X-Spam-Check-By: sourceware.org
Date: Tue, 16 May 2006 09:08:56 -0400 (EDT)
From: Igor Peshansky <pechtcha AT cs DOT nyu DOT edu>
Reply-To: cygwin AT cygwin DOT com
To: Andrew DeFaria <Andrew AT DeFaria DOT com>
cc: cygwin AT cygwin DOT com
Subject: Re: ssh to 2003 server exist immediately
In-Reply-To: <e4bq5c$cce$1@sea.gmane.org>
Message-ID: <Pine.GSO.4.63.0605160902200.29567@access1.cims.nyu.edu>
References: <e3s32l$k60$1 AT sea DOT gmane DOT org> <4461FD21 DOT 3050606 AT cygwin DOT com>    <e3t060$q2n$1 AT sea DOT gmane DOT org> <44622D6F DOT 2090303 AT cygwin DOT com>    <e3u80a$vbr$1 AT sea DOT gmane DOT org> <e3ubdt$cdt$1 AT sea DOT gmane DOT org>    <446542EF DOT 8080204 AT cygwin DOT com> <e46840$87e$1 AT sea DOT gmane DOT org>  <2e59e6970605150645k138117d8m82c1ab0048b1d58c AT mail DOT gmail DOT com>  <e4bq5c$cce$1 AT sea DOT gmane DOT org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; FORMAT=flowed
Content-ID: <Pine DOT GSO DOT 4 DOT 63 DOT 0605160902202 DOT 29567 AT access1 DOT cims DOT nyu DOT edu>
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Mon, 15 May 2006, Andrew DeFaria wrote:

> * * wrote:
> > You might try reconfiguring with "privilege separation" turned on.
> > Also, turn on auditing of failed file access, and/or run sysInternals
> > RegMon and FileMon.
>
> Reconfigured with privilege separation turned on. Same problem.
> Interesting note: I removed /var/empty so that the ssh-host-config would
> recreate it. It does, but it's owned by my user. Starting sshd yields
> the following in /var/log/sshd.log:
>
> /var/empty must be owned by root and not group or world-writable.
>
> At first I did chown SYSTEM:SYSTEM /var/empty but that didn't help. It
> was not until I did a chown sshd_server /var/empty that I was able to
> start sshd. It was not apparent to me that, in this context, "root" ==
> "sshd_server" nor that ssh-host-config, knowing that I'm running on 2003
> and needing to create a local sshd_server user and using privilege
> separation, would not know to do a chown sshd_server on /var/empty. Bug?

Perhaps.  We'll need more info on this.  FWIW, I used ssh-host-config to
setup sshd with privilege separation, and everything "just worked" (tm).

> > I think your sshd_server user doesn't have permission to execute
> > Winsock2 which is %SYSTEMROOT%\System32\ws2_32.dll or one of it's
> > dependencies.  Did you also check the Application Event Log?
>
> Again, whenever I go to view the Application log in the Event Viewer
> after trying an ssh it's corrupted. I can right click on the Application
> log and Clear All Events, thus creating a new Application log, which
> works. But if I do an ssh and go back to the Event Viewer it says the
> Application log is corrupted!

Ouch!  That's not good, and most likely isn't Cygwin-related.  However,
you can get sshd to write somewhere other than to the event log, by
setting up and starting the syslogd service -- then any events sshd
produces will go to syslog.  Then you'll be able to actually see them,
invalid characters (if any) and all.

> Meantime I edited sshd_server's rights so I could do a "runas
> /user:sshd_server cmd". From here I started bash --login -i then did an
> "strace /usr/sbin/sshd -d > /tmp/sshd.strace.log 2>&1" (attached). The
> "relevant" part seems to be here:
>
> 277 3957121 [main] sshd 1404 C:\Cygwin\usr\sbin\sshd.exe: *** fatal error - could not load ws2_32, Win32 error 0

Your mailer wrapped the strace snippet, but this definitely seems
relevant.  What does "getfacl /cygdrive/c/WINDOWS/system32/ws2_32.dll"
say?

> I'd appreciate any pointers (guesses) at this point?

As Richard (or "* *") pointed out, your sshd_server user probably doesn't
have access to ws2_32.dll.
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_	    pechtcha AT cs DOT nyu DOT edu | igor AT watson DOT ibm DOT com
ZZZzz /,`.-'`'    -.  ;-;;,_		Igor Peshansky, Ph.D. (name changed!)
     |,4-  ) )-,_. ,\ (  `'-'		old name: Igor Pechtchanski
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
"But no -- you are no fool; you call yourself a fool, there's proof enough in
that!" -- Rostand, "Cyrano de Bergerac"

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/