DMARC-Filter: OpenDMARC Filter v1.4.2 delorie.com 50HDgbmp689622
Authentication-Results: delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com
Authentication-Results: delorie.com; spf=pass smtp.mailfrom=cygwin.com
DKIM-Filter: OpenDKIM Filter v2.11.0 delorie.com 50HDgbmp689622
Authentication-Results: delorie.com;
	dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=BaIb1Bov
X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 5843E3847702
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1737121355;
	bh=vVpgCP5o5J3pOClqHb5073M447+P1UWseONT/Djp9gg=;
	h=Date:Subject:To:References:In-Reply-To:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	 From;
	b=BaIb1Bovj3KT2TouYklYHFEKHxL9/ID73HqqoOJZVtritOkwneNOkM2MKMyVDmxtI
	 DQ3AG0HwcE+jJpgOhC4/k5NWIpyuqtXejmDsA0rQtW3oZQ3GeoYJ350P23Uj5fcWN1
	 gaLwYLjP7Ir7mVdm4v8OVXS1iUE1McAVsBoGRToM=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 4B68A3847821
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 4B68A3847821
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1737121321; cv=none;
 b=EMek9rFjteKdGaTpnF/f/HGTGxZEcuMDGMXzRBCd/Z5/W2eYSHwY0p1OnSx68hA2MEc4k1Omcn6WuPTVXZ0Ezsz8QgYK8VZS7S3difKIdgSrdBIevu5yrfkSX2cifshy+ptc2fDPj9pgTOGIMh7LzxPB8TN/Ruwt1OV4GyjVslM=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1737121321; c=relaxed/simple;
 bh=HFsIzSjwy+eQxnE2amlCy+fsHY4bBHROa6UGs3jpvzI=;
 h=Message-ID:Date:MIME-Version:From:Subject:To:DKIM-Signature;
 b=c6HAhDTX761wOIDrORQQgTRd5e+Nnpl5352vhqnxRDBcCa6IdjmcJ3yPKH/eSmyGNg2Xw6yxT6bVJaahVW4jeKCoX0+J9Cf+9v++IUZ1V1xWeOUBVi7dTJqrsGbydo4Nc8Zv+KIIpIvWlUbMktySVivghMhpkRfROek2K4Fu6go=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 4B68A3847821
Message-ID: <6e459d03-150e-4dd3-8fed-9fbe7dbcff40@SystematicSW.ab.ca>
Date: Fri, 17 Jan 2025 06:41:58 -0700
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: sshd not working properly
Content-Language: en-CA
To: cygwin AT cygwin DOT com
References: <LTQOVCXmc0omW9pKR5Kf2VV2rkqMLBgNy-HyfSog-h2-eEjbnJroxxEUCUTKQSQrMGXaZJ7FH2qocwS-hpfW3RveKOrq-HlRtJqh7NDg8w4=@proton.me>
 <CAL63K1XbYdKYGxacM-ifuakReCQefYB1K5MmWS2YuT2+La=RdQ AT mail DOT gmail DOT com>
 <6c39972b-43ef-4e32-a238-f2778f3cc4e5 AT emmenlauer DOT de>
 <Z4pSUtv0CdZNZSo4 AT calimero DOT vinschen DOT de>
Organization: Systematic Software
In-Reply-To: <Z4pSUtv0CdZNZSo4@calimero.vinschen.de>
X-Rspamd-Queue-Id: 6D4A020024
X-Rspamd-Server: rspamout07
X-Stat-Signature: s41a5t66iokujfpaopxpzkmebci63irj
X-Session-Marker: 427269616E2E496E676C69734053797374656D6174696353572E61622E6361
X-Session-ID: U2FsdGVkX196ak2QbFeE1Af1V5vt0Eq0mIhizGAhI0E=
X-HE-Tag: 1737121319-151243
X-HE-Meta: U2FsdGVkX1/mR0lBDTrUtV+6fMV1y7V37Z0o8beMwNYj99m3e6ZaMLLwQP+HK+xpJZqz4x5SuA3r8QiE7CacOFIJcNU69cRKu3Ro17EQ8MsODrhyHKFxqKQMNP6f0SyLyco+UBPtVje8tpfmDLBFD9OrleF32tVKEBcq9RdEqZVN1wQJIz1WdGytLwUgXY8cNjUMB49dyZJGK/ZlFiDK+oLN4YeVAkpWZAli71hIlqq2bTZns9yc289Kqjw2wd2ZjRDAdpGewcWGscuL14tEctK/1sqtU1ABGHySzEp5R0KzMEYLMdVRF0GRcmR4xYRGDTzzp1aHO+Fd3U0b5fNhhpl4qnCmICb9RNA+4ZWgsVkMI/Zp/wr9fg/Orfb1VcxlksrCID1dIdi/RrvZHjBEnk3uqn+kjd1sacZN2ke5mDsBEFkCAyjm/LKxhZvxGwHDMFazJF9OdO0NT5KHLzxfVA==
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: Brian Inglis via Cygwin <cygwin AT cygwin DOT com>
Reply-To: cygwin AT cygwin DOT com
Cc: Brian Inglis <Brian DOT Inglis AT SystematicSW DOT ab DOT ca>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Errors-To: cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by delorie.com id 50HDgbmp689622

