Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Wed, 8 Sep 2004 17:33:18 +1000 (EST)
From: luke DOT kendall AT cisra DOT canon DOT com DOT au
Subject: ssh-host-config bug?
To: cygwin AT cygwin DOT com
MIME-Version: 1.0
Content-Type: TEXT/plain; CHARSET=US-ASCII
Message-Id: <20040908073318.1041A84C99@pessard.research.canon.com.au>
Note-from-DJ: This may be spam

I noted recently that the user "system" seems to have vanished.

> Likewise the user and the group SYSTEM no longer seem to exist.

.... as evidenced by:

$ chown system xxx
chown: `system': invalid user

Now, while diagnosing why, following a fresh install of the latest
Cygwin, I could no longer slogin to my PC:

: [luke AT pessard] .../luke; slogin -v doyle
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to doyle [10.2.3.39] port 22.
debug1: connect to address 10.2.3.39 port 22: Connection refused
ssh: connect to host doyle port 22: Connection refused

I found that sshd wasn't running.  Looking into ssh-host-config, I see
near the end that it doesn't seem to report failure to start the
server, and it also seems to rely on the existence of the user "system"
(if my rough reading is correct).  Here's an interesting section near
the end of Cygwin's ssh-host-config:

      if [ $_nt2003 -gt 0 -a "${sshd_server_in_sam}" = "yes" ]
      then
        if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -u sshd_server -w "${_password}" -e "CYGWIN=${_cygwin}"
        then
          echo
          echo "The service has been installed under sshd_server account."
          echo "To start the service, call \`net start sshd' or \`cygrunsrv -S sshd'."
        fi
      else
        if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -e "CYGWIN=${_cygwin}"
        then
          echo
          echo "The service has been installed under LocalSystem account."
          echo "To start the service, call \`net start sshd' or \`cygrunsrv -S sshd'."
        fi
      fi
    fi
    # Now check if sshd has been successfully installed.  This allows to
    # set the ownership of the affected files correctly.
    if cygrunsrv -Q sshd > /dev/null 2>&1
    then
      if [ $_nt2003 -gt 0 -a "${sshd_server_in_sam}" = "yes" ]
      then
        _user="sshd_server"
      else
        _user="system"
      fi
      chown "${_user}" ${SYSCONFDIR}/ssh*
      chown "${_user}".544 ${LOCALSTATEDIR}/empty
      if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
      then
        chown "${_user}".544 ${LOCALSTATEDIR}/log/sshd.log
      fi
    fi

Here's debug output from running it:

+ request Should privilege separation be used?
+ [  = yes ]
+ [  = no ]
+ answer=
+ [ X != Xyes -a X != Xno ]
+ echo -n Should privilege separation be used? (yes/no) 
Should privilege separation be used? (yes/no) + read -e answer
yes
+ [ Xyes != Xyes -a Xyes != Xno ]
+ [ Xyes = Xyes ]
+ return 0
+ privsep_used=yes
+ grep -q ^sshd: /etc/passwd
+ sshd_in_passwd=yes
+ net user sshd
+ sshd_in_sam=yes
+ [ yes != yes ]
+ [ ! -f /etc/sshd_config ]
+ echo Generating /etc/sshd_config file
Generating /etc/sshd_config file
+ sed -e s/^#UsePrivilegeSeparation yes/UsePrivilegeSeparation yes/
          s/^#Port 22/Port 22/
          s/^#StrictModes yes/StrictModes no/
+ _my_etcdir=/ssh-host-config.3624
+ [ 9 -gt 0 ]
+ _win_etcdir=C:\WINDOWS\system32\drivers\etc
+ _services=/ssh-host-config.3624/services
+ _spaces=                           #
+ _serv_tmp=/ssh-host-config.3624/srv.out.3624
+ mount -t -f C:\WINDOWS\system32\drivers\etc /ssh-host-config.3624
++ cygpath -w /ssh-host-config.3624/services
+ _wservices=C:\WINDOWS\system32\drivers\etc\services
++ grep -q sshd[ \t][ \t]*22 /ssh-host-config.3624/services
++ echo 1
+ [ 1 -eq 0 ]
++ grep -q ssh[ \t][ \t]*22 /ssh-host-config.3624/services
++ echo 0
+ [ 0 -ne 0 ]
+ umount /ssh-host-config.3624
+ _inetcnf=/etc/inetd.conf
+ _inetcnf_tmp=/etc/inetd.conf.3624
+ [ -f /etc/inetd.conf ]
+ with_comment=1
+ grep -q ^[ \t]*sshd /etc/inetd.conf
++ grep -q ^[# \t]*sshd /etc/inetd.conf
++ echo 1
+ [ 1 -eq 0 ]
++ grep -q ^[# \t]*ssh /etc/inetd.conf
++ echo 0
+ [ 0 -ne 0 ]
+ [ 9 -gt 0 ]
+ cygrunsrv -Q sshd
+ echo

+ echo Host configuration finished. Have fun!
Host configuration finished. Have fun!

$ ps ax | grep ssh
$

Or might the problem be that the inetd service isn't running?

Or have I simply misunderstood what's going on?


luke


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/