Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com From: "Tony Hain" To: Cc: Subject: cygwin & opensshd on .net enterprise server Date: Wed, 15 May 2002 12:30:26 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 I am looking for any clues on how to make cygwin & opensshd work on a .net enterprise server, and found nothing in the mail archive. I had been running Mark's opensshd specific environment on W2k server without trouble. When I installed a fresh build 3615, OpenSSH_3.1p1 failed, so I thought I would try the full cygwin. That is failing in the same way, so after a couple of days experimenting I am stuck. With the intent of sending Mark a trace, I followed his instructions for debugging by using a scheduled task to get a system account command window (if it is of any use, I have put a copy of the debug trace at the end). What I found in the process is that there appears to be some permissions related problem, because I get logged in as any valid user over the ssh channel, but that immediately exits. Trying to figure that out I found that the only process/user that can run the shell is the system account. When I run sh, bash, or the cygwin.bat from any other account it just exits, but they appear to work fine in the system initiated command window. This is also true of many of the exe's in /bin, although some of them just hang with 100% cpu for the non-system user. One thing I found in the process is that the old passwd file is useless. The only way I could log in using ssh with either Mark's sshd subset, or the full cygwin was to use the mkpasswd & mkgroup process to build those files from scratch with the NT UIDs. What the log showed before I did that was 'Cygwin Process Id = 0xC78 : fatal: setuid 520: Not owner.' Simply changing that got me to the point of 'password accepted', but until the shell runs for all accounts, that does no good. I tried setting bash to W2k compatibility mode (actually all modes), and turning off the 'protect my computer from unauthorized activity' checkbox in the run as ... option, but those made no difference. I also tried setting the file owner for the entire subdirectory tree to system, again no difference. cygrunsrv.exe and sshd.exe are running as system, but it appears they end up running the shell in user space. Any clues what to try next??? Tony C:\Program Files\NetworkSimplicity\ssh>sshd -d -d -d -f sshd_config debug1: sshd version OpenSSH_3.1p1 debug1: private host key: #0 type 0 RSA1 debug3: Not a RSA1 key file /ssh/ssh_host_rsa_key. debug1: read PEM private key done: type RSA debug1: private host key: #1 type 1 RSA debug3: Not a RSA1 key file /ssh/ssh_host_dsa_key. debug1: read PEM private key done: type DSA debug1: private host key: #2 type 2 DSA debug1: Bind to port 87 on 0.0.0.0. Server listening on 0.0.0.0 port 87. debug1: Server will not fork when running in debugging mode. Connection from 192.168.123.34 port 4354 debug1: Client protocol version 1.99; client software version 3.0.0 SSH Secure S hell for Windows debug1: match: 3.0.0 SSH Secure Shell for Windows pat 3.0.* Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.1p1 debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-gro up1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,x509v3-sign-dss,x509v3-sign-rsa debug2: kex_parse_kexinit: 3des-cbc debug2: kex_parse_kexinit: 3des-cbc debug2: kex_parse_kexinit: hmac-md5,hmac-sha1 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1 debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: client->server 3des-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: server->client 3des-cbc hmac-md5 none debug1: dh_gen_key: priv key bits set: 194/384 debug1: bits set: 475/1024 debug1: expecting SSH2_MSG_KEXDH_INIT debug1: bits set: 480/1024 debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user ahain service ssh-connection method none debug1: attempt 0 failures 0 debug2: input_userauth_request: setting up authctxt for ahain debug2: input_userauth_request: try method none Failed none for ahain from 192.168.123.34 port 4354 ssh2 debug1: userauth-request for user ahain service ssh-connection method none debug1: attempt 1 failures 1 debug2: Unrecognized authentication method name: none Failed none for ahain from 192.168.123.34 port 4354 ssh2 debug1: userauth-request for user ahain service ssh-connection method password debug1: attempt 2 failures 2 debug2: input_userauth_request: try method password Accepted password for ahain from 192.168.123.34 port 4354 ssh2 debug1: Entering interactive session for SSH2. debug1: fd 3 setting O_NONBLOCK debug1: fd 7 setting O_NONBLOCK debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 0 win 10000 max 512 debug1: input_session_request debug1: channel 0: new [server-session] debug1: session_new: init debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session debug1: server_input_channel_req: channel 0 request pty-req reply 0 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req pty-req debug1: Allocating pty. debug1: session_pty_req: session 0 alloc /dev/tty1 debug3: tty_parse_modes: SSH2 n_bytes 0 debug1: server_input_channel_req: channel 0 request shell reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req shell debug1: fd 4 setting TCP_NODELAY debug1: channel 0: rfd 9 isatty debug1: fd 9 setting O_NONBLOCK debug1: fd 8 setting O_NONBLOCK debug1: server_input_channel_req: channel 0 request window-change reply 0 debug1: session_by_channel: session 0 channel 0 debug1: Received SIGCHLD. debug1: session_input_channel_req: session 0 req window-change debug3: tvp!=NULL kid 1 mili 100 debug2: notify_done: reading debug1: session_by_pid: pid 3964 debug1: session_exit_message: session 0 channel 0 pid 3964 debug1: channel request 0: exit-status debug1: session_exit_message: release channel 0 debug1: channel 0: write failed debug1: channel 0: close_write debug1: channel 0: output open -> closed debug1: session_close: session 0 pid 3964 debug1: session_pty_cleanup: session 0 release /dev/tty1 Write failed: errno ESHUTDOWN triggered debug1: Calling cleanup 0x41f104(0x0) debug1: channel_free: channel 0: server-session, nchannels 1 debug3: channel_free: status: The following connections are open: #0 server-session (t4 r0 i0/185 o3/0 fd 9/-1) debug3: channel_close_fds: channel 0: r 9 w -1 e -1 debug1: Calling cleanup 0x417030(0x0) -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/