On 2025-01-17 05:51, Corinna Vinschen via Cygwin wrote:
> On Jan 17 11:59, Mario Emmenlauer via Cygwin wrote:
>>
>> On 04.09.24 12:11, Andy Wood via Cygwin wrote:
>>> Running "passwd -R" for 'other_user', as suggested by the subject of
>>> the post, fixed the problems for me.
>>>
>>> It looks like sshd isn't handling a login failure properly.
>>>
>>> On Tue, Sep 3, 2024 at 7:57 PM Jim McNamara via Cygwin
>>> <cygwin AT cygwin DOT com> wrote:
>>>>
>>>>>> This looks like a bug. Can anyone help? Is there a work-around?
>>>>    Hi Andy,
>>>>
>>>> There was some chatter the last week or 2 on someone trying to get ssh to work. At the archive mailing list, you can read and see if that answers any of it.
>>>>
>>>> I thought the gist of it is that a cipher is being swapped out or something.
>>>>
>>>> Please read archives at the mailing list while you are waiting for a reply for the past week or 2 msgs.
>>>>
>>>> Also, the other person said they found out information in the release notes for cygwin that were kind of recent.
>>
>>
>> I am under the impression that there may be a misbehavior in more recent
>> Cygwin OpenSSH :-(
>>
>> I observe the same problem as Andy Wood was having, and found another
>> very recent identical report at https://serverfault.com/q/1168457/473559.
>> Their cases, as well as mine, seem to share, that OpenSSH can no longer
>> correctly authenticate as a user without having the plain text password
>> stored in the registry.
>>
>> In my case, this is exclusively limited to domain users. Local users
>> work correctly. I can see that at least one other report, the one at
>> Serverfault, is also for a domain user. Also, everything that is
>> reported at Serverfault applies basically identically to my case, i.e.
>> the connection being just dropped, and the only relevant message from
>> OpenSSH being "fatal: seteuid 4096: Function not implemented".
> 
> I just tested this on my local W11 24H2 Enterprise installation with
> Cygwin 3.5.5 and OpenSSH 9.9p1 installed as service under the SYSTEM
> account, and it works fine for me in a Windows domain with one 2019 and
> one 2022 Domain Server.
> 
> I tested with a user account in the administrators group as well as with
> a non-admin user account, and to both accounts I can login with pubkey
> authentication as expected.
> 
> The error message "seteuid 4096: Function not implemented" is weird.
> The internal implementation only uses documented functions.
> 
> Which Windows version are you running the service on exactly?
> 
> Do you have any other entries in the server-side Windows Log, which may
> be connected, especially inside the Security log.  Kerberos or so.
> 
> Other than that, it might be prudent to run sshd in a SYSTEM shell
> under strace.

Any chance the user is also running Windows sshd and tyhat has grabbed the port?

-- 
Take care. Thanks, Brian Inglis              Calgary, Alberta, Canada

La perfection est atteinte                   Perfection is achieved
non pas lorsqu'il n'y a plus rien à ajouter  not when there is no more to add
mais lorsqu'il n'y a plus rien à retrancher  but when there is no more to cut
                                 -- Antoine de Saint-Exupéry

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple