X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:message-id:subject:mime-version
	:content-type:content-transfer-encoding; q=dns; s=default; b=dVg
	SV9JA383q6mKn24MiKyMFL5mKj9zOB4frb0xVUmEo0k9NANfzem3DadUSJTflFk4
	bTyjH2DAamupUx0o48SHwEFYUXZhyZKnnl7U1WBkGbyp2Nmc3Q2uz8wSwy/2f9B6
	t7KDh5OI7Un0MLDkTIVVXUyC+UJZgY9hlUebGh1I=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:message-id:subject:mime-version
	:content-type:content-transfer-encoding; s=default; bh=u+2aRn/4L
	OccChH43OgRvNDT5dY=; b=B3bG4/CDnIYzXYjyjy3GKxoQtv6piU/RqWySk6ofG
	NWlu2SQV0hD+D4drz1aQEru+yHb4E8Ut7N6KtAZpaKiSnGU0zVVfjy8IFTR+eXGF
	Pnluh0RlkK/IqEDql+AyPcJnD5UnpZa3cUUPJpAb4U+E6Xp/10tDXV+vn+TKosEI
	5c=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=1.6 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_SOFTFAIL,URI_HEX autolearn=no version=3.3.1 spammy=logon, SYSTEM, sk:cygwin., Event
X-HELO: n5.nabble.com
Date: Thu, 27 Feb 2020 11:09:27 -0700 (MST)
From: n0nc3 <pkoshar@compunetix.com>
To: cygwin@cygwin.com
Message-ID: <1582826967147-0.post@n5.nabble.com>
Subject: OpenSSH: SSHD daemon (as SYSTEM) is partially broken
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit


It appears Cygwin SSHD's functionality is partially broke in the later
versions, where SSHD runs as SYSTEM (no longer cyg_server).

On reboot, any attempt to SSH into the server *before* any previous logon
attempt (RDP/locally/etc) is quickly denied:

   debug1: Offering public key: /home/<user>/.ssh/id_rsa
   debug3: send_pubkey_test
   debug2: we sent a publickey packet, wait for reply
   Connection closed by <server_addr>
   
Once an RDP/local login is attempted, regardless of success/failure,
subsequent ssh attempts will progress to the password prompt which
eventually gets us in.

The Event Viewer shows the attached error message, relating to a NULL SID
and 0xC00000BB status.
ssh_as_first_login.txt
<http://cygwin.1069669.n5.nabble.com/file/t11987/ssh_as_first_login.txt>  

It was a rather vanilla 'ssh-host-config' run to get it installed: strict
modes = no, no special ssh_/sshd_config settings at this point.

Running latest cygwin packages on Windows Server 2016 Standard:
CYGWIN_NT-10.0 <server_name> 3.1.4(0.340/5/3) 2020-02-19 08:49 x86_64 Cygwin
...
openssh              8.2p1-1            OK



--
Sent from: http://cygwin.1069669.n5.nabble.com/Cygwin-list-f3.html

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple