X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=wrPGVaRPqmhWFDVb
	fTo/R00RN0zyHslPa9Xj3+jFsYWm/OaSF7sh0io7wBaamiVHBK++uA0/7y+Zxh1h
	5gJVr9nD5jGp5wRSJjw7ZzBLlf8bRxSpFAVO4NwSjGT4BeobVnk/t/5RPcOxxBRL
	N9VTToloMZSQ8DOA1sqniAbEH8E=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; s=default; bh=pT4hxvfCizP4GdX0atSVBV
	YK3jA=; b=BYRLV1ifHcHCG8sYuell9W39eQUrkHl/pjgGaBX296feGAGYLfVpqp
	firQFkRlzRzh4DXpVsfoCvL3htZqFPlgtSBVON51nvice5Yr9kVOfSoXLEiKMLaK
	uHPrk7H9phspNm79JQrc1teqsQpScfDYZyqXpZmAEEiJvEbXtYBF8=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=BAYES_00,FREEMAIL_FROM,KAM_THEBAT,MIME_BASE64_BLANKS,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.1 spammy=UD:ru, HX-Priority:Normal, H*UA:Bat!, password
X-HELO: forward101o.mail.yandex.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1552573201;	bh=Z1uxxMNGfIZDDsUWXGQoV1xgK//VARvbsejLn2yqvYY=;	h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date;	b=MZh98seyySlGsOAiN6bM6pKbvDTpuQRGdFo8vfOnYZyL7sme3CcqNmwzLljVJZazb	 np064t3lWrMCH4D+gbA9il378a8OJrNqjgQNChJ9aLYAjSUWoQX5zuyfV2Tl5qP/nk	 j4JDaFvkSkLxcEXrMS056t0+PNtJjqAp59OWrRZ8=
Authentication-Results: mxback3j.mail.yandex.net; dkim=pass header.i=@yandex.ru
Date: Thu, 14 Mar 2019 17:11:24 +0300
From: Andrey Repin <anrdaemon@yandex.ru>
Reply-To: cygwin@cygwin.com
Message-ID: <576975390.20190314171124@yandex.ru>
To: renaud.rolles@giraudbtp.com, cygwin@cygwin.com
Subject: Re: sshd: fatal: seteuid XXX : No such device or address
In-Reply-To: <014e01d4da69$965ee650$c31cb2f0$@giraudbtp.com>
References: <011a01d4da5a$96247330$c26d5990$@giraudbtp.com>   <20190314121034.GG3785@calimero.vinschen.de>  <014e01d4da69$965ee650$c31cb2f0$@giraudbtp.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
X-IsSubscribed: yes
Note-from-DJ: This may be spam
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by delorie.com id x2EEKGcR008430

Greetings, renaud.rolles@giraudbtp.com!

>> > I can login via password, it work and lets me in.
>> > But if i tried with my keys, I get in the event viewer :
>> > sshd: PID 3777: fatal: seteuid 1049076: No such device or address
>> 
>> - Make sure to login with the Administrator account case-sensitive.
>>   If your account is called "Administrator", then use an uppercase
>>   'A' when logging in.
>> 
>>   This case-sensitivity issue is a temporary workaround for a
>>   potential security problem in OpenSSH.  This will be rectified
>>   with OpenSSH 8.0 which allows to login case-insentive again.

> With Uppercase i do have a login prompt, but (with the good password), I cant login (remotly or localy).
> I also have Information event :
> sshd: PID 3788: Login name Administrator does not match stored username administrator
> sshd: PID 3788: Invalid user Administrator from 10.0.0.8 port 60876
> then three :
> sshd: PID 3788: Failed password for invalid user Administrator from 10.0.0.8 port 60876 ssh2

Please remove /etc/passwd and /etc/group files. They are no longer necessary,
unless you have some very special needs, and even then, they only needed for
that one or two accounts you need special treatment for.

>> 
>> - If that doesn't help, switch the user running the sshd service from
>>   "cyg_server" to SYSTEM (the services GUI calls it "LocalSystem")
>> 

> This worked, like a charm, thank you 😊

>>   Cygwin switched the logon method and this method doesn't run
>>   under the "cyg_server" account sometimes.  However, switching
>>   back to "LocalSystem" instead of having to create a special
>>   "cyg_server" service account is one of the advantages of the
>>   new logon method.  For details, see
>> 
>>   https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1
>> 
> I didn't fully understand it all to be honest, but, is there another
> drawback to have the localsystem running the deamon instead of the
> cyg_server user, other than having the administrator possibly knowing the
> password ?
> I only use (and by only, again, thank you for that, saved me lot of time),
> to make rsync over ssh on windows hosts.

The main security concern is, why your Administrator user:
1. have password, and
2. is not disabled?


-- 
With best regards,
Andrey Repin
Thursday, March 14, 2019 16:39:04

Sorry for my terrible english...
--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple