X-Recipient: archive-cygwin AT delorie DOT com X-Original-To: cygwin AT cygwin DOT com Delivered-To: cygwin AT cygwin DOT com DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org C5347386F822 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=berkeley.edu Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=carrier AT berkeley DOT edu DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=berkeley-edu.20150623.gappssmtp.com; s=20150623; h=from:date:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=PskYnsAMv2TTXr4zzTzRW4tEalv9W3s1jSw/oVsTOEw=; b=pzDEg+ihnqBMkOSFrcUT9PUwan/K3xOULnFxNlzhn5F0J7vCWNkEDEs8GSlJPagRgh g048QUoUNTmBGjl5+dBxWVUVI0xnplvWx70wmNGFO4fIKeD/Lgv8mIvCmqLmHeVbIAzS 2yGhYduoDU8ya75XieAzdB+97WcIa0P8hbtHVhHduS9BgPngaoVPa9oyYgq7kWup+bKu Gm3YRg6TaffjyAtWpnvt42aNAJNgLpDiF2yaRVLUGiSuIQHRzn9AhOrWa816YVAEHDRO bUNh99ktnYbwQA1IlhsP5t/PUwsMWEUSKEwylb0zsa1nelyzMahu+LAJWb9fkT7qcyfp mhwQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:date:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=PskYnsAMv2TTXr4zzTzRW4tEalv9W3s1jSw/oVsTOEw=; b=JMyPNtVInxkmLG6Nh/0JPOfzl8X4qNeD0x9F3TO3xBTTak42heIYt2V0Ll55c1QkAU hFVHf7Q68GK+vgZ1tQo6r0HxfM4bhyn86MoT6jIA6sLvaiVzoIGlmoQeNSMF4GFET6jx i3Dqkv5aGwW7hn3M3mpKEkdVku9NkFgQnvX2R6NItd7VxCgc8hUuUTRlYavj5R5GdRqQ UyjBxX70VV6E6oxpk2dELdSHIxBMclKkJa3YTAi7QWQqIRQU5cq4mP48yDJAUAP1XxDJ 4aG2h8Rw9M8WNkIyUtuzLzH70Sdg6GyfquC8mHZU2M+1erzu+eVBBOYd0ejzOOQ3gGp7 fFgg== X-Gm-Message-State: AOAM533qD+KhXLUhKCmG2OJ8H2MWiAFm1DMmwi7p6t0Q+6vLNGCyJEfY 7HuuJu1RefEv9uJx4YrOXxWWqkE9RdXOYA== X-Google-Smtp-Source: ABdhPJxbW+B56zH9k/D2w6oPANoSZPfhVLCAHuxDVTQFeURx0iffk57Fmeoa777BzfzyvHZK+7rsJQ== X-Received: by 2002:a17:90a:fa11:: with SMTP id cm17mr4849091pjb.153.1597854764311; Wed, 19 Aug 2020 09:32:44 -0700 (PDT) From: Stephen Carrier X-Google-Original-From: Stephen Carrier Date: Wed, 19 Aug 2020 09:32:42 -0700 To: Subramanya Narayanaswamy Subject: Re: Need information on creating service user to connect from the Agent server to Windows hosts for installing agents on remote Message-ID: <20200819163242.GA7219@iguana.crashland.org> References: <6c46c572-6678-45ea-91db-54d02e0c3bcd AT default> <402804355 DOT 20200811013821 AT yandex DOT ru> <1dbc09c8-07ad-4f42-8c7e-0aff2fbe68cc AT default> <4910065414 DOT 20200812022520 AT yandex DOT ru> <20200812155859 DOT GA9165 AT iguana DOT crashland DOT org>

MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.12.2 (2019-09-21) X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, KAM_ASCII_DIVIDERS, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: cygwin AT cygwin DOT com X-Mailman-Version: 2.1.29 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: cygwin AT cygwin DOT com Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: cygwin-bounces AT cygwin DOT com Sender: "Cygwin" On Sun, Aug 16, 2020 at 11:36:10AM +0200, Marco Atzeri via Cygwin wrote: > On 16.08.2020 10:17, Subramanya Narayanaswamy via Cygwin wrote: > > Hi Team, > > > > I'm facing below issue while trying to start CYGSSHD server. I'm running the below command as an Administrator but not sure why cygsshd is not starting. Any help? > > -------------------------------------------------------------- > > $ net start cygsshd > > The CYGWIN cygsshd service is starting. > > The CYGWIN cygsshd service could not be started. > > > > The service did not report an error. > > > > More help is available by typing NET HELPMSG 3534. > > > > Subramanya > > > > I saw the same problem. > The /var/log/sshd.log gave me the hint: > ----------------------------------------------- > Permissions 0640 for '/etc/ssh_host_rsa_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > .. > Permissions 0640 for '/etc/ssh_host_ecdsa_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > .. > Permissions 0640 for '/etc/ssh_host_ed25519_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > sshd: no hostkeys available -- exiting. > ------------------------------------------------ /var/log/sshd.config may provide helpful clues even if the issue is different from loose permissions on the private keys. Let us know what you find there if you are still having trouble. > from the Admin account > > $ cd /etc > $ chmod 600 ssh* > > solved the problem It may have but ... There is no need to restrict permissions on the public keys and restricting permissions on /etc/ssh_config may interfere with ssh client use by non-Administrator users. Moreover, I don't think /etc/sshd_config needs to be restricted though that could be a judgement call. Perhaps $ chmod 600 ssh_host_*_key is enough to fix the private key permissions, if in fact that is the problem. > $ cygrunsrv -Q cygsshd .... "cygrunsrv -V -Q cygsshd" will reveal even more information. --Stephen -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple