delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2019/03/14/10:20:18

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:reply-to:message-id:to:subject
:in-reply-to:references:mime-version:content-type
:content-transfer-encoding; q=dns; s=default; b=wrPGVaRPqmhWFDVb
fTo/R00RN0zyHslPa9Xj3+jFsYWm/OaSF7sh0io7wBaamiVHBK++uA0/7y+Zxh1h
5gJVr9nD5jGp5wRSJjw7ZzBLlf8bRxSpFAVO4NwSjGT4BeobVnk/t/5RPcOxxBRL
N9VTToloMZSQ8DOA1sqniAbEH8E=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:reply-to:message-id:to:subject
:in-reply-to:references:mime-version:content-type
:content-transfer-encoding; s=default; bh=pT4hxvfCizP4GdX0atSVBV
YK3jA=; b=BYRLV1ifHcHCG8sYuell9W39eQUrkHl/pjgGaBX296feGAGYLfVpqp
firQFkRlzRzh4DXpVsfoCvL3htZqFPlgtSBVON51nvice5Yr9kVOfSoXLEiKMLaK
uHPrk7H9phspNm79JQrc1teqsQpScfDYZyqXpZmAEEiJvEbXtYBF8=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=BAYES_00,FREEMAIL_FROM,KAM_THEBAT,MIME_BASE64_BLANKS,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.1 spammy=UD:ru, HX-Priority:Normal, H*UA:Bat!, password
X-HELO: forward101o.mail.yandex.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1552573201; bh=Z1uxxMNGfIZDDsUWXGQoV1xgK//VARvbsejLn2yqvYY=; h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date; b=MZh98seyySlGsOAiN6bM6pKbvDTpuQRGdFo8vfOnYZyL7sme3CcqNmwzLljVJZazb np064t3lWrMCH4D+gbA9il378a8OJrNqjgQNChJ9aLYAjSUWoQX5zuyfV2Tl5qP/nk j4JDaFvkSkLxcEXrMS056t0+PNtJjqAp59OWrRZ8=
Authentication-Results: mxback3j.mail.yandex.net; dkim=pass header.i=@yandex.ru
Date: Thu, 14 Mar 2019 17:11:24 +0300
From: Andrey Repin <anrdaemon AT yandex DOT ru>
Reply-To: cygwin AT cygwin DOT com
Message-ID: <576975390.20190314171124@yandex.ru>
To: renaud DOT rolles AT giraudbtp DOT com, cygwin AT cygwin DOT com
Subject: Re: sshd: fatal: seteuid XXX : No such device or address
In-Reply-To: <014e01d4da69$965ee650$c31cb2f0$@giraudbtp.com>
References: <011a01d4da5a$96247330$c26d5990$@giraudbtp.com> <20190314121034 DOT GG3785 AT calimero DOT vinschen DOT de> <014e01d4da69$965ee650$c31cb2f0$@giraudbtp.com>
MIME-Version: 1.0
X-IsSubscribed: yes
Note-from-DJ: This may be spam
X-MIME-Autoconverted: from base64 to 8bit by delorie.com id x2EEKGcR008430 

Greetings, renaud DOT rolles AT giraudbtp DOT com!

>> > I can login via password, it work and lets me in.
>> > But if i tried with my keys, I get in the event viewer :
>> > sshd: PID 3777: fatal: seteuid 1049076: No such device or address
>> 
>> - Make sure to login with the Administrator account case-sensitive.
>>   If your account is called "Administrator", then use an uppercase
>>   'A' when logging in.
>> 
>>   This case-sensitivity issue is a temporary workaround for a
>>   potential security problem in OpenSSH.  This will be rectified
>>   with OpenSSH 8.0 which allows to login case-insentive again.

> With Uppercase i do have a login prompt, but (with the good password), I cant login (remotly or localy).
> I also have Information event :
> sshd: PID 3788: Login name Administrator does not match stored username administrator
> sshd: PID 3788: Invalid user Administrator from 10.0.0.8 port 60876
> then three :
> sshd: PID 3788: Failed password for invalid user Administrator from 10.0.0.8 port 60876 ssh2

Please remove /etc/passwd and /etc/group files. They are no longer necessary,
unless you have some very special needs, and even then, they only needed for
that one or two accounts you need special treatment for.

>> 
>> - If that doesn't help, switch the user running the sshd service from
>>   "cyg_server" to SYSTEM (the services GUI calls it "LocalSystem")
>> 

> This worked, like a charm, thank you 😊

>>   Cygwin switched the logon method and this method doesn't run
>>   under the "cyg_server" account sometimes.  However, switching
>>   back to "LocalSystem" instead of having to create a special
>>   "cyg_server" service account is one of the advantages of the
>>   new logon method.  For details, see
>> 
>>   https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1
>> 
> I didn't fully understand it all to be honest, but, is there another
> drawback to have the localsystem running the deamon instead of the
> cyg_server user, other than having the administrator possibly knowing the
> password ?
> I only use (and by only, again, thank you for that, saved me lot of time),
> to make rsync over ssh on windows hosts.

The main security concern is, why your Administrator user:
1. have password, and
2. is not disabled?


-- 
With best regards,
Andrey Repin
Thursday, March 14, 2019 16:39:04

Sorry for my terrible english...
--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019