X-Recipient:	archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status:	No, hits=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW
X-Spam-Check-By:	sourceware.org
MIME-Version:	1.0
Date:	Thu, 5 Jan 2012 16:50:48 -0800
Message-ID:	<CAPsepD09=KQVLKtJ5jsVujgH4xWpYL=tpDzW1qWvcVcwBY=qKQ@mail.gmail.com>
Subject:	Cygwin 1.7.9 + OpenSSH 5.9p1-1 Domain Service Account error "Bad file descriptor" after authentication [SOLVED]
From:	William Voyek <william DOT voyek AT gmail DOT com>
To:	cygwin AT cygwin DOT com
X-IsSubscribed:	yes
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com

In order to run a SSH server I installed Cygwin 1.7.9 + OpenSSH
5.9p1-1 on Windows 7 Enterprise SP1. I read the FAQ entry for setting
up sshd in a domain located at:
http://cygwin.com/faq-nochunks.html#faq.using.sshd-in-domain

After completing the install I proceeded to create the cyg_server
domain user account, a privileged service account group, and the
necessary Group Policy with the SeTcbPrivilege,
SeCreateTokenPrivilege, SeAssignPrimaryTokenPrivilege,
SeServiceLogonRight, SeDenyInteractiveLogonRight,
SeDenyRemoteInteractiveLogonRight privileges set for my service group.
I then created the /etc/group and /etc/passwd files including the
cyg_server account and ran the ssh-host-config script. I answered
"yes" to all questions except for the "Do you want to use a different
name?" to which I answered "no".

I then issued "net start sshd" and the CYGWIN sshd service started
successfully. To test I then issued "ssh localhost" and I was greeted
with a password prompt. After entering the proper password I was then
greeted with "Connection to localhost closed by remote host."

After doing some initial checking on the system I verified that the
service was running, that it was successfully authenticating my
account, but when creating the tty for the remote shell sshd was
throwing an error:

chown(/dev/tty1, 500, 513) failed: Bad file descriptor

I started searching the Cygwin mailing lists and discovered the following posts:

http://cygwin.com/ml/cygwin/2010-11/msg00199.html
http://cygwin.com/ml/cygwin/2011-03/msg00125.html
http://cygwin.com/ml/cygwin/2011-08/msg00016.html
http://cygwin.com/ml/cygwin/2011-08/msg00182.html

Unfortunately in the posts it appeared that no one had posted a
solution to the issue.

After uninstalling and reinstalling Cygwin countless times, a clean
Windows 7 install, and lots of hair pulling it appears I have
discovered what the issue was (at least in my case):

cyg_server must be a member of the *Local* Administrators group on the
machine running the service. It was not enough that the user account
is a member of the Administrators group for the domain.

I just wanted to post this in case someone else runs into this issue like I did.

William

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -