This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ssh to 2003 server exist immediately

On Mon, 15 May 2006, Andrew DeFaria wrote:

* * wrote:
> You might try reconfiguring with "privilege separation" turned on.
> Also, turn on auditing of failed file access, and/or run sysInternals
> RegMon and FileMon.

Reconfigured with privilege separation turned on. Same problem.
Interesting note: I removed /var/empty so that the ssh-host-config would
recreate it. It does, but it's owned by my user. Starting sshd yields
the following in /var/log/sshd.log:

/var/empty must be owned by root and not group or world-writable.

At first I did chown SYSTEM:SYSTEM /var/empty but that didn't help. It
was not until I did a chown sshd_server /var/empty that I was able to
start sshd. It was not apparent to me that, in this context, "root" ==
"sshd_server" nor that ssh-host-config, knowing that I'm running on 2003
and needing to create a local sshd_server user and using privilege
separation, would not know to do a chown sshd_server on /var/empty. Bug?

Perhaps. We'll need more info on this. FWIW, I used ssh-host-config to setup sshd with privilege separation, and everything "just worked" (tm).

> I think your sshd_server user doesn't have permission to execute
> Winsock2 which is %SYSTEMROOT%\System32\ws2_32.dll or one of it's
> dependencies.  Did you also check the Application Event Log?

Again, whenever I go to view the Application log in the Event Viewer
after trying an ssh it's corrupted. I can right click on the Application
log and Clear All Events, thus creating a new Application log, which
works. But if I do an ssh and go back to the Event Viewer it says the
Application log is corrupted!

Ouch! That's not good, and most likely isn't Cygwin-related. However, you can get sshd to write somewhere other than to the event log, by setting up and starting the syslogd service -- then any events sshd produces will go to syslog. Then you'll be able to actually see them, invalid characters (if any) and all.

Meantime I edited sshd_server's rights so I could do a "runas
/user:sshd_server cmd". From here I started bash --login -i then did an
"strace /usr/sbin/sshd -d > /tmp/sshd.strace.log 2>&1" (attached). The
"relevant" part seems to be here:

277 3957121 [main] sshd 1404 C:\Cygwin\usr\sbin\sshd.exe: *** fatal error - could not load ws2_32, Win32 error 0

Your mailer wrapped the strace snippet, but this definitely seems relevant. What does "getfacl /cygdrive/c/WINDOWS/system32/ws2_32.dll" say?

I'd appreciate any pointers (guesses) at this point?

As Richard (or "* *") pointed out, your sshd_server user probably doesn't have access to ws2_32.dll. Igor -- |\ _,,,---,,_ | ZZZzz /,`.-'`' -. ;-;;,_ Igor Peshansky, Ph.D. (name changed!) |,4- ) )-,_. ,\ ( `'-' old name: Igor Pechtchanski '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!

"Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
"But no -- you are no fool; you call yourself a fool, there's proof enough in
that!" -- Rostand, "Cyrano de Bergerac"

Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]