This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Cygwin 1.7.9 + OpenSSH 5.9p1-1 Domain Service Account error "Bad file descriptor" after authentication [SOLVED]

In order to run a SSH server I installed Cygwin 1.7.9 + OpenSSH
5.9p1-1 on Windows 7 Enterprise SP1. I read the FAQ entry for setting
up sshd in a domain located at:

After completing the install I proceeded to create the cyg_server
domain user account, a privileged service account group, and the
necessary Group Policy with the SeTcbPrivilege,
SeCreateTokenPrivilege, SeAssignPrimaryTokenPrivilege,
SeServiceLogonRight, SeDenyInteractiveLogonRight,
SeDenyRemoteInteractiveLogonRight privileges set for my service group.
I then created the /etc/group and /etc/passwd files including the
cyg_server account and ran the ssh-host-config script. I answered
"yes" to all questions except for the "Do you want to use a different
name?" to which I answered "no".

I then issued "net start sshd" and the CYGWIN sshd service started
successfully. To test I then issued "ssh localhost" and I was greeted
with a password prompt. After entering the proper password I was then
greeted with "Connection to localhost closed by remote host."

After doing some initial checking on the system I verified that the
service was running, that it was successfully authenticating my
account, but when creating the tty for the remote shell sshd was
throwing an error:

chown(/dev/tty1, 500, 513) failed: Bad file descriptor

I started searching the Cygwin mailing lists and discovered the following posts:

Unfortunately in the posts it appeared that no one had posted a
solution to the issue.

After uninstalling and reinstalling Cygwin countless times, a clean
Windows 7 install, and lots of hair pulling it appears I have
discovered what the issue was (at least in my case):

cyg_server must be a member of the *Local* Administrators group on the
machine running the service. It was not enough that the user account
is a member of the Administrators group for the domain.

I just wanted to post this in case someone else runs into this issue like I did.


Problem reports:
Unsubscribe info:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]