delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2022/05/26/19:40:10

X-Recipient: archive-cygwin AT delorie DOT com
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 77F30382F9B4
Authentication-Results: sourceware.org;
dmarc=pass (p=none dis=none) header.from=berkeley.edu
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=berkeley.edu
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=berkeley.edu; s=google;
h=from:date:to:cc:subject:message-id:references:mime-version
:content-disposition:in-reply-to:user-agent;
bh=+gq4wv3+fEmxzP9+CZ1lo5bTIEgJhoAO2T3/2PjRyeg=;
b=tFF6NiVJ/4CnS420jROi9co1zq5MYjpM19j361RKpYP+ku8uir/y9p7PaeyF/1n5Mh
7T09NBA95HiRaL2MKBtmZJyO5VKbwGVPf4uWiRyA0iNEcrHQmRWj4dYrqkZLU3x5CO2T
wwzAh7scSRkKf55n5ZFywY/dJ8BMPTb654fonQeRmnhIGGh2gUwBv5pSUOLoVYkLdEVS
oUy+CR2u+Rg7swkmRJJ5/bAQ2AY5GCFdxsetjG4dgEMLN82JkrHQcHgAqxIbXppzKAjs
sWCRjw/AwV6VgXYCxfxjaA/iWR9TuWao7kMTjhQUDITCgLGuXU1k1leV4ZOjG4wlyoBk
eyHA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:from:date:to:cc:subject:message-id:references
:mime-version:content-disposition:in-reply-to:user-agent;
bh=+gq4wv3+fEmxzP9+CZ1lo5bTIEgJhoAO2T3/2PjRyeg=;
b=DCjyk0rvuZYc/wDM0qy2wExCZtpetfWMxdAOfkiiXLzfqE2wUWLBQKRnvuA2x8weiu
ZHBlKk2wTizAO9OU79mb4V27lO2VcsemblPQSx+o7WjXF1acr6/tygFYwt+tAELkqn7s
n7udoCFs7UVPfUpVuPQrsScVuF1hDI3ID44Np1SWw3B0zuBr2zxXGBvPpFoXTCt6bPdU
VRQnwEmuQGSXwZGSM7xVqpWZGghHT1JOgp1hgXxMfAkvRXyEHLPo2kzA2IPbrQ1jG/5d
/YH9E9sO1A4pafa4Gq5PqaEfcMmzLd/ZeUSG6rah4anhLNDosnPPAJcEHK+h4HbUjVYo
tWNA==
X-Gm-Message-State: AOAM531/V/yCAAQOL2KXgaawhEOhA6l/RU4EiVYYYd/M+w0Q9Jtr6xsf
mgcKmpmmCFK332zJ5RQ2VK9o3g==
X-Google-Smtp-Source: ABdhPJzXfUItGVCmxAW9OOA5F+QAIMgGu5YyMV8UA8dxjnOell2f97hrhG+Cib2wtyGmmGD5lggjJQ==
X-Received: by 2002:a62:4e03:0:b0:519:36cc:a169 with SMTP id
c3-20020a624e03000000b0051936cca169mr458125pfb.71.1653608367175;
Thu, 26 May 2022 16:39:27 -0700 (PDT)
From: Stephen Carrier <carrier AT berkeley DOT edu>
X-Google-Original-From: Stephen Carrier <carrier AT Berkeley DOT EDU>
Date: Thu, 26 May 2022 16:39:26 -0700
To: Dale Lobb <Dale DOT Lobb AT bryanhealth DOT org>
Subject: Re: Issue with seteuid and openssh
Message-ID: <20220526233926.GA13111@iguana.crashland.org>
References: <aebd99eefc4e4c6697a9d2dacd8be275 AT bryanhealth DOT org>
MIME-Version: 1.0
In-Reply-To: <aebd99eefc4e4c6697a9d2dacd8be275@bryanhealth.org>
User-Agent: Mutt/1.12.2 (2019-09-21)
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00, DKIMWL_WL_MED,
DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE,
SPF_HELO_NONE, SPF_PASS, TXREP,
T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
server2.sourceware.org
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
Cc: "'cygwin AT cygwin DOT com'" <cygwin AT cygwin DOT com>
Errors-To: cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com> 

On Tue, May 24, 2022 at 10:15:05PM +0000, Dale Lobb via Cygwin wrote:
> Greetings All,
> 
>   Has anyone seen an issue similar to this?
> 
>   I have a VMWare virtual machine loaded with Windows Server 2016 OS and a Cygwin installation.  Cygwin runs an installed SSHD service via cygrunsrv.exe.  A data gateway engine on a different machine makes regular programmatic connections via SFTP to the server throughout the day.  This setup was established in 2021 and has run without issue for almost a year.
> 
>   Last night, the server rebooted automatically after windows updates.  After the reboot, the data gateway was then no longer able to connect to the server.  This condition persisted until I was informed of the issue this morning and connected to the Windows server using RDP to take a look at the issue, at which point the SSH connection suddenly started working.  Further tests showed this to be entirely repeatable.  After rebooting the server, the SSHD daemon does not allow connections, neither with password nor public key authorization, until someone connects to the server via RDP, at which time the SSH connections suddenly starts working again.
> 
>   The server's Windows application event log shows numerous errors from the SSHD daemon stating "sshd: PID <####>: fatal: seteuid 197108: No such device or address" during the time frame when SSH connection were not working.  The errors stop immediately when the RDP connection is recorded in the same event log.
> 
>   A google search for the error message turned up something somewhat similar from this mailing list back in March of 2019, bit there is no mention of RDP in that exchange.  Also, the advice given, to convert the SSHD service from running under the cyg_server account to LocalSystem, does not apply here, because the Cygwin installation is recent enough that it is already running under LocalSystem.

Do you mean the thread started by this message:

https://cygwin.com/pipermail/cygwin/2019-March/240389.html

which describes a nearly identical problem.  The main difference
is that the problem occored for Windows Server 2008R2 and 2012 but was
not confirmed on Windows Server 2016.  This looks like regression in
Windows so that now the problem occurs in Windows Server 2016 too.

This underlying issue was never addressed or fully understood because
the affected systems were EOL or nearly so.  (and there are awkward
workarounds for making do.)  Looks like WS2016 has been EOL since January,
so maybe no help this time either.

The thread does mention RDP, and sshd service was already running as Local
System, so I wonder if you read a different thread also from March 2019.

2019's problem occured for local accounts only.  Is the new problem
occuring for local accounts only?

2019's problem affected cron similarly to sshd so was a seteuid()
problem and not a sshd problem.  You might check if cron service is
similarly affected.

Hope this helps.

Stephen Carrier
BEAR Center
UC Berkeley

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019