This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sshd exits during login attempt on WinXP 2003 x64 -- even with sshd running as service


Thanks for responding, Corinna.  I obviously wasn't clear in my original
post -- ssh login attempts to my Win2003 x64 system running Cygwin sshd
as a service always fail, which is why I tried running sshd from the
command prompt as a test.

As far as I know, my Cygwin installation is completely up-to-date.  I
ran both the ssh-host-config and ssh-user-config scripts after
installing Cygwin and configured sshd to run as a service (*without*
privilege separation, which [I hope] should keep things simpler).

I can start the sshd service using either the Win2003 Services control
panel or cygrunsrv.  When sshd starts, 4 "success audit" events appear
in the Security event log, and the service appears to start normally.
sshd is configured to log on as ".\sshd_server", according to the
Properties page for the service.

If I then start a bash shell on my system and try to "ssh localhost", I
see the following:

~ 503 $ ssh localhost
Connection closed by 127.0.0.1
~ 504 $

/var/log/sshd.log remains empty, but a "failure audit" event appears in
my Security event log:

	Event Type:	Failure Audit
	Event Source:	Security
	Event Category:	Privilege Use
	Event ID:	577
	Date:		2/7/2007
	Time:		8:26:55 AM
	User:		ABF466\sshd_server
	Computer:	ABF466
	Description:
	Privileged Service Called:
 		Server:		NT Local Security Authority / Authentication Service
 		Service:		LsaRegisterLogonProcess()
 		Primary User Name:	ABF466$
 		Primary Domain:	AERO-ORG
 		Primary Logon ID:	(0x0,0x3E7)
 		Client User Name:	sshd_server
 		Client Domain:	ABF466
 		Client Logon ID:	(0x0,0x14B91291)
 		Privileges:	SeTcbPrivilege

I don't know how to activate output to /var/log/sshd.log -- would that
help to diagnose this problem?

-Brian

Corinna Vinschen wrote:
[exerpt of my original post snipped]
This won't work.  By default, no user has the required permissions to
change the user context.  Start here:

$ less /usr/share/doc/Cygwin/openssh.README

and here:

http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-switch

and install sshd as service using the ssh-host-config script.


Corinna





-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]