Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com content-class: urn:content-classes:message Subject: sshd authentication question MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Date: Mon, 15 Mar 2004 09:50:16 -0800 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: From: "Matt Berney" To: Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id i2FHqaBa002112 Over time, we continue to experience intermittent sshd authentication problems in our environment. Every so often (~ 1.5% of the time, but enough to cause our automated tests to fail), admin privileges are not granted. Perhaps there is some setting in the /etc/sshd_config file that we need to change. [sshd_config] $ grep -ve '^#' sshd_config Port 22 StrictModes no UsePrivilegeSeparation yes Subsystem sftp /usr/sbin/sftp-server Test: 'ssh Administrator AT smoke3 id' in a loop over and over again Script: #!/bin/bash USER=$1 HOST=$2 while [ true ] ; do echo -e "\n *** $USER on $HOST *** \n" ssh ${USER}@${HOST} id sleep 10 done Results: The test executed 19140 times over the weekend. The test recorded 318 occurrences of the problem with ssh not returning the admin privileges as expected. The impact of this interaction on our test environment is that sometimes, test fail because our tools require admin privilege to execute. When ssh works normally: *** Administrator on smoke3 *** uid=10500(Administrator) gid=10513(Domain Users) groups=10512(Domain Admins),105 13(Domain Users),10519(Enterprise Admins),10520(Group Policy Creator Owners),105 18(Schema Admins),544(Administrators),545(Users) When ssh works abnormally: *** Administrator on smoke3 *** uid=10500(Administrator) gid=10513(Domain Users) groups=10513(Domain Users),545(Users) Thanks in advance, Matt Berney -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/