Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <4123ACA8.1010801@acm.org>
Date: Wed, 18 Aug 2004 12:23:20 -0700
From: David Rothenberger <daveroth AT acm DOT org>
User-Agent: Mozilla Thunderbird 0.7.3 (Windows/20040803)
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: upgrading openssh 3.8.1p1-1 -> 3.9p1-1 breaks privilege separation
References: <87n00siknk DOT fsf AT beth DOT swift DOT xxx> <20040818152348 DOT GI10590 AT cygbert DOT vinschen DOT de>
In-Reply-To: <20040818152348.GI10590@cygbert.vinschen.de>
X-Enigmail-Version: 0.85.0.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Authentication-Info: Submitted using SMTP AUTH at out011.verizon.net from [216.34.91.132] at Wed, 18 Aug 2004 14:23:21 -0500
X-IsSubscribed: yes
Reply-To: cygwin AT cygwin DOT com

On 8/18/2004 8:23 AM, Corinna Vinschen wrote:
> On Aug 18 10:30, Matt Swift wrote:
> 
>>I've verified on two machines running XP Pro with up-to-date Cygwin
>>installations that upgrading from openssh 3.8.1p1-1 to openssh 3.9p1-1
>>breaks sshd when running with privilege separation (the default).
>>Clients (including "ssh localhost") can not log into the Cygwin sshd.
>>Either turning off privilege separation in /etc/sshd_config or
>>downgrading and rebooting resolves the problem.
> 
> As a temporary measure, please add the -r option when starting sshd.
> I haven't found the exact culprit so far, but the above flag will help.
> 
> Thanks for the report.  It's embarassing that I didn't find the error
> myself since I had accidentally switched off privilege separation a few
> days ago :-(

I did not experience this problem when I upgraded and I thought that I 
had privilege separation enabled.  Is there any easy way to tell if it 
is on or not?

-- 
David Rothenberger                spammer? -> spam AT daveroth DOT dyndns DOT org
GPG/PGP: 0x7F67E734, C233 365A 25EF 2C5F C8E1 43DF B44F BA26 7F67 E734


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/