X-Recipient: archive-cygwin@delorie.com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; q=dns; s=default; b=Kd PIpUPyCuFMeAypw7VB0OCZdiOzt0klJUVTDitTaSriAdkmKlR3Rwract101pQ5Fk qD6Mc0nC2BdnAaeNnBI5CLgOyVSn5ZNoBYaHzf+e9ef5TiDE9a8/B9SdTOec3p7l Xs9sucvGBwA/zJqcF5exDL+7LafjXQNQbupr6kvSc= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; s=default; bh=E29UQHCv N1VS2EGk4oJmjCMbRF0=; b=tsfxU9j/7fqdHZzN0zt6wDpjTDRSnSu98g2Pdrim QLH9bsy3ES/md6j/b3TBG8NSgQo7f5seiqaiMAY3VyKPdFiF2n943vKc9kFG1iDa RdNPoajQITPyef7icIMjM6BPwRdyQVHzZLi62AKstPMX/+cvhRhLpSurHA1TwOQe d8w= Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=3.7 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,FREEMAIL_REPLY,RCVD_IN_DNSWL_LOW,SCAM_SUBJECT,SPF_PASS autolearn=no version=3.3.2 X-HELO: mail-qa0-f50.google.com MIME-Version: 1.0 X-Received: by 10.224.89.71 with SMTP id d7mr32308022qam.54.1395107648350; Mon, 17 Mar 2014 18:54:08 -0700 (PDT) In-Reply-To: <1713042820.20140318034322@yandex.ru> References: <5307BB89.80405@cse.yorku.ca> <5307BDDA.4040309@cygwin.com> <530B6ED1.2060003@cse.yorku.ca> <1713042820.20140318034322@yandex.ru> Date: Mon, 17 Mar 2014 21:54:08 -0400 Message-ID: Subject: Re: Silently configure sshd fails via system account From: Lord Laraby To: Cygwin Mailing List Content-Type: text/plain; charset=UTF-8 X-IsSubscribed: yes On Mon, Mar 17, 2014 at 7:43 PM, Andrey Repin <> wrote: > Greetings, Lord Laraby! > >> Oh and I forgot the most intriguing gotcha. After creating the sshd >> user for me (I went to service manager and discovered this) the user >> assigned to the sshd server was actually cyg_server (not sshd)!!!!! >> After changing all of those things the service started. > > That's because service is running as cyg_server, while sshd user is used to > invoke login shells of connecting users. > You just messed it all. > > > -- > WBR, > Andrey Repin (anrdaemon@yandex.ru) 18.03.2014, <03:42> > > Sorry for my terrible english... > I did not change anything. As I said originally, after running ssh-host-config, no changes on my part, I had a slew of errors. See my original message. I do not change things on a whim. Service failed to start, means just what it says! Here is my original convo with cygwin: $ ssh-host-config [ ssh host config asks questions about did I want to install as a service and privilege separation, and user account to be used.] Host configuration finished. Have fun! $ cygrunsrv -S sshd [cygrunsrv: Error starting a service: OpenService: Win32 error 1068:] [message to the effect that something went wrong trying to start (guessing because the scroll is now long gone)] I immediately was concerned, as this script normally works. I checked Event Log, and found this: "The description for Event ID 0 from source sshd cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer." After googling I discovered there might still be a log. I read it.That log is here: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_rsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_rsa_key Could not load host key: /etc/ssh_host_rsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_dsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_dsa_key Could not load host key: /etc/ssh_host_dsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ecdsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ecdsa_key Could not load host key: /etc/ssh_host_ecdsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ed25519_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ed25519_key Could not load host key: /etc/ssh_host_ed25519_key Disabling protocol version 2. Could not load host key sshd: no hostkeys available -- exiting. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_rsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_rsa_key Could not load host key: /etc/ssh_host_rsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_dsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_dsa_key Could not load host key: /etc/ssh_host_dsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ecdsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ecdsa_key Could not load host key: /etc/ssh_host_ecdsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ed25519_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ed25519_key Could not load host key: /etc/ssh_host_ed25519_key Disabling protocol version 2. Could not load host key sshd: no hostkeys available -- exiting. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_rsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_rsa_key Could not load host key: /etc/ssh_host_rsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_dsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_dsa_key Could not load host key: /etc/ssh_host_dsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ecdsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ecdsa_key Could not load host key: /etc/ssh_host_ecdsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ed25519_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ed25519_key Could not load host key: /etc/ssh_host_ed25519_key Disabling protocol version 2. Could not load host key sshd: no hostkeys available -- exiting. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_rsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_rsa_key Could not load host key: /etc/ssh_host_rsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_dsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_dsa_key Could not load host key: /etc/ssh_host_dsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ecdsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ecdsa_key Could not load host key: /etc/ssh_host_ecdsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ed25519_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ed25519_key Could not load host key: /etc/ssh_host_ed25519_key Disabling protocol version 2. Could not load host key sshd: no hostkeys available -- exiting. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_rsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_rsa_key Could not load host key: /etc/ssh_host_rsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_dsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_dsa_key Could not load host key: /etc/ssh_host_dsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ecdsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ecdsa_key Could not load host key: /etc/ssh_host_ecdsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/etc/ssh_host_ed25519_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /etc/ssh_host_ed25519_key Could not load host key: /etc/ssh_host_ed25519_key Disabling protocol version 2. Could not load host key sshd: no hostkeys available -- exiting. /var/empty must be owned by root and not group or world-writable. /var/empty must be owned by root and not group or world-writable. /var/empty must be owned by root and not group or world-writable. /var/empty must be owned by root and not group or world-writable. /var/empty must be owned by root and not group or world-writable. /var/empty must be owned by root and not group or world-writable. /var/empty must be owned by root and not group or world-writable. /var/empty must be owned by root and not group or world-writable. /var/empty must be owned by root and not group or world-writable. Not exactly working as intended. Now, I don't know a lot about internals of SSHD, but this seems like a cause of concern! I messed it up? Show me where? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple