Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Date: Sat, 8 Jan 2005 14:48:57 -0800 From: Ernie Longmire To: cygwin AT cygwin DOT com Subject: sshd on XP Home: "ssh_exchange_identification: Connection closed by remote host" Message-ID: <20050108224857.GA3140@studio-nibble.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i I've been working on getting sshd working on my XP Home SP1 box but I've run into a problem I can't get past. sshd is running as a daemon but won't allow me to connect to it. Starting with updated versions of all installed cygwin packaged including a clean openssh 3.9p1-2 install (no /etc/ssh* or ~/.ssh, sshd removed from /etc/passwd, "net user sshd /del"), here's how I set it up. I was logged in as "Ernie", which has Administrator privs: ====================================================================== % ssh-host-config -y Generating /etc/ssh_host_key Generating /etc/ssh_host_rsa_key Generating /etc/ssh_host_dsa_key Generating /etc/ssh_config file Privilege separation is set to yes by default since OpenSSH 3.3. However, this requires a non-privileged account called 'sshd'. For more info on privilege separation read /usr/share/doc/openssh/README.privsep. Should privilege separation be used? (yes/no) yes Generating /etc/sshd_config file Warning: The following functions require administrator privileges! Do you want to install sshd as service? (Say "no" if it's already installed as service) (yes/no) yes Which value should the environment variable CYGWIN have when sshd starts? It's recommended to set at least "ntsec" to be able to change user context without password. Default is "ntsec". CYGWIN=ntsec tty The service has been installed under LocalSystem account. To start the service, call `net start sshd' or `cygrunsrv -S sshd'. Host configuration finished. Have fun! % net user sshd /add /homedir:d:\\cygwin\\var\\empty /active:no The command completed successfully. % mkpasswd -l -u sshd | sed -e 's/bash/false/' >> /etc/passwd % grep "^sshd:" /etc/passwd sshd:unused_by_nt/2000/xp:1010:513:U-SLEEPWALK\sshd,S-1-5-21-1482476501-1682526488-854245398-1010:/var/empty:/bin/false % echo "" > /var/log/sshd.log % chown SYSTEM:SYSTEM /etc/ssh* /var/empty /var/log/sshd.log /var/log/lastlog % ssh-user-config Shall I create an SSH1 RSA identity file for you? (yes/no) no Shall I create an SSH2 RSA identity file for you? (yes/no) (yes/no) yes Generating /home/Ernie/.ssh/id_rsa Enter passphrase (empty for no passphrase): Enter same passphrase again: Do you want to use this identity to login to this machine? (yes/no) yes Adding to /home/Ernie/.ssh/authorized_keys Shall I create an SSH2 DSA identity file for you? (yes/no) (yes/no) yes Generating /home/Ernie/.ssh/id_dsa Enter passphrase (empty for no passphrase): Enter same passphrase again: Do you want to use this identity to login to this machine? (yes/no) yes Adding to /home/Ernie/.ssh/authorized_keys Configuration finished. Have fun! % ls -l /etc/ssh* -rwxr-x--- 1 SYSTEM Administrators 1159 Jan 8 14:24 /etc/ssh_config -rw------- 1 SYSTEM Administrators 668 Jan 8 14:24 /etc/ssh_host_dsa_key -rw-r--r-- 1 SYSTEM Administrators 605 Jan 8 14:24 /etc/ssh_host_dsa_key.pub -rw------- 1 SYSTEM Administrators 530 Jan 8 14:24 /etc/ssh_host_key -rw-r--r-- 1 SYSTEM Administrators 334 Jan 8 14:24 /etc/ssh_host_key.pub -rw------- 1 SYSTEM Administrators 887 Jan 8 14:24 /etc/ssh_host_rsa_key -rw-r--r-- 1 SYSTEM Administrators 225 Jan 8 14:24 /etc/ssh_host_rsa_key.pub -rw-r--r-- 1 SYSTEM Administrators 2807 Jan 8 14:24 /etc/sshd_config % ls -l ~/.ssh total 6 -rw-------+ 1 Ernie None 830 Jan 8 14:26 authorized_keys -rw------- 1 Ernie None 668 Jan 8 14:26 id_dsa -rw-r--r-- 1 Ernie None 605 Jan 8 14:26 id_dsa.pub -rw------- 1 Ernie None 883 Jan 8 14:26 id_rsa -rw-r--r-- 1 Ernie None 225 Jan 8 14:26 id_rsa.pub -rw-r--r-- 1 Ernie None 236 Jan 8 14:29 known_hosts % cygrunsrv -S sshd [ sshd is up and running at this point ] % ssh Ernie AT 127 DOT 0 DOT 0 DOT 1 ssh_exchange_identification: Connection closed by remote host % cygrunsrv -E sshd % chown Ernie:None /etc/ssh* /var/empty /var/log/sshd.log /var/log/lastlog % /usr/sbin/sshd -d -d -d debug2: load_server_config: filename /etc/sshd_config debug2: load_server_config: done config len = 187 debug2: parse_server_config: config /etc/sshd_config len 187 debug1: sshd version OpenSSH_3.9p1 debug1: private host key: #0 type 0 RSA1 debug3: Not a RSA1 key file /etc/ssh_host_rsa_key. debug1: read PEM private key done: type RSA debug1: private host key: #1 type 1 RSA debug3: Not a RSA1 key file /etc/ssh_host_dsa_key. debug1: read PEM private key done: type DSA debug1: private host key: #2 type 2 DSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-d' debug1: rexec_argv[2]='-d' debug1: rexec_argv[3]='-d' debug2: fd 3 setting O_NONBLOCK debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. Generating 768 bit RSA key. RSA key generation complete. [ Here I run 'ssh Ernie AT 127 DOT 0 DOT 0 DOT 1' from another shell ] debug3: fd 4 is not O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug3: send_rexec_state: entering fd = 7 config len 187 debug3: ssh_msg_send: type 0 debug3: send_rexec_state: done debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7 ====================================================================== Naturally, this all worked right out of the box on XP Pro at work. Any ideas or suggestions? -- Ernie Longmire (http://www.studio-nibble.com/) -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/