Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
content-class: urn:content-classes:message
Subject: sshd authentication question
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Date: Mon, 15 Mar 2004 09:50:16 -0800
Message-ID: <C75BC7A96CFE2C44B38C639E4362739E017A46C4@postman.ms.polyserve.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
From: "Matt Berney" <mberney AT polyserve DOT com>
To: <cygwin AT cygwin DOT com>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id i2FHqaBa002112

Over time, we continue to experience intermittent sshd authentication problems in our environment.  Every so often (~ 1.5% of the time, but enough to cause our automated tests to fail), admin privileges are not granted.  Perhaps there is some setting in the /etc/sshd_config file that we need to change.  

[sshd_config]
$ grep -ve '^#' sshd_config

Port 22
StrictModes no
UsePrivilegeSeparation yes
Subsystem      sftp    /usr/sbin/sftp-server


Test: 'ssh Administrator AT smoke3 id' in a loop over and over again
Script:

#!/bin/bash

USER=$1
HOST=$2

while [ true ] ; do

  echo -e "\n *** $USER on $HOST *** \n"
  ssh ${USER}@${HOST} id

  sleep 10
done

Results:

The test executed 19140 times over the weekend.  The test recorded 318 occurrences of the problem with ssh not returning the admin privileges as expected.  The impact of this interaction on our test environment is that sometimes, test fail because our tools require admin privilege to execute.  

When ssh works normally:

 *** Administrator on smoke3 ***

uid=10500(Administrator) gid=10513(Domain Users) groups=10512(Domain Admins),105
13(Domain Users),10519(Enterprise Admins),10520(Group Policy Creator Owners),105
18(Schema Admins),544(Administrators),545(Users)

When ssh works abnormally:

 *** Administrator on smoke3 *** 

uid=10500(Administrator) gid=10513(Domain Users) groups=10513(Domain Users),545(Users)


Thanks in advance,

Matt Berney


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/