DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=wrPGVaRPqmhWFDVb
	fTo/R00RN0zyHslPa9Xj3+jFsYWm/OaSF7sh0io7wBaamiVHBK++uA0/7y+Zxh1h
	5gJVr9nD5jGp5wRSJjw7ZzBLlf8bRxSpFAVO4NwSjGT4BeobVnk/t/5RPcOxxBRL
	N9VTToloMZSQ8DOA1sqniAbEH8E=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Date: Thu, 14 Mar 2019 17:11:24 +0300
From: Andrey Repin <anrdaemon AT yandex DOT ru>
Reply-To: cygwin AT cygwin DOT com
Message-ID: <576975390.20190314171124@yandex.ru>
To: renaud DOT rolles AT giraudbtp DOT com, cygwin AT cygwin DOT com
Subject: Re: sshd: fatal: seteuid XXX : No such device or address
In-Reply-To: <014e01d4da69$965ee650$c31cb2f0$@giraudbtp.com>
References: <011a01d4da5a$96247330$c26d5990$@giraudbtp.com>   <20190314121034 DOT GG3785 AT calimero DOT vinschen DOT de>  <014e01d4da69$965ee650$c31cb2f0$@giraudbtp.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Note-from-DJ: This may be spam
Content-Transfer-Encoding: 8bit

Greetings, renaud DOT rolles AT giraudbtp DOT com!

>> > I can login via password, it work and lets me in.
>> > But if i tried with my keys, I get in the event viewer :
>> > sshd: PID 3777: fatal: seteuid 1049076: No such device or address
>> 
>> - Make sure to login with the Administrator account case-sensitive.
>>   If your account is called "Administrator", then use an uppercase
>>   'A' when logging in.
>> 
>>   This case-sensitivity issue is a temporary workaround for a
>>   potential security problem in OpenSSH.  This will be rectified
>>   with OpenSSH 8.0 which allows to login case-insentive again.

> With Uppercase i do have a login prompt, but (with the good password), I cant login (remotly or localy).
> I also have Information event :
> sshd: PID 3788: Login name Administrator does not match stored username administrator
> sshd: PID 3788: Invalid user Administrator from 10.0.0.8 port 60876
> then three :
> sshd: PID 3788: Failed password for invalid user Administrator from 10.0.0.8 port 60876 ssh2

Please remove /etc/passwd and /etc/group files. They are no longer necessary,
unless you have some very special needs, and even then, they only needed for
that one or two accounts you need special treatment for.

>> 
>> - If that doesn't help, switch the user running the sshd service from
>>   "cyg_server" to SYSTEM (the services GUI calls it "LocalSystem")
>> 

> This worked, like a charm, thank you 😊

>>   Cygwin switched the logon method and this method doesn't run
>>   under the "cyg_server" account sometimes.  However, switching
>>   back to "LocalSystem" instead of having to create a special
>>   "cyg_server" service account is one of the advantages of the
>>   new logon method.  For details, see
>> 
>>   https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1
>> 
> I didn't fully understand it all to be honest, but, is there another
> drawback to have the localsystem running the deamon instead of the
> cyg_server user, other than having the administrator possibly knowing the
> password ?
> I only use (and by only, again, thank you for that, saved me lot of time),
> to make rsync over ssh on windows hosts.

The main security concern is, why your Administrator user:
1. have password, and
2. is not disabled?


-- 
With best regards,
Andrey Repin
Thursday, March 14, 2019 16:39:04

Sorry for my terrible english...
--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple