to break
> > that was updating packages. So, somewhere, something in
> > cygwin changed.
> > Either specifically with the openssh package or with the some
> > other aspect,
> > but something has definitely changed. Again, this was working
> > beautifully I
> > know for absolute certainty 3 weeks ago, the server running
> > as a service via
> > cygrunsrv, utilizing the privlege separation. The only things
> > that have been
> > done to this system over the last few months has been regular
> > virus updates,
> > updates for Windows and cygwin updates. I have not messed with any
> > configuration files, nor have I changed any file permissions
> > within cygwin
> > of it's file tree to cause this.
> >
> > David
>
> (a huge amount of text deleted)
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -