DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:content-transfer-encoding
	:content-type:message-id:date:from:reply-to:to:subject
	:references:in-reply-to; q=dns; s=default; b=qkGN8nCcOX6urB0Sn4L
	3AazhB152Cihp3PmAYw+Wi92zIhedMYR9Ka936PVAnu72RrfUK4TWJAPGWum7E8o
	0BcUgza+/MJAKRZBTSZYiG7Wr+XjGHeHUid5vtXB2qEq1OeM9aWohnja76osG6+Y
	1kXK2pQ5UXCyHD4y0Fm64m3s=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
MIME-version: 1.0
Content-transfer-encoding: 8BIT
Content-type: text/plain; charset=UTF-8; format=flowed
Message-id: <5214CA35.4030600@cygwin.com>
Date: Wed, 21 Aug 2013 10:09:57 -0400
From: "Larry Hall (Cygwin)" <reply-to-list-only-lh@cygwin.com>
Reply-to: cygwin@cygwin.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
To: cygwin@cygwin.com
Subject: Re: cygwin sshd dumping stack trace when not allocating pseudo-tty
References: <alpine.DEB.2.10.1308191353590.23189@tglase.lan.tarent.de> <52123502.6070301@cygwin.com> <alpine.DEB.2.10.1308201021500.6396@tglase.lan.tarent.de> <52138A66.3050406@cygwin.com> <alpine.DEB.2.10.1308211235560.31430@tglase.lan.tarent.de>
In-reply-to: <alpine.DEB.2.10.1308211235560.31430@tglase.lan.tarent.de>

On 8/21/2013 6:42 AM, Thorsten Glaser wrote:
> On Tue, 20 Aug 2013, Larry Hall (Cygwin) wrote:
>
>> On 8/20/2013 4:32 AM, Thorsten Glaser wrote:
>>> On Mon, 19 Aug 2013, Larry Hall (Cygwin) wrote:
>>>
>>>> and to understand the method you're using to login.
>>>
>>> SSH public-key auth, that is, RSA keys. (This is a requirement
>>> because the process will run as batch job so we cannot use any
>>> interactive auth method.)
>>
>> Understood but method 2 and 3 allow for this as well.  They use a
>> very different way of "getting there".  One of these two methods
>> could work for you.
>
> Hm. I must admit I’m a bit confused here, but AIUI if there’s a
> problem with logging in (the auth method or that the home directory
> is on the domain controller), then I should be unable to login with
> SSH key, without password, interactively, too – right?
>
> As things stands:
>
> ssh-key interactive ⇒ works
> password interactive ⇒ works
> ssh-key batch ⇒ doesn’t work (-T, running a command, scp, rsync)
> password batch ⇒ works

There's definitely a different path being taken here and the authentication
isn't "keeping up" in the failing case.  Putting 'sshd' in debug mode may
shed some light on why this is a problem in this particular installation.
But to re-iterate my point, in case your main goal is just to find a
way that works, methods 2 and 3 use different techniques to accomplish
the same thing.  For method 2, you have a different token, so if
authenticating with a created token is causing a problem, this could help.
Method 3 avoids all impersonation token issues by simply using password
authentication.  So this one seems like it should work based on your
current testing.

>> It's telling you that cmd.exe doesn't understand UNC paths.  And that
>> actually gives me an idea.  Can you create a local home directory
>
> Hmm. When I login using ssh-key interactively, I get this:
>
> tglase@tglase:~ $ ssh cygbox
> Last login: Tue Aug 20 10:21:46 2013 from tglase.lan.tarent.de
> tglase@cygbox:~$ pwd
> //dc/tglase
>
> So why would it work interactively but not in batch mode?

I'm saying cmd.exe is complaining, not the shell.  But if you really want
to understand how you get the message you're seeing in the batch case, I
recommend setting up 'sshd' in debug mode, enabling verbosity on the SSH
session, and turning on echoing of all scripts run by the shell.  This
will give you allot of output but also provide more context for the
messages you see.  That should help you narrow down where the complaint
is coming from.

>> and run ssh-user-config again to see if that helps?  If so, you can
>> either continue to use this configuration or try method 3.
>>
>> Other things I noted:
>>
>>    1. You're running cygwin 1.7.9.  The current version is 1.7.24.  You
>>       should upgrade.
>
> I cannot “just” change things like this on the system unless
> it’s known that not doing so fixes a problem (actually, the
> system isn’t even normally mine to administer, I’m just helping
> out).

That's your choice but also it puts you into the category of an unsupported
installation.  Looking at it another way, how can you determine whether a
newer version helps address a problem if you don't try it?

>>    2. Your CYGWIN environment variable contains "sshd".  You should
>>       remove this.
>
> I’ve got no idea where this is set; running a cygwin or CMD.EXE
> doesn’t set $CYGWIN or %CYGWIN%, respectively, at all.

Must be part of the service settings in the registry then.

-- 
Larry

_____________________________________________________________________

A: Yes.
 > Q: Are you sure?
 >> A: Because it reverses the logical flow of conversation.
 >>> Q: Why is top posting annoying in email?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple