Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Message-ID:	<4356C583.4719DB71@dessent.net>
Date:	Wed, 19 Oct 2005 15:15:31 -0700
From:	Brian Dessent <brian AT dessent DOT net>
MIME-Version:	1.0
To:	cygwin AT cygwin DOT com
Subject:	Re: sshd refuses ssh connections
References:	<BAYC1-PASMTP02C22AFAD2B236E5F46775C6700 AT CEZ DOT ICE> <435684E8 DOT 4040800 AT equate DOT dyndns DOT org> <BAYC1-PASMTP052431A24A326EC049E659C6700 AT CEZ DOT ICE> <43569987 DOT 7050104 AT equate DOT dyndns DOT org>
X-IsSubscribed:	yes
Reply-To:	cygwin AT cygwin DOT com

Chris Taylor wrote:

> >>>i followed all instructions from:
> >>>http://pigtail.net/LRP/printsrv/cygwin-sshd.html

You should ask the administrator of pigtail.net for help then.  We don't
support other sites here.

> >>>The process is running:
> >>>p4-3000:marcj:{/home/marcj}160 % ps -ef
> >>>...
> >>>  SYSTEM     480     728   ?  00:48:33 /usr/sbin/sshd
> >>>
> >>>
> >>>and the port 22 is listening:
> >>>p4-3000:marcj:{/etc}183 % netstat -an
> >>>
> >>>Active Connections
> >>>
> >>>  Proto  Local Address          Foreign Address        State
> >>>  TCP    0.0.0.0:22             0.0.0.0:0              LISTENING

It looks like a firewall problem then.

> >>Could you stop the service, as described on the page you mention, and
> >>then start it manually by doing the following:
> >>
> >>sshd -D -dd

This is bad advice.  Don't try running sshd from a non-SYSTEM account
unless you know what you're doing.

>  > Disabling protocol version 1. Could not load host key
>  > Disabling protocol version 2. Could not load host key
>  > sshd: no hostkeys available -- exiting.
> 
> Well, this is definitely why it's not working.

No, it's a red herring.  The host keys should be readable only by the
process that runs sshd.  This must be SYSTEM in order for impersonation
to work.  Thus they should be readable only by SYSTEM, and that is how
ssh-host-config sets things up, correctly.  So if you try to run sshd as
your normal user account, it will not work.  That's why it's a bad idea
to mess around with running sshd from a regular prompt, because you will
run into all kinds of permissions/ownership issues unless you know
precisely what you're doing.

To the original poster:

Start over.  Forget anything you read on pigtail.net.  Delete all traces
of whatever you've tried to do so far.  Now run ssh-host-config and let
it do everything.  Start the service.  Do not even think about trying to
run sshd directly from a prompt.  If the service is running, and the
process is listening on the port, and you still get "Connection refused"
then it's a firewall or winsock issue.  Look at the event log and
/var/log/sshd.log for any messages.

Brian

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -