X-Spam-Check-By: sourceware.org Message-ID: X-Sender: vilarneto AT hotmail DOT com In-Reply-To: From: "Vilar Camara" To: cygwin AT cygwin DOT com Subject: Re: sshd+ssh localhost connects, but don't reach the shell Date: Tue, 30 May 2006 21:17:55 +0000 Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com > >> The symptoms do appear like a firewall issue like Larry Hall said, > > > > This is always a point to be rechecked. I just did it: > > - All ssh.exe, ssh2.exe (Windows GUI client) and sshd.exe have full > > permissions set to access and server; > > - Logging on, but no log entries about these programs being blocked. > > > > Anyway, as I said before, all my tests were performed with firewall not > > running. Should I try, for the sake of completeness, uninstalling it? > >No, have you tested with the Windows firewall running? No, I never use Windows Firewall. My choice is Zone Alarm Pro. Even so, I had included Port 22 in the Windows Firewall exception list, although technically it should make no difference. >Now try: netstat -anbv | grep -B 1 -A 2 ":22" >should show only sshd.exe listening. Now that's strange: in that verbose list there is no program listening on port 22. The only reference to sshd is in the following block: UDP 127.0.0.1:2186 *:* 2848 C:\WINDOWS\system32\ZoneLabs\vetredir.dll C:\WINDOWS\system32\imslsp.dll C:\WINDOWS\system32\ws2_32.dll C:\cygwin\bin\cygwin1.dll [sshd.exe] The first DLL is a ZoneAlarm (firewall) one. This is curious, because that DLL is around even if the firewall is off. (The service related to ZA's firewall is called "TrueVector" and it is stopped in the Services list.) The port (2186) varies from run to run. But it appears in: netstat -an | grep ":22" TCP 0.0.0.0:22 0.0.0.0:0 LISTENING Not all entries listed by -an appear on -anbv. >Also check: ps -a | grep sshd >before and during a test. Is the UID 18? does the process have any suspend >flags? Changed to "ps -a | grep ssh" to include the client. Before test: 3676 436 3676 2392 ? 18 17:52:14 /usr/sbin/sshd During test: 3676 436 3676 2392 ? 18 17:52:14 /usr/sbin/sshd I 4060 604 4060 2512 0 1003 17:54:12 /usr/bin/ssh 1560 3676 1560 2812 ? 18 17:54:12 /usr/sbin/sshd That "I" on the client is significant, but as far as we've been discussing this is somewhat expected (but not desired :-( ). >During a test, the second sshd process is the interesting one, you could >try to >see what is doing (when it appears to be stuck) by using: strace -p $PID >where the process id is from the above ps -a. It can't proceed: it stops after the message "strace: couldn't attach to pid 3844 for debugging". Doing strace to the original sshd.exe (the non-spawned one) reveals that tons of things happen when I run "ssh localhost", but I can't interpret all those gibberish output. After all, I'm really suspicious about that ZoneAlarm DLL. But I think I can only purge it if I uninstall the firewall. Oh my. -- Best regards, Vilar Camara Neto -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/