X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:to:cc:subject:in-reply-to
	:message-id:references:mime-version:content-type; q=dns; s=
	default; b=kgfx0l2MBEeyM0TnbniglYt4Ol3GNum1tvg1TdJKDBChHQvxFpjvw
	xuboyUppohGbIFPOSAnGoNXhftjdkkcJ9B7Lsbwe1i4484ZhqaK4kp7Dr2SnL/zA
	wG3R4Ka0P7uVpLw4oU6T3IDFSm0SW93xwkEH/LtsJBYvG78sVMw0ZE=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:to:cc:subject:in-reply-to
	:message-id:references:mime-version:content-type; s=default; bh=
	s07iiBeBh5qqpmGtb3xIUg9N+gE=; b=rU3lMK/vIP594A6HNyUwn0wWUZiFcAKB
	pL0Aslp36aVIOV9TNmSrUZmiqCIhyXXYhz35zha1mFhUf8ZQ6zqpM8XpwPcoRH0K
	DBp9TEMSdiLb6thaJC4rpdMi/0V29GRV/NuZksPuU2+BqJ0BrcqjsPqffEkENdTK
	2u2ViYi6L3E=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Spam-SWARE-Status:	No, score=-0.9 required=5.0 tests=BAYES_00,KAM_LAZY_DOMAIN_SECURITY,NORMAL_HTTP_TO_IP,RCVD_IN_DNSWL_NONE autolearn=no version=3.3.2 spammy=
X-HELO:	atl4mhob11.registeredsite.com
X-TCPREMOTEIP:	24.7.18.247
X-Authenticated-UID:	scowles AT ckhb DOT org
Date:	Wed, 20 Feb 2019 14:08:19 -0800 (PST)
From:	scowles AT ckhb DOT org
Reply-To:	scowles AT ckhb DOT org
To:	cygwin AT cygwin DOT com
cc:	Andy Moreton <andrewjmoreton AT gmail DOT com>
Subject:	Re: cygwin 3.0.1-1 breaks my sshd install
In-Reply-To:	<20190220213732.GY4256@calimero.vinschen.de>
Message-ID:	<alpine.DEB.2.21.1902201358200.7692@ckhb05>
References:	<19759126 DOT 568100 DOT 1550686604174 DOT ref AT mail DOT yahoo DOT com> <19759126 DOT 568100 DOT 1550686604174 AT mail DOT yahoo DOT com> <alpine DOT DEB DOT 2 DOT 21 DOT 1902201038580 DOT 32163 AT ckhb05> <47883ab06634fed3ecdaa375016dc3fb AT smtp-cloud8 DOT xs4all DOT net> <20190220202536 DOT GX4256 AT calimero DOT vinschen DOT de> <vz1pnrmnoat DOT fsf AT gmail DOT com> <20190220213732 DOT GY4256 AT calimero DOT vinschen DOT de>
User-Agent:	Alpine 2.21 (DEB 202 2017-01-01)
MIME-Version:	1.0
X-IsSubscribed:	yes

On Wed, 20 Feb 2019, Corinna Vinschen wrote:
> On Feb 20 21:27, Andy Moreton wrote:
>> On Wed 20 Feb 2019, Corinna Vinschen wrote:
>>
>>> On Feb 20 21:01, Houder wrote:
>>>> On Wed, 20 Feb 2019 10:53:09, scowles at ckhb dot org wrote:
>>>>> i can confirm the same behaviours on a 3.0.0 system.  i've done
>>>>> several checks and have been unable to find the source of the
>>>>> problem.  ssh -vvv shows that the connection proceeds all the way
>>>>> through the connection process, sends the appropriate key tokens,
>>>>> then the server abruptly closes the connection. all accounts on
>>>>> the system show the same results.
>>>>>
>>>>> my 2.11.1 system, with identical ssh[d]_config files has no such
>>>>> problems.
>>>>>
>>>>> on both systems, all relevant files and directories have correct
>>>>> owners and permissions.
>>>>
>>>> Yes, failure for 3.0.0 (and 3.0.1); success for 2.11.2
>>>>
>>>> Henri
>>>>
>>>> 64-@@ uname -a
>>>> CYGWIN_NT-6.1 Seven 3.0.1(0.338/5/3) 2019-02-20 10:19 x86_64 Cygwin
>>>>
>>>> 64-@@ tail /var/log/sshd.log
>>>> Server listening on 0.0.0.0 port 222.
>>>> seteuid 1004: Permission denied
>>>
>>> Sorry guys, but I can't reproduce this problem at all.  I tested ssh
>>> login on Vista, W7 and W10 1809, in each case on 64 bit and under
>>> WOW64.  On all systems I can login with domain as well as local
>>> accounts.
>>>
>>> For completeness sake I started sshd under SYSTEM as wel as under
>>> cyg_server account and every time it just worked.
>>
>> I've seen a similar failure, on a domain-joined Windows 10 box running
>> cygsshd using a local cyg_server user account. I've fixed it by:
>> 1) Open the "Computer Management" app
>>    Select "Services and Applications", then "Services", and
>>    choose the cygsshd service from the list.
>> 2) Stop the service
>> 3) Select the "Log On" tab, choose "Local System Account" and click OK.
>> 4) Restart the service.
>>
>> This changed the account reported by "cygrunsrv -VQ" from "./cyg_server"
>> to "LocalSystem".
>
> That actually fixed it for you?  I'm a bit surprised but at least that's
> a neat solution, given that the new way to switch the user context
> doesn't require the cyg_server account anymore.  SYSTEM is the way to
> go in future.
>
> While talking about it, i have a couple of OpenSSH upstream patches in
> the loop:
>
> - Rename Cygwin's sshd service to "cygsshd" becasue Microsoft hijacked
>  the "sshd" service name for their own sshd.
>
> - The ssh-host-config script will install the service under SYSTEM
>  in future, unless you're trying to install under Windows 7 WOW64,
>  which will still require the cyg_server account.
>
> - Allowing to login with case-insensitive usernames.  This also
>  enables case-insensitive user and group name matching in
>  sshd_config "Match" rules.
>
> The first patch has been merged already, I'm still waiting for
> feedback on the other two patches...


i am also at a loss.  i am running local only, no domain.  no ssh configs have 
been changed in the last 3 months.  as soon as i downgrade from 3.0.1-1 to 
2.11.1 and reboot, ssh is immediately functional, again.


--
s. cowles
scowles AT ckhb DOT org
Key fingerprint = A156 277B 875A D6E3 A00C  23D9 869E 72BE 1FD3 5B80

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -