Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Wed, 8 Dec 2004 16:23:22 -0500
From: Christopher Faylor <cgf-no-personal-reply-please AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: sshd service wont accept password
Message-ID: <20041208212322.GF4081@trixie.casa.cgf.cx>
Reply-To: cygwin AT cygwin DOT com
References: <41B76D36 DOT 6070101 AT ege DOT cc> <41B76F5D DOT 8050907 AT ege DOT cc>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <41B76F5D.8050907@ege.cc>
User-Agent: Mutt/1.4.1i

On Wed, Dec 08, 2004 at 10:17:17PM +0100, Bernhard Ege wrote:
>Bernhard Ege wrote:
>>Well, I am at a loss. My sshd service will not accept my password. 
>>However, starting sshd like this:
>>
>>/usr/sbin/sshd &
>>
>>and then quitting the bash shell (optional) makes sshd work just fine, 
>>accepting my password as it should.
>>
>
>>Invalid user bme from 127.0.0.1.
>
>Ok, I thought of one thing more to try just after sending my previous 
>email. The above log line (invalid user) prompted me to check the owner 
>of the /etc/passwd file and it was owned by bme (me). I changed it to 
>SYSTEM and the sshd service worked again. I just figured SYSTEM was able 
>to read my files and didn't think twice about it before now.
>
>I am sorry for not figuring this out before sending my email, but it is 
>not always easy to debug foreign applications. :-/

I'm glad that you figured this out yourself.  That's rare.

I think we have to do a better job somehow of assuring that the permissions
on files in /etc and other system areas are accessible via processes that
run as SYSTEM.

I wonder if maybe we shouldn't be using the windows service manager but
should be relying more on xinetd.  Or, we could have one super-service
manager which sets itself up to spawn other applications.

cgf

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/