X-Spam-Check-By: sourceware.org From: "Felipe Franciosi" To: "'Jeff Sadowski'" Cc: Subject: RES: sshd on windows 2000 Date: Mon, 21 Nov 2005 22:03:45 -0200 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit In-Reply-To: <20051121230707.72926.qmail@web33505.mail.mud.yahoo.com> Message-Id: X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com I've just signed up to this list and I've never seen your problem before. However, I'd suggest you look into privilege separation issues. Are you using it? Have you tried turning it off to see what happens? Best of luck, -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= Felipe Franciosi +55-51-91230557 CPAD/HP/PUCRS - Centro de Pesquisa em Alto Desempenho http://www.cpad.pucrs.br/ ozzy AT cpad DOT pucrs DOT br Porto Alegre, RS - Brazil =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= -----Mensagem original----- De: cygwin-owner AT cygwin DOT com [mailto:cygwin-owner AT cygwin DOT com] Em nome de Jeff Sadowski Enviada em: segunda-feira, 21 de novembro de 2005 21:07 Para: cygwin AT cygwin DOT com Assunto: sshd on windows 2000 I have one server that has a problem with sshd. And its a strange problem that I don't know what is causing it. Seems to be an authentication problem but I'm not really sure about that. Also there is a problem starting it. When I try starting it the server times out on start. it starts fine though if I start it with the following command. /usr/sbin/sshd -d -d -d (while looking for problems) $ /usr/sbin/sshd -d -d -d debug2: load_server_config: filename /etc/sshd_config debug2: load_server_config: done config len = 213 debug2: parse_server_config: config /etc/sshd_config len 213 debug1: sshd version OpenSSH_4.2p1 debug1: private host key: #0 type 0 RSA1 debug3: Not a RSA1 key file /etc/ssh_host_rsa_key. debug1: read PEM private key done: type RSA debug1: private host key: #1 type 1 RSA debug3: Not a RSA1 key file /etc/ssh_host_dsa_key. debug1: read PEM private key done: type DSA debug1: private host key: #2 type 2 DSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-d' debug1: rexec_argv[2]='-d' debug1: rexec_argv[3]='-d' debug2: fd 3 setting O_NONBLOCK debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. Generating 768 bit RSA key. RSA key generation complete. Then when I try to connect I get the following. debug1: fd 4 clearing O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug3: send_rexec_state: entering fd = 7 config len 213 debug3: ssh_msg_send: type 0 debug3: send_rexec_state: done debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7 debug1: inetd sockets after dupping: 3, 3 Connection from 172.24.0.151 port 43786 debug1: Client protocol version 2.0; client software version OpenSSH_4.2 debug1: match: OpenSSH_4.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-1.99-OpenSSH_4.2 debug2: fd 3 setting O_NONBLOCK debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-gro up14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes1 28-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes1 28-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib AT openssh DOT com debug2: kex_parse_kexinit: none,zlib AT openssh DOT com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-gro up14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes1 28-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes1 28-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent debug2: dh_gen_key: priv key bits set: 133/256 debug2: bits set: 534/1024 debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT debug2: bits set: 510/1024 debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user root service ssh-connection method none debug1: attempt 0 failures 0 debug2: input_userauth_request: setting up authctxt for root debug2: input_userauth_request: try method none Failed none for root from 172.24.0.151 port 43786 ssh2 debug1: userauth-request for user root service ssh-connection method publickey debug1: attempt 1 failures 1 debug2: input_userauth_request: try method publickey debug1: test whether pkalg/pkblob are acceptable debug1: temporarily_use_uid: 500/513 (e=500/513) seteuid 500: No such process debug1: do_cleanup client side error message goes as follows Read from socket failed: Connection reset by peer Event Viewer shows the following errors Event Properties Event Date: 11/21/2005 Source: Security Time: 15:44 Catagory: Login/Logoff User: NT AUTHORITY\SYSTEM Computer: MYSVR Description: Logon Failure: Reason: An unexpected error occurred during logon User Name: administrator Domain: ABBATECH Logon Type: 3 Logon Process: Cygwin.1 Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Workstation Name: When I try logging in it logs in and then immediately disconnects me. If I type the wrong password it brings up the prompt again If I use key authentication it just immediatly kicks me out. It looks like its authenticating passwords and encryption keys. Here is an attempt without a passkey and with a password administrator AT mysvr's password: debug3: Trying to reverse map address 172.24.0.151. Last login: Fri Nov 18 16:58:44 2005 from 127.0.0.1 debug1: permanently_set_uid: 500/513 setreuid 500: No such process debug1: do_cleanup Connection to mysvr closed. I've been trying to lookup "setreuid cygwin sshd" on google but have not run into a satisfactory condition. The error reported in the event log seems to be a mismatch time with domain server error but I made sure that the time on the machine is synced with the domain controller. And if it was a mismatch time I can login via rdesktop thats how I normally login to this box and that would fail. Has anyone else run into this problem? I had no trouble installing on Windows 2003 or Windows XP. __________________________________ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/