X-Spam-Check-By: sourceware.org
Message-ID: <a13d15de0611171459t73ec9facyfe6985410990f4bc@mail.gmail.com>
Date: Fri, 17 Nov 2006 17:59:49 -0500
From: "Tom Mount" <tmountjr AT gmail DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: 1.5.21-1: sshd occasionally fails to start
In-Reply-To: <Pine.GSO.4.63.0611171404140.5837@access1.cims.nyu.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <a13d15de0611162014p595a440fkdef64998b37bf8b6 AT mail DOT gmail DOT com> 	 <455D3B62 DOT 2000904 AT cygwin DOT com> 	 <a13d15de0611170658o5576538er955a77e1e0bf82ed AT mail DOT gmail DOT com> 	 <Pine DOT GSO DOT 4 DOT 63 DOT 0611171018040 DOT 20455 AT access1 DOT cims DOT nyu DOT edu> 	 <a13d15de0611170936hc9ba47euc62bb1fccfe2f97f AT mail DOT gmail DOT com> 	 <Pine DOT GSO DOT 4 DOT 63 DOT 0611171404140 DOT 5837 AT access1 DOT cims DOT nyu DOT edu>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Note-from-DJ: This may be spam

On 11/17/06, Igor Peshansky <pechtcha@> wrote:
> On Fri, 17 Nov 2006, Tom Mount wrote:
>
> > On 11/17/06, Igor Peshansky <> wrote:
> > > Ugh, top-posting...  Reformatted.
> > >
> > > On Fri, 17 Nov 2006, Tom Mount wrote:
> > >
> > > > On 11/16/06, Larry Hall (Cygwin) <reply-to-list-only-lh AT XXXXXX DOT XXX> wrote:
> > >
> > > <http://cygwin.com/acronyms/#PCYMTNQREAIYR>.  Thanks.
> > >
> > > > > Tom Mount wrote:
> > > > > > How did you come up with that directory name? I searched through the
> > > > > > output file I posted and couldn't find it. I also ran a search on
> > > > > > that computer for any and all cygwin1.dll files - I probably should
> > > > > > have mentioned right off the bat that that's the first thing I do
> > > > > > when I can't start the sshd service. I can't find
> > > > > > c:/tools/foundstone, and I can't find any other cygwin1.dll files on
> > > > > > the system.
> > > > >
> > > > > Hm, I guess that's why it looked *so* familiar.  Yours didn't
> > > > > overwrite the last one I viewed. :-(
> > > > >
> > > > > Are you sure tcpip is starting up in a timely manner?  If it's not,
> > > > > 'sshd' won't either.
> > > >
> > > > For kicks I shut down the sshd process and attempted to start it right
> > > > back up. No dice. Here's the output from my bash window:
> > > >
> > > > Tmount AT CS8664 ~
> > > > $ cygrunsrv -Q tcpip
> > > > Service             : tcpip
> > > > Display name        : TCP/IP Protocol Driver
> > > > Description         : TCP/IP Protocol Driver
> > > > Current State       : Running
> > > > Controls Accepted   : Stop
> > > >
> > > > Tmount AT CS8664 ~
> > > > $ net start sshd
> > > > The CYGWIN sshd service is starting.
> > > > The CYGWIN sshd service could not be started.
> > > >
> > > > A system error has occurred.
> > > >
> > > > System error 1067 has occurred.
> > > >
> > > > The process terminated unexpectedly.
> > > >
> > > >
> > > > Tmount AT CS8664 ~
> > > > $ cygrunsrv -S sshd
> > > > cygrunsrv: Error starting a service: QueryServiceStatus:  Win32
> > > > error 1062: The service has not been started.
> > >
> > > Do you have any extra information in the Event Log or in
> > > /var/log/sshd.log?
> > >         Igor
> > > --
> > >                                 http://cs.nyu.edu/~pechtcha/
> > >       |\      _,,,---,,_            pechtcha@ | igor@
>
> Thanks, Tom, I appreciate your effort in removing the email addresses in
> my .signature, but just to clarify, the PCYMTNQREAIYR acronym only refers
> to the lead-in string (i.e., Joe <joe AT example DOT com> wrote:), since that is
> a way of accidentally making someone's email address ripe for spammers to
> pick up.  By putting the addresses in my signature, I have made a
> conscious choice to make them available, so there is no need to sanitize
> them.  FWIW, feel free to remove the signature altogether from the quoted
> text (most mailers do that automatically).
>
> > sshd.log is empty. 0 bytes. In the even log I have errors like "The
> > CYGWIN sshd service terminated unexpectedly.  It has done this 15
> > time(s)." These errors follow information entries like "The CYGWIN
> > sshd service was successfully sent a start control." Earlier in the
> > morning before I started messing with this, I got the following
> > information entry: "The system detected that network adapter
> > \DEVICE\TCPIP_{84D85DA7-3BDE-4091-9024-B1AA02CDDEB5} was connected to
> > the network, and has initiated normal operation over the network
> > adapter." I point that out because the source was "Tcpip."
>
> Looks like you're examining the wrong log.  Take a look at the Application
> log, rather than the System log.  There should be messages from "sshd" or
> "Cygwin sshd".
>
> > I'm wondering why sshd.log would be empty and if that means anything
> > for this problem. The SYSTEM user is the owner of the file, and it's
> > got full control minus execute permissions. The service is being run
> > by the local system account, so it should be able to interact with
> > that log file, right?
>
> It should be, but sshd uses the syslog mechanism to log events, and syslog
> messages by default go to the Windows Event Log.  One way to rectify that
> would be to install syslogd as a service, and configure it to send
> messages from sshd to /var/log/sshd.log.
>         Igor
> --
>                                 http://cs.nyu.edu/~pechtcha/
>       |\      _,,,---,,_            pechtcha AT cs DOT nyu DOT edu | igor AT watson DOT ibm DOT com
> ZZZzz /,`.-'`'    -.  ;-;;,_            Igor Peshansky, Ph.D. (name changed!)
>      |,4-  ) )-,_. ,\ (  `'-'           old name: Igor Pechtchanski
>     '---''(_/--'  `-'\_) fL     a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!
>
> "Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
> "But no -- you are no fool; you call yourself a fool, there's proof enough in
> that!" -- Rostand, "Cyrano de Bergerac"
>

The systems are standard setup on our campus - novell client and all
its baggage, zenworks agent and all *its* baggage, and symantec
corporate AV 10.x - whatever's the most current. Beyond that we don't
have any security apps running.

I checked - the app log is a little borked, reporting virus updates
that happened January 3, 2080. However, there are no entries at all
for (cygwin) sshd in the application log, only in the system log.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/