Mail Archives: cygwin/2006/05/30/17:18:10
> >> The symptoms do appear like a firewall issue like Larry Hall said,
> >
> > This is always a point to be rechecked. I just did it:
> > - All ssh.exe, ssh2.exe (Windows GUI client) and sshd.exe have full
> > permissions set to access and server;
> > - Logging on, but no log entries about these programs being blocked.
> >
> > Anyway, as I said before, all my tests were performed with firewall not
> > running. Should I try, for the sake of completeness, uninstalling it?
>
>No, have you tested with the Windows firewall running?
No, I never use Windows Firewall. My choice is Zone Alarm Pro. Even so, I
had included Port 22 in the Windows Firewall exception list, although
technically it should make no difference.
>Now try: netstat -anbv | grep -B 1 -A 2 ":22"
>should show only sshd.exe listening.
Now that's strange: in that verbose list there is no program listening on
port 22. The only reference to sshd is in the following block:
UDP 127.0.0.1:2186 *:* 2848
C:\WINDOWS\system32\ZoneLabs\vetredir.dll
C:\WINDOWS\system32\imslsp.dll
C:\WINDOWS\system32\ws2_32.dll
C:\cygwin\bin\cygwin1.dll
[sshd.exe]
The first DLL is a ZoneAlarm (firewall) one. This is curious, because that
DLL is around even if the firewall is off. (The service related to ZA's
firewall is called "TrueVector" and it is stopped in the Services list.) The
port (2186) varies from run to run.
But it appears in: netstat -an | grep ":22"
TCP 0.0.0.0:22 0.0.0.0:0 LISTENING
Not all entries listed by -an appear on -anbv.
>Also check: ps -a | grep sshd
>before and during a test. Is the UID 18? does the process have any suspend
>flags?
Changed to "ps -a | grep ssh" to include the client.
Before test:
3676 436 3676 2392 ? 18 17:52:14 /usr/sbin/sshd
During test:
3676 436 3676 2392 ? 18 17:52:14 /usr/sbin/sshd
I 4060 604 4060 2512 0 1003 17:54:12 /usr/bin/ssh
1560 3676 1560 2812 ? 18 17:54:12 /usr/sbin/sshd
That "I" on the client is significant, but as far as we've been discussing
this is somewhat expected (but not desired :-( ).
>During a test, the second sshd process is the interesting one, you could
>try to
>see what is doing (when it appears to be stuck) by using: strace -p $PID
>where the process id is from the above ps -a.
It can't proceed: it stops after the message "strace: couldn't attach to pid
3844 for debugging".
Doing strace to the original sshd.exe (the non-spawned one) reveals that
tons of things happen when I run "ssh localhost", but I can't interpret all
those gibberish output.
After all, I'm really suspicious about that ZoneAlarm DLL. But I think I can
only purge it if I uninstall the firewall. Oh my.
--
Best regards,
Vilar Camara Neto
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -