This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: [SPAMBayesian] - cygwin sshd on Windows Server 2003 Domain Controller? - Failed Bayesian filter
- From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
- To: cygwin at cygwin dot com
- Date: Thu, 4 Sep 2003 17:34:51 +0200
- Subject: Re: [SPAMBayesian] - cygwin sshd on Windows Server 2003 Domain Controller? - Failed Bayesian filter
- References: <opruzc4w2dvgcxc1@localhost>
- Reply-to: cygwin at cygwin dot com
On Thu, Sep 04, 2003 at 04:56:46PM +0200, Fermin Sanchez wrote:
> I used to have cygwin sshd running on my old Windows 2000 Domain
> Controller, worked like a charm. Some time ago I switched (reinstalled,
> actually) my domain controller to Windows Server 2003.
>
> I went through the usual steps: download, "ssh-host-config -y", security
> model "ntsec" and installed it as a service. First, it worked for about 5
> minutes. Then, when I tried to connect from a remote host, I got a network
> connection error. The server isn't accepting connections any more.
> Restarting the sshd service in windows results in:
I'm surprised that it worked for 5 minutes. You mean, without trying
to connect, don't you?
Basically on 2003 the problem is a change of user rights given to the
SYSTEM user when running services. Microsoft is trying to close a
security hole by removing the CreateTokenPrivilege from all services
running under SYSTEM account.
Workaround: Create a new account on your machine in the Admin group.
Add the CreateTokenPrivilege in your Local Security Policy dialog.
Run sshd under that account. Don't forget to add this user to /etc/passwd.
*DON'T* call this user sshd since that's the user name of an *unprivileged*
user running the sshd child when privilege separation is turned on.
Hope that is in any way related to your actual problem...
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/