X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-1.4 required=5.0 	tests=AWL,BAYES_00,SARE_MSGID_LONG40,SPF_PASS
X-Spam-Check-By: sourceware.org
MIME-Version: 1.0
In-Reply-To: <2a993d40912162234u7a660ebfk77bf6ee80aedb911@mail.gmail.com>
References: <2a993d40912160930g3f9a98a9o5cc32044eecdbfeb AT mail DOT gmail DOT com> 	 <2a993d40912162216x2d5f83b2mc00ba85dd1ffdedd AT mail DOT gmail DOT com> 	 <2a993d40912162229j263a287u91a526fade5782ec AT mail DOT gmail DOT com> 	 <2a993d40912162234u7a660ebfk77bf6ee80aedb911 AT mail DOT gmail DOT com>
Date: Thu, 17 Dec 2009 07:41:10 +0100
Message-ID: <2a993d40912162241i590cac70t3559ccec96625122@mail.gmail.com>
Subject: Re: openSSH problem
From: =?ISO-8859-1?Q?St=E9phanie_Cettou?= <s DOT cettou AT gmail DOT com>
To: cygwin AT cygwin DOT com
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Hi,

I have a problem with openSSH. I use it with Cygwin in a Windows 2003 serve=
r.
Before I can connect a client with=A0the password mode. The rsa key mode
don't works. So, I decided to change some user rights. And it was
KO.... I can't more connect!

I use=A0Administrator account.
If I start the service with=A0command "net"=A0I have:
The sshd service is starting.
The sshd service could not be started.
The service did not report an error.
More help is available by typing NET HELPMSG 3534.

in the log I have:

/var/empty must be owned by root and not group or world-writable.

If I start the service sshd from with =A0"/usr/sbin" with options "=A0-D -d=
 -d -d"

I can connect with administrator user. But with myUser is denied!! the log =
is:

For the client
userSFTP AT 10 DOT 4 DOT 15 DOT 5's password:
Last login: Wed Dec 16 17:56:34 2009 from scbsprod.servcenterxa.ch
debug1: permanently_set_uid: 1013/513
debug3: Copy environment: PROCESSOR_IDENTIFIER=3Dx86 Family 15 Model 4 Step=
ping 1,
=A0GenuineIntel
debug3: Copy environment: WINDIR=3DC:\\WINDOWS
debug3: Copy environment: OS=3DWindows_NT
debug3: Copy environment: ALLUSERSPROFILE=3DC:\\Documents and Settings\\All=
 Users
debug3: Copy environment: TEMP=3D/cygdrive/c/DOCUME~1/ADMINI~1.SCX/LOCALS~1=
/Temp
debug3: Copy environment: COMMONPROGRAMFILES=3DC:\\Program Files\\Common Fi=
les
debug3: Copy environment: PROCESSOR_LEVEL=3D15
debug3: Copy environment: PATH=3D/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bi=
n:/cygd
rive/c/WINDOWS/system32:/cygdrive/c/WINDOWS:/cygdrive/c/WINDOWS/System32/Wb=
em:/c
ygdrive/c/Program Files/Microsoft SQL Server/80/Tools/BINN: C:/cygwin/bin
debug3: Copy environment: SYSTEMDRIVE=3DC:
debug3: Copy environment: CYGWIN=3Dntsec tty
debug3: Copy environment: PROCESSOR_ARCHITECTURE=3Dx86
debug3: Copy environment: PATHEXT=3D.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;=
.WSF;.W
SH
debug3: Copy environment: COMSPEC=3DC:\\WINDOWS\\system32\\cmd.exe
debug3: Copy environment: TMP=3D/cygdrive/c/DOCUME~1/ADMINI~1.SCX/LOCALS~1/=
Temp
debug3: Copy environment: SYSTEMROOT=3DC:\\WINDOWS
debug3: Copy environment: PROCESSOR_REVISION=3D0401
debug3: Copy environment: PROGRAMFILES=3DC:\\Program Files
debug3: Copy environment: NUMBER_OF_PROCESSORS=3D2
debug3: Copy environment: COMPUTERNAME=3DSCBSPROD
Environment:
=A0 PROCESSOR_IDENTIFIER=3Dx86 Family 15 Model 4 Stepping 1, GenuineIntel
=A0 WINDIR=3DC:\WINDOWS
=A0 OS=3DWindows_NT
=A0 ALLUSERSPROFILE=3DC:\Documents and Settings\All Users
=A0 TEMP=3D/cygdrive/c/DOCUME~1/ADMINI~1.SCX/LOCALS~1/Temp
=A0 COMMONPROGRAMFILES=3DC:\Program Files\Common Files
=A0 PROCESSOR_LEVEL=3D15
=A0 PATH=3D/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/cygdrive/c/WINDOWS/=
system32:
/cygdrive/c/WINDOWS:/cygdrive/c/WINDOWS/System32/Wbem:/cygdrive/c/Program F=
iles/
Microsoft SQL Server/80/Tools/BINN: C:/cyg
=A0 SYSTEMDRIVE=3DC:
=A0 CYGWIN=3Dntsec tty
=A0 PROCESSOR_ARCHITECTURE=3Dx86
=A0 PATHEXT=3D.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
=A0 COMSPEC=3DC:\WINDOWS\system32\cmd.exe
=A0 TMP=3D/cygdrive/c/DOCUME~1/ADMINI~1.SCX/LOCALS~1/Temp
=A0 SYSTEMROOT=3DC:\WINDOWS
=A0 PROCESSOR_REVISION=3D0401
=A0 PROGRAMFILES=3DC:\Program Files
=A0 NUMBER_OF_PROCESSORS=3D2
=A0 COMPUTERNAME=3DSCBSPROD
=A0 USER=3DuserSFTP
=A0 LOGNAME=3DuserSFTP
=A0 HOME=3D/home/userSFTP
=A0 MAIL=3D/var/spool/mail/userSFTP
=A0 SHELL=3D/bin/bash
=A0 SSH_CLIENT=3D10.4.15.5 4547 22
=A0 SSH_CONNECTION=3D10.4.15.5 4547 10.4.15.5 22
=A0 SSH_TTY=3D/dev/tty2
=A0 TERM=3Dcygwin
debug3: channel 0: close_fds r -1 w -1 e -1 c -1
/bin/bash: Permission denied
Connection to 10.4.15.5 closed.


For the server:
debug2: load_server_config: filename /etc/sshd_config
debug2: load_server_config: done config len =3D 213
debug2: parse_server_config: config /etc/sshd_config len 213
debug3: /etc/sshd_config:13 setting Port 22
debug3: /etc/sshd_config:21 setting Protocol 2
debug3: /etc/sshd_config:42 setting StrictModes no
debug3: /etc/sshd_config:98 setting UsePrivilegeSeparation yes
debug3: /etc/sshd_config:113 setting Subsystem sftp=A0=A0=A0=A0 /usr/sbin/s=
ftp-server
debug1: sshd version OpenSSH_5.1p1
debug3: Not a RSA1 key file /etc/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]=3D'/usr/sbin/sshd'
debug1: rexec_argv[1]=3D'-D'
debug1: rexec_argv[2]=3D'-d'
debug1: rexec_argv[3]=3D'-d'
debug1: rexec_argv[4]=3D'-d'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: fd 4 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd =3D 7 config len 213
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
debug1: inetd sockets after dupping: 3, 3
Connection from 10.4.15.5 port 4547
debug1: Client protocol version 2.0; client software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug2: fd 3 setting O_NONBLOCK
debug2: Network child is on pid 5456
debug3: preauth child monitor started
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug3: mm_request_receive entering
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hell=
man-
roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arc=
four
28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes=
128-
tr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arc=
four
28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes=
128-
tr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripe=
md16
,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripe=
md16
,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hell=
man-
roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arc=
four
28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes=
128-
tr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arc=
four
28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes=
128-
tr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripe=
md16
,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripe=
md16
,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug3: mm_request_send entering: type 0
debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI
debug3: monitor_read: checking request 0
debug3: mm_request_receive_expect entering: type 1
debug3: mm_answer_moduli: got parameters: 1024 1024 8192
debug3: mm_request_receive entering
debug3: mm_request_send entering: type 1
debug2: monitor_read: 0 used once, disabling now
debug3: mm_choose_dh: remaining 0
debug3: mm_request_receive entering
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug2: dh_gen_key: priv key bits set: 121/256
debug2: bits set: 511/1024
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug2: bits set: 534/1024
debug3: mm_key_sign entering
debug3: mm_request_send entering: type 4
debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN
debug3: monitor_read: checking request 4
debug3: mm_request_receive_expect entering: type 5
debug3: mm_answer_sign
debug3: mm_request_receive entering
debug3: mm_answer_sign: signature 0x1041c2a0(271)
debug3: mm_request_send entering: type 5
debug2: monitor_read: 4 used once, disabling now
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug3: mm_request_receive entering
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user userSFTP service ssh-connection method no=
ne
debug1: attempt 0 failures 0
debug3: mm_getpwnamallow entering
debug3: mm_request_send entering: type 6
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM
debug3: monitor_read: checking request 6
debug3: mm_request_receive_expect entering: type 7
debug3: mm_answer_pwnamallow
debug3: mm_request_receive entering
debug3: Trying to reverse map address 10.4.15.5.
debug2: parse_server_config: config reprocess config len 213
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send entering: type 7
debug2: monitor_read: 6 used once, disabling now
debug2: input_userauth_request: setting up authctxt for userSFTP
debug3: mm_request_receive entering
debug3: mm_inform_authserv entering
debug3: mm_request_send entering: type 3
debug2: input_userauth_request: try method none
debug3: monitor_read: checking request 3
debug3: mm_answer_authserv: service=3Dssh-connection, style=3D
debug3: mm_auth_password entering
debug2: monitor_read: 3 used once, disabling now
debug3: mm_request_send entering: type 10
debug3: mm_request_receive entering
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
debug3: monitor_read: checking request 10
debug3: mm_request_receive_expect entering: type 11
debug3: mm_answer_authpassword: sending result 0
debug3: mm_request_receive entering
debug3: mm_request_send entering: type 11
Failed none for userSFTP from 10.4.15.5 port 4547 ssh2
debug3: mm_auth_password: user not authenticated
debug3: mm_request_receive entering
debug1: userauth-request for user userSFTP service ssh-connection method ke=
yboa
d-interactive
debug1: attempt 1 failures 0
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=3DuserSFTP devs=3D
debug1: kbdint_alloc: devices ''
debug2: auth2_challenge_start: devices
debug1: userauth-request for user userSFTP service ssh-connection method pa=
sswo
d
debug1: attempt 2 failures 1
debug2: input_userauth_request: try method password
debug3: mm_auth_password entering
debug3: mm_request_send entering: type 10
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
debug3: monitor_read: checking request 10
debug3: mm_request_receive_expect entering: type 11
debug3: mm_request_receive entering
debug3: mm_answer_authpassword: sending result 1
debug3: mm_request_send entering: type 11
Accepted password for userSFTP from 10.4.15.5 port 4547 ssh2
debug3: mm_auth_password: user authenticated
debug1: monitor_child_preauth: userSFTP has been authenticated by privilege=
d pr
cess
debug3: mm_send_keystate: Sending new keys: 0x1041ca80 0x1041b408
debug3: mm_get_keystate: Waiting for new keys
debug3: mm_newkeys_to_blob: converting 0x1041ca80
debug3: mm_request_receive_expect entering: type 24
debug3: mm_newkeys_to_blob: converting 0x1041b408
debug3: mm_request_receive entering
debug3: mm_send_keystate: New keys have been sent
debug3: mm_send_keystate: Sending compression state
debug3: mm_request_send entering: type 24
debug3: mm_send_keystate: Finished sending state
debug3: mm_newkeys_from_blob: 0x1041edc0(118)
debug2: mac_setup: found hmac-md5
debug3: mm_get_keystate: Waiting for second key
debug3: mm_newkeys_from_blob: 0x1041feb0(118)
debug2: mac_setup: found hmac-md5
debug3: mm_get_keystate: Getting compression state
debug3: mm_get_keystate: Getting Network I/O buffers
debug3: mm_share_sync: Share sync
debug3: mm_share_sync: Share sync end
debug2: set_newkeys: mode 0
debug2: set_newkeys: mode 1
debug1: Entering interactive session for SSH2.
debug2: fd 4 setting O_NONBLOCK
debug2: fd 5 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16=
384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug2: session_new: allocate (allocated 0 max 10)
debug3: session_unused: session id 0 unused
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_global_request: rtype no-more-sessions AT openssh DOT com wan=
t_re
ly 0
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/tty2
debug3: tty_parse_modes: SSH2 n_bytes 246
debug3: tty_parse_modes: ospeed 38400
debug3: tty_parse_modes: ispeed 38400
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug2: fd 3 setting TCP_NODELAY
debug2: channel 0: rfd 8 isatty
debug2: fd 8 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug2: channel 0: read<=3D0 rfd 8 len 0
debug2: channel 0: read failed
debug2: channel 0: close_read
debug2: channel 0: input open -> drain
debug2: channel 0: ibuf empty
debug2: channel 0: send eof
debug2: channel 0: input drain -> closed
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 4652
debug1: session_exit_message: session 0 channel 0 pid 4652
debug2: channel 0: request exit-status confirm 0
debug1: session_exit_message: release channel 0
debug2: channel 0: write failed
debug2: channel 0: close_write
debug2: channel 0: send eow
debug2: channel 0: output open -> closed
debug1: session_pty_cleanup: session 0 release /dev/tty2
debug2: channel 0: send close
debug3: channel 0: will not send data after close
debug2: notify_done: reading
debug3: channel 0: will not send data after close
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: is dead
debug2: channel 0: gc: notify user
debug1: session_by_channel: session 0 channel 0
debug1: session_close_by_channel: channel 0 child 0
debug1: session_close: session 0 pid 0
debug3: session_unused: session id 0 unused
debug2: channel 0: gc: user detached
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: server-session, nchannels 1
debug3: channel 0: status: The following connections are open:
=A0 #0 server-session (t4 r0 i3/0 o3/0 fd -1/-1 cfd -1)
debug3: channel 0: close_fds r -1 w -1 e -1 c -1
Connection closed by 10.4.15.5
debug1: do_cleanup
Transferred: sent 4984, received 1712 bytes
Closing connection to 10.4.15.5 port 4547

=A0If I read the rigths I have:
> drwxrwx---+ 3 Administrator Users 0 Dec 16 17:30 cache
> drwxr-xr-x+ 2 Administrator None=A0 0 Dec 16 17:37 empty
> drwxrwx---+ 3 Administrator Users 0 Dec 16 17:30 lib
> drwxrwxrwx+ 2 Administrator Users 0 Dec 16 17:39 log
> drwxrwxrwx+ 2 Administrator Users 0 Dec 16 17:30 run
> drwxrwx---+ 2 Administrator Users 0 Dec 16 17:30 tmp


Can me help, please?? Wath can I do?

St=E9phanie

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple