X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; q=dns; s=
	default; b=N+sNlkJYIhkGPGdQu2wVYGX9yQQIYCqvah530LZnS4z15Pq+YkkZn
	nuIZ+YCYMQhvb9BS9oHpIVYwMCAzgBbHLb8c6MvqaYVTPgBLM+XIncGjuUHK3Lsk
	vjbEXA65g9y+Eh1fgmDodQ32jzajklJTGn90A5hDTjp3LmxDqVScqo=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; s=default;
	 bh=DD0Uqm0e3YzH08w6Y2sJ/5QO740=; b=bKkYgZonoLdi6lyenWI4bp5snzpm
	6ZnUt1hTbNUJvPFzmj0HCL//4jbj+wygxRL3T/Ntjy9Ap8RKPSy7ZpTPbtyZNlNx
	1vhWAaCAz1tbKs75pmRin/THZZFHgAZmDnUzu1EhdRm5Q3w5SgKuYUdrLMCgrm1p
	0EUm4uIsF0cKjpc=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=2.7 required=5.0 tests=BAYES_05,FSL_HELO_BARE_IP_2,RCVD_IN_DNSWL_NONE,RCVD_NUMERIC_HELO,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS autolearn=no version=3.3.2
X-HELO: plane.gmane.org
To: cygwin@cygwin.com
From: Dan Greenspan <daniel.greenspan@jhuapl.edu>
Subject: Re: ssh logon failure
Date: Fri, 25 Oct 2013 00:52:39 +0000 (UTC)
Lines: 32
Message-ID: <loom.20131025T023724-855@post.gmane.org>
References: <4FCF00EB.2070600@gmail.com> <loom.20120607T103956-836@post.gmane.org> <4FD07C1D.5070909@gmail.com> <loom.20130807T185544-35@post.gmane.org> <52028508.7000102@cygwin.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
User-Agent: Loom/3.14 (http://gmane.org/)
X-IsSubscribed: yes

I experienced the "operation not permitted" problem as many others have.  

I had not changed my setup when the error was experienced, but I noticed 
that every computer which presented this difficulty was a work machine with 
our IT security suite installed.  On every PC _without_ an IT security 
package, cygwin sshd worked just fine out of the box. On any PC without a 
security package which subsequently had one installed, sshd stopped working.

Like at least one other user, I have concluded that my "evil" IT people are 
the root cause of the problem.  However, they are of no help whatsoever. By 
some combination of dumb luck, relentless hacking and bits of help online, I 
arrived at the following conslusions and solution:

Problem one: by default, cygwin sshd uses the windows log, which is hard to 
read and doesn't contain the desired diagnostic output. Fixing this revealed 
useful clues. 

Problem two: /var/empty had the incorrect owner.

THE FIX:

1) Setup cygwin's sshd normally by invoking: ssh-host-config -y (If you have 
been thrashing about trying to solve this problem and have changed 
permissions and config files, just run the script again to ensure that your 
setup is reasonable)
2) DON'T START sshd.
3) Issue "chown SYSTEM /var/empty"
4) Uninstall the default sshd service by invoking: cygrunsrv --remove sshd
5) Reinstall the service and make the sshd output go to /var/log/sshd.log by 
invoking: cygrunsrv -I sshd -d "Cygwin sshd" -p /usr/sbin/sshd -a '-D -e'

I hope this works for you.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple