Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <004501c3cebb$ca596bd0$0100a8c0@adn.dyndns.info>
From: "dominix" <dominix AT despammed DOT com>
To: "Hunt, Andrew" <AHunt AT straub DOT net>, "'Cygwin List'" <cygwin AT cygwin DOT com>
References: <FB21C2082402D511BAF400508BB0D48D04D362B0 AT strex01 DOT straub DOT net>
Subject: Re: [despammed] RE: [1.5.5] sshd error on local machine. [the return of sshd nightmare]
Date: Tue, 30 Dec 2003 00:00:37 -1000
MIME-Version: 1.0
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: 7bit

RE: [1.5.5] sshd error on local machine. [the return of sshd nightmare]many
thanks Andrew,
so now I'm able to dig aroung my ssh log :^P
but it doesn't enlight me much more <:-(   it keep me in a terrible computer
mystery I still don't know if I have a cygwin issue or a Microsoft issue on
this computer (or an admin|user issue ?)

here is tha log--------------------------------------
debug2: read_server_config: filename /etc/sshd_config
debug1: sshd version OpenSSH_3.7.1p2
debug3: Not a RSA1 key file /etc/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 127.0.0.1 port 4190
debug1: Client protocol version 2.0; client software version OpenSSH_3.7.1p2
debug1: match: OpenSSH_3.7.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2
debug2: Network child is on pid 2172
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug3: mm_request_send entering: type 0
debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI
debug3: mm_request_receive_expect entering: type 1
debug3: mm_request_receive entering
debug3: monitor_read: checking request 0
debug3: mm_answer_moduli: got parameters: 1024 2048 8192
debug3: mm_request_send entering: type 1
debug3: mm_choose_dh: remaining 0
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug2: dh_gen_key: priv key bits set: 135/256
debug2: bits set: 1600/3191
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
Read from socket failed: Resource temporarily unavailable
debug1: Calling cleanup 0x422f90(0x0)
debug2: monitor_read: 0 used once, disabling now
debug3: mm_request_receive entering
mm_request_receive: read: -1

----- Original Message ----- 
From: Hunt, Andrew
To: 'Cygwin List' ; 'dominix'
Sent: Monday, December 29, 2003 3:58 PM
Subject: [despammed] RE: [1.5.5] sshd error on local machine. [the return of
sshd nightmare]


Setting up a debug testing service:
'cygrunsrv -I sshd_test -p /usr/sbin/sshd.exe -a '-ddd' -e CYGWIN="tty ntsec
binmode"'
Starting the service:
'cygrunsrv -S sshd_test'
Is it running?
'cygrunsrv -Q sshd_test'
Remember, this will only accept one connection, then the process will die.
Also, be sure to issue 'cygrunsrv -E sshd' to kill the production sshd
before you begin.  Issue 'cygrunsrv -S sshd_test' to start the test daemon
again for further test runs.  Happy hunting!
Regards,

Drew Hunt
E-Health Administrator
ahunt AT straub DOT net

-----Original Message----- 
From: Larry Hall [mailto:cygwin-lh AT cygwin DOT com]
Sent: Monday, December 29, 2003 3:32 PM
To: dominix; cygwin AT cygwin DOT com
Subject: Re: [1.5.5] sshd error on local machine. [the return of sshd
nightmare]
You're not starting sshd as a service.  You're not going to have allot of
luck starting it from the command line.  If you're looking for debug output,
you need to install sshd under a different name (than "sshd") and pass it
the "-d" flag.  See the "cygrunsrv -I" command in /bin/ssh-host-config for
information on how sshd has been installed for you as a service.  Copy it
with changes for the service name (sshd) and passing it the debug flag "-d".
FYI, SYSTEM ~= root.
HTH,
Larry
At 07:22 PM 12/29/2003, dominix you wrote:
>I've tryed this advice from Corinna:
>
>> - Deinstall the sshd service: cygrunsrv -R sshd
>> - Edit /etc/passwd and remove the sshd account entry.
>> - Remove the sshd account: net user sshd /delete
>> - If you didn't change much in your /etc/ssh_config and /etc/ssdh_config
>>   files, remove them.
>> - Run ssh-host-config again.
>> - Run ssh-user-config for your own (and each other used) account.
>> - Restart the sshd service.
>>
>> Corinna
>
>I don't understand what's wrong, I've read nearly *all* threads about ssh
in
>the ML
>, I've reinstalled ssh packages many times taking care of perms... using
>priv sep.
>
>Note:this machine has special interface binding that I suspect to be
>responsible of troubles cause I've installed the same software on others
>machines that works *very* well.
>
>#---------------------------------------------------------#
>ipconfig /all
>
>Windows IP Configuration
>
>        Host Name . . . . . . . . . . . . : pastis
>        Primary Dns Suffix  . . . . . . . : adn.dyndns.info
>        Node Type . . . . . . . . . . . . : Unknown
>        IP Routing Enabled. . . . . . . . : Yes
>        WINS Proxy Enabled. . . . . . . . : No
>        DNS Suffix Search List. . . . . . : adn.dyndns.info
>                                            dyndns.info
>
>Ethernet adapter Local Area Connection:
>
>        Connection-specific DNS Suffix  . :
>        Description . . . . . . . . . . . : D-Link DL10050-based Ethernet
>Adapter (Generic)
>        Physical Address. . . . . . . . . : 00-05-5D-07-7B-70
>        Dhcp Enabled. . . . . . . . . . . : No
>        IP Address. . . . . . . . . . . . : 192.168.1.91
>        Subnet Mask . . . . . . . . . . . : 255.255.255.0
>        IP Address. . . . . . . . . . . . : 192.168.0.1
>        Subnet Mask . . . . . . . . . . . : 255.255.255.0
>        Default Gateway . . . . . . . . . :
>        DNS Servers . . . . . . . . . . . : 202.3.225.10
>                                            202.3.225.20
>
>PPP adapter Olitec USB ADSL:
>
>        Connection-specific DNS Suffix  . :
>        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
>        Physical Address. . . . . . . . . : 00-53-45-00-00-00
>        Dhcp Enabled. . . . . . . . . . . : No
>#---------------------------------------------------------#
>NB: windows XP Internet firewall=on but not log at all regarding local
>traffic
>
>
>I'm unable to use sshd -d as I was used to on unix system
>cause I got error
># sshd -d
>debug1: sshd version OpenSSH_3.7.1p2
>debug1: read PEM private key done: type RSA
>debug1: private host key: #0 type 1 RSA
>debug1: read PEM private key done: type DSA
>debug1: private host key: #1 type 2 DSA
>/var/empty must be owned by root and not group or world-writable.
>
>root ?? who's that ??
>
># ls -lad /var/empty /var/log/sshd.log
>drwxr-xr-x+   2 SYSTEM   Administ        0 Jul  5 22:31 /var/empty
>-rw-rw-r--+   1 SYSTEM   Administ        0 Nov  8 17:16 /var/log/sshd.log
>
>no feedback in sshd.log ?
>
>now trying to login, I just get this from both localhost or another machine
>on localnetwork
>#---------------------------------------------------------#
># ssh -v -v pastis
>OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003
>debug1: Reading configuration data /etc/ssh_config
>debug2: ssh_connect: needpriv 0
>debug1: Connecting to pastis [192.168.0.1] port 22.
>debug1: Connection established.
>debug1: identity file /cygdrive/c/DOCUME~1/dominix/.ssh/identity type -1
>debug1: identity file /cygdrive/c/DOCUME~1/dominix/.ssh/id_rsa type -1
>debug2: key_type_from_name: unknown key type '-----BEGIN'
>debug2: key_type_from_name: unknown key type 'Proc-Type:'
>debug2: key_type_from_name: unknown key type 'DEK-Info:'
>debug2: key_type_from_name: unknown key type '-----END'
>debug1: identity file /cygdrive/c/DOCUME~1/dominix/.ssh/id_dsa type 2
>debug1: Remote protocol version 2.0, remote software version
OpenSSH_3.7.1p2
>debug1: match: OpenSSH_3.7.1p2 pat OpenSSH*
>debug1: Enabling compatibility mode for protocol 2.0
>debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2
>debug1: SSH2_MSG_KEXINIT sent
>debug1: SSH2_MSG_KEXINIT received
>debug2: kex_parse_kexinit:
>diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
>debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
>debug2: kex_parse_kexinit:
>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,
r
>ijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
>debug2: kex_parse_kexinit:
>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,
r
>ijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
>debug2: kex_parse_kexinit:
>hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,h
m
>ac-md5-96
>debug2: kex_parse_kexinit:
>hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,h
m
>ac-md5-96
>debug2: kex_parse_kexinit: none,zlib
>debug2: kex_parse_kexinit: none,zlib
>debug2: kex_parse_kexinit:
>debug2: kex_parse_kexinit:
>debug2: kex_parse_kexinit: first_kex_follows 0
>debug2: kex_parse_kexinit: reserved 0
>debug2: kex_parse_kexinit:
>diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
>debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
>debug2: kex_parse_kexinit:
>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,
r
>ijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
>debug2: kex_parse_kexinit:
>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,
r
>ijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
>debug2: kex_parse_kexinit:
>hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,h
m
>ac-md5-96
>debug2: kex_parse_kexinit:
>hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,h
m
>ac-md5-96
>debug2: kex_parse_kexinit: none,zlib
>debug2: kex_parse_kexinit: none,zlib
>debug2: kex_parse_kexinit:
>debug2: kex_parse_kexinit:
>debug2: kex_parse_kexinit: first_kex_follows 0
>debug2: kex_parse_kexinit: reserved 0
>debug2: mac_init: found hmac-md5
>debug1: kex: server->client aes128-cbc hmac-md5 none
>debug2: mac_init: found hmac-md5
>debug1: kex: client->server aes128-cbc hmac-md5 none
>debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
>debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>debug2: dh_gen_key: priv key bits set: 134/256
>debug2: bits set: 1590/3191
>debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>Read from socket failed: Connection aborted
>debug1: Calling cleanup 0x41bf10(0x0)
>
>more feedback ?
>
>#---------------------------------------------------------#
>pastis dominix # psloglist.exe Application
>
>PsLogList v2.31 - local and remote event log viewer
>Copyright (C) 2000-2003 Mark Russinovich
>Sysinternals - www.sysinternals.com
>
>Application log on \\PASTIS:
>[010] sshd
>   Type:     ERROR
>   Computer: PASTIS
>   Time:     29/12/2003 12:51:21   ID:       0
>   User:     SYSTEM\NT AUTHORITY
>sshd : PID 3652 : fatal: mm_request_receive: read: -1
>[009] sshd
>   Type:     ERROR
>   Computer: PASTIS
>   Time:     29/12/2003 12:51:21   ID:       0
>   User:     SYSTEM\NT AUTHORITY
>sshd : PID 772 : fatal: Read from socket failed: Resource temporarily
>unavailable
>[008] sshd
>   Type:     INFORMATION
>   Computer: PASTIS
>   Time:     29/12/2003 12:51:11   ID:       0
>   User:     SYSTEM\NT AUTHORITY
>sshd : PID 3436 : `sshd' service started
>[007] sshd
>   Type:     INFORMATION
>   Computer: PASTIS
>   Time:     29/12/2003 12:51:10   ID:       0
>   User:     SYSTEM\NT AUTHORITY
>sshd : PID 3112 : Server listening on 0.0.0.0 port 22.
>
>permission checking is a possible issue
>#---------------------------------------------------------#
>pastis dominix # ls -lad /etc/ssh* .ssh/* /var/empty /var/log/sshd.log
>-rw-------+   1 dominix  None          605 Dec 29 10:42
.ssh/authorized_keys
>-rw-------    1 dominix  None          736 Dec 29 10:42 .ssh/id_dsa
>-rw-r--r--    1 dominix  None          605 Dec 29 10:42 .ssh/id_dsa.pub
>-rw-r--r--    1 dominix  None         4988 Dec 29 12:21 ..ssh/known_hosts
>-rwxr-x---    1 SYSTEM   None         1159 Dec 29 11:59 /etc/ssh_config
>-rw-------+   1 SYSTEM   Administ      668 Jun  9  2002
>/etc/ssh_host_dsa_key
>-rw-------+   1 SYSTEM   Administ      604 Jun  9  2002
>/etc/ssh_host_dsa_key.pub
>-rw-------+   1 SYSTEM   Administ      529 Jun  9  2002 /etc/ssh_host_key
>-rw-------+   1 SYSTEM   Administ      333 Jun  9  2002
>/etc/ssh_host_key.pub
>-rw-------+   1 SYSTEM   Administ      887 Jun  9  2002
>/etc/ssh_host_rsa_key
>-rw-------+   1 SYSTEM   Administ      224 Jun  9  2002
>/etc/ssh_host_rsa_key.pub
>-rw-rw-rw-    1 SYSTEM   None         2420 Dec 29 12:50 /etc/sshd_config
>-rw-rw-rw-    1 SYSTEM   None         2422 Dec 29 12:47 /etc/sshd_config~
>drwxr-xr-x+   2 SYSTEM   Administ        0 Jul  5 22:31 /var/empty
>-rw-rw-r--+   1 SYSTEM   Administ        0 Nov  8 17:16 /var/log/sshd.log


-- 
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/
Confidentiality Notice:
This e-mail message, including any attachments, is for the sole use of the
intended
recipient (s) and may contain confidential and privileged information.  Any
unauthorized review, use, disclosure or distribution is prohibited.  If you
are not the
intended recipient, please contact the sender by reply e-mail and destroy
all copies of
the original message.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/