X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; q=dns; s=
	default; b=N+sNlkJYIhkGPGdQu2wVYGX9yQQIYCqvah530LZnS4z15Pq+YkkZn
	nuIZ+YCYMQhvb9BS9oHpIVYwMCAzgBbHLb8c6MvqaYVTPgBLM+XIncGjuUHK3Lsk
	vjbEXA65g9y+Eh1fgmDodQ32jzajklJTGn90A5hDTjp3LmxDqVScqo=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; s=default;
	bh=DD0Uqm0e3YzH08w6Y2sJ/5QO740=; b=bKkYgZonoLdi6lyenWI4bp5snzpm
	6ZnUt1hTbNUJvPFzmj0HCL//4jbj+wygxRL3T/Ntjy9Ap8RKPSy7ZpTPbtyZNlNx
	1vhWAaCAz1tbKs75pmRin/THZZFHgAZmDnUzu1EhdRm5Q3w5SgKuYUdrLMCgrm1p
	0EUm4uIsF0cKjpc=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=2.7 required=5.0 tests=BAYES_05,FSL_HELO_BARE_IP_2,RCVD_IN_DNSWL_NONE,RCVD_NUMERIC_HELO,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS autolearn=no version=3.3.2
X-HELO:	plane.gmane.org
To:	cygwin AT cygwin DOT com
From:	Dan Greenspan <daniel DOT greenspan AT jhuapl DOT edu>
Subject:	Re: ssh logon failure
Date:	Fri, 25 Oct 2013 00:52:39 +0000 (UTC)
Lines:	32
Message-ID:	<loom.20131025T023724-855@post.gmane.org>
References:	<4FCF00EB DOT 2070600 AT gmail DOT com> <loom DOT 20120607T103956-836 AT post DOT gmane DOT org> <4FD07C1D DOT 5070909 AT gmail DOT com> <loom DOT 20130807T185544-35 AT post DOT gmane DOT org> <52028508 DOT 7000102 AT cygwin DOT com>
Mime-Version:	1.0
User-Agent:	Loom/3.14 (http://gmane.org/)
X-IsSubscribed:	yes

I experienced the "operation not permitted" problem as many others have.  

I had not changed my setup when the error was experienced, but I noticed 
that every computer which presented this difficulty was a work machine with 
our IT security suite installed.  On every PC _without_ an IT security 
package, cygwin sshd worked just fine out of the box. On any PC without a 
security package which subsequently had one installed, sshd stopped working.

Like at least one other user, I have concluded that my "evil" IT people are 
the root cause of the problem.  However, they are of no help whatsoever. By 
some combination of dumb luck, relentless hacking and bits of help online, I 
arrived at the following conslusions and solution:

Problem one: by default, cygwin sshd uses the windows log, which is hard to 
read and doesn't contain the desired diagnostic output. Fixing this revealed 
useful clues. 

Problem two: /var/empty had the incorrect owner.

THE FIX:

1) Setup cygwin's sshd normally by invoking: ssh-host-config -y (If you have 
been thrashing about trying to solve this problem and have changed 
permissions and config files, just run the script again to ensure that your 
setup is reasonable)
2) DON'T START sshd.
3) Issue "chown SYSTEM /var/empty"
4) Uninstall the default sshd service by invoking: cygrunsrv --remove sshd
5) Reinstall the service and make the sshd output go to /var/log/sshd.log by 
invoking: cygrunsrv -I sshd -d "Cygwin sshd" -p /usr/sbin/sshd -a '-D -e'

I hope this works for you.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -