Mail Archives: cygwin/2003/02/21/13:38:16
Prentis,
Replies scattered inline below.
On Fri, 21 Feb 2003, Prentis Brooks wrote:
> Hey Gang,
> I have run into a very odd behavior. I have not found anything
> in the lists where this has been discussed so I am posing it
> here. In short, I appear to get a different mount behavior
> depending upon whether I get a full interactive ssh session or a
> batch session (where I send the command in the line).
Hmm, this is really not mount, it's more like the setting of your $HOME...
> For Example:
>
> Interactive looks fine ->
>
> <(prentis AT diva):(prentis)> sudo ssh webhost-n01
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle
> attack)!
> It is also possible that the RSA1 host key has just been changed.
> The fingerprint for the RSA1 key sent by the remote host is
> 59:ab:69:99:cb:43:4e:d3:b7:7f:26:dc:54:a4:f0:be.
> Please contact your system administrator.
> Add correct host key in /.ssh/known_hosts to get rid of this message.
> Offending key in /.ssh/known_hosts:6912
> Password authentication is disabled to avoid man-in-the-middle attacks.
The above is normal ssh behavior if the host key is changed. Add the new
host key to the known_hosts file.
> Last login: Fri Feb 21 12:34:01 2003 from diva.web.aol.com
> Fanfare!!!
> You are successfully logged in to this server!!!
>
> root AT WEBHOST-N01 ~
> $ ls -la /
> total 122
> drwxrwxrwt+ 11 Administ 65535 4096 Feb 6 11:46 .
> drwxrwxrwt+ 11 Administ 65535 4096 Feb 6 11:46 ..
> drwxrwxrwt+ 3 Administ 65535 73728 Dec 17 12:57 bin
> -rwxrwxrwx+ 1 Administ 65535 64 Dec 17 12:57 cygwin.bat
> -rwxrwxrwx+ 1 Administ 65535 766 Dec 17 12:57 cygwin.ico
> drwxrwxrwx+ 3 root Domain U 0 Feb 6 11:46 data
> drwxrwxrwt+ 9 Administ 65535 8192 Feb 4 15:19 etc
> drwxrwxrwt+ 5 Administ 65535 0 Feb 4 15:19 home
> drwxrwxrwt+ 9 Administ 65535 20480 Dec 17 12:57 lib
> drwxrwxrwx+ 2 root Domain U 0 Feb 4 15:19 logs
> drwxrwxrwt+ 2 Administ 65535 4096 Feb 6 14:42 tmp
> drwxrwxrwt+ 14 Administ 65535 4096 Dec 17 12:54 usr
> drwxrwxrwt+ 8 Administ 65535 4096 Dec 17 13:02 var
Umm, ok, looks like your /etc/{passwd,group} are not up to date... You
are logging in as a domain user, I presume.
> But inline ->
>
> <(prentis AT diva):(prentis)> sudo ssh webhost-n01 'ls -la /'
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle
> attack)!
> It is also possible that the RSA1 host key has just been changed.
> The fingerprint for the RSA1 key sent by the remote host is
> 59:ab:69:99:cb:43:4e:d3:b7:7f:26:dc:54:a4:f0:be.
> Please contact your system administrator.
> Add correct host key in /.ssh/known_hosts to get rid of this message.
> Offending key in /.ssh/known_hosts:6912
> Password authentication is disabled to avoid man-in-the-middle attacks.
> -rwxrwxrwx 1 Administ NETWORK 0 May 23 2001 AUTOEXEC.BAT
> -rwxrwxrwx 1 Administ Administ 0 May 23 2001 BOOT.BAK
> drwxrwxrwx 1 Administ Administ 0 May 23 2001 COMPAQ
> -rwxrwxrwx 1 Administ NETWORK 0 May 23 2001 CONFIG.SYS
> drwxrwxrwx 1 Administ NETWORK 0 May 23 2001 CPQSYSTEM
> prwxrwxrwx 1 Administ NETWORK 0 May 23 2001 IO.SYS
> prwxrwxrwx 1 Administ NETWORK 0 May 23 2001 MSDOS.SYS
> drwxrwxrwx 1 Administ NETWORK 4096 Mar 26 2002 Program Files
> drwx---rwx 1 Administ Domain U 0 Mar 25 2002 RECYCLER
> drwxrwxrwx 1 Administ NETWORK 4096 Apr 26 2002 TEMP
> drwxrwxrwx 1 Administ Administ 14336 Nov 12 13:05 WINNT
> prwx---r-x 1 Administ Administ 278 May 23 2001 boot.ini
> -rwx---rwx 1 Administ Domain A 421 Mar 26 2002 ckSAP.log
> drwx---rwx 1 Administ Domain A 0 Dec 17 12:52 cygwin
> drwxrwxrwx 1 root Administ 0 Feb 4 15:18 data
> drwx---rwx 1 Administ Domain A 0 Dec 17 12:52 nt-bcs
> prwx---r-x 1 Administ Administ 26816 May 23 2001 ntdetect.com
> prwx---r-x 1 Administ Administ 156496 May 23 2001 ntldr
> -rwxrwxrwx 1 Administ NETWORK 200 May 23 2001 setup.log
> -rwx---rwx 1 prentis Domain A 3421 Apr 2 2002 ssh_files.txt
> drwx---rwx 1 Administ Domain U 0 Feb 21 2002 tools
> -rw-rw-rw- 1 prentis Domain A 262733 Feb 12 2002 tools.tar.gz
> ls: pagefile.sys: Permission denied
>
> I see C:\ rather than C:\nt-bcs\cygwin\
Yes, and with different "ls"s, too... :-)
> I am including a cygcheck -s called inline so that you can see as much
> of the environment it should be getting as possible.
Next time, please *attach* it, as uncompressed text, as per
<http://cygwin.com/bugs.html>. Thanks.
> This installation is being put in a directory other than C:\cygwin, but
> I don't think that should cause this problem.
You're right, it shouldn't.
> Has anyone seen anything similar and can give a new direction to look?
>
> Cygcheck output ->
>
> Cygwin Win95/NT Configuration Diagnostics
> Current System Time: Fri Feb 21 12:44:25 2003
>
> Windows NT Ver 4.0 Build 1381 Service Pack 5
>
> Path: d:\Perl\bin\
> c:\WINNT\system32
> c:\WINNT
> c:\Program Files\Symantec\pcAnywhere
> c:\WINNT\System32\WBEM
> d:\resourcekit
> c:\cygwin\bin
> c:\cygwin\usr\bin
> c:\Program Files\NetIQ\AppManager\bin
> c:\Program Files\NetIQ\Common\bin
> c:\nt-bcs\cygwin\bin
Hmm, the above should be your first clue. You do have "c:\cygwin\bin" in
the path *before* "c:\nt-bcs\cygwin\bin"... Also, you have a
"d:\resourcekit"... Something to think about.
> SysDir: C:\WINNT\System32
> WinDir: C:\WINNT
>
> CYGWIN = `binmode ntsec tty'
> HOME = `c:\nt-bcs\cygwin\home\root'
> PWD = `/home/root'
> USER = `root'
>
> Use `-r' to scan registry
>
> a: fd N/A N/A
> c: hd NTFS 4044Mb 27% CP CS UN PA FC
> d: hd NTFS 8199Mb 75% CP CS UN PA FC
> f: cd N/A N/A
>
> . /cygdrive user binmode,cygdrive
> c:\nt-bcs\cygwin / system binmode
> c:\nt-bcs\cygwin/bin /usr/bin system binmode
> c:\nt-bcs\cygwin/lib /usr/lib system binmode
> . /cygdrive user binmode,cygdrive
>
> Found: c:\nt-bcs\cygwin\bin\bash.exe
> Found: d:\resourcekit\cat.exe
^^^^^^^^^^^^^^^^^^^^^^
> Found: c:\nt-bcs\cygwin\bin\cat.exe
> Not Found: cpp (good!)
> Found: d:\resourcekit\find.exe
^^^^^^^^^^^^^^^^^^^^^^^
> Found: c:\nt-bcs\cygwin\bin\find.exe
> Not Found: gcc
> Found: c:\nt-bcs\cygwin\bin\gdb.exe
> Found: c:\nt-bcs\cygwin\bin\ld.exe
> Found: d:\resourcekit\ls.exe
^^^^^^^^^^^^^^^^^^^^^
> Found: c:\nt-bcs\cygwin\bin\ls.exe
> Found: c:\nt-bcs\cygwin\bin\make.exe
> Found: d:\resourcekit\sh.exe
^^^^^^^^^^^^^^^^^^^^^
> Found: c:\nt-bcs\cygwin\bin\sh.exe
Some more clues above, marked with "^^^^^^". Also, what's your login
shell in /etc/passwd?
> [snip]
> 923k 2002/11/27 c:\nt-bcs\cygwin\bin\cygwin1.dll
> Cygwin DLL version info:
> DLL version: 1.3.17
> [snip]
The above is kind of old... You sure you don't want to upgrade? 1.3.20
is the latest version so far.
One thing to try is this:
sudo ssh webhost-n01 /bin/bash -c "id;pwd;type -a ls;echo \$CYGWIN"
and post the output. You may also try giving the quoted command to
the interactive shell and posting the result.
Igor
--
http://cs.nyu.edu/~pechtcha/
|\ _,,,---,,_ pechtcha AT cs DOT nyu DOT edu
ZZZzz /,`.-'`' -. ;-;;,_ igor AT watson DOT ibm DOT com
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
Oh, boy, virtual memory! Now I'm gonna make myself a really *big* RAMdisk!
-- /usr/games/fortune
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -