"/bin/bash: permission denied" using Cygwin ssh/sshd under WinXP 2003 x64: resolved
Wed Dec 13 23:18:00 GMT 2006
I've been having terrible problems getting Cygwin ssh/sshd to work under
the x64 version of WinXP 2003 SP1. The basic symptom has been that if I
ran sshd as a service, I was unable to run any executables during the
ssh login procedure. This included bash.exe, so my attempts to ssh into
localhost have looked like this:
Last login: Tue Nov 14 12:09:47 2006 from 127.0.0.1
You are successfully logged in to this server!!!
/bin/bash: Permission denied
Connection to localhost closed.
This happened with any executable I tried to use as my shell.
If, however, I ran sshd from a bash prompt, I could log in without
problems. After much Googling, reading of the gmane.os.cygwin archives,
and posting a few messages to the newsgroup (thanks to those who
replied!), I was still completely befuddled. Today, while trying random
things, I tried running sshd from a bash prompt that I'd started as
another user (Administrator, in this case) and then ssh'ing to localhost
as kasper -- and I was unable to log in.
The failure involved a "permission denied" error when sshd tried to run
the "seteuid" command. I surmised that the problems I'd been seeing
might stem from the fact that the user running sshd is "sshd_server" and
the user logging in via ssh is "kasper".
I then tried to start a bash prompt as user sshd_server to test further,
and I was informed that this user didn't have this right on my system.
Looking at "Local Security Settings" in the Local Security Policy
control panel (under "Settings..Administrative Tools"), I discovered
that while sshd_server is in the Users group, and Users is granted the
"Allow log on locally" right, the sshd_server user is also listed under
"Deny log on locally".
I removed sshd_server from the "Deny log on locally" list, and was then
able to start a bash session as sshd_server. Starting sshd from this
bash session, I was then able to ssh to localhost as kasper.
Because I'd mucked about with a few things and wanted to make sure ssh
would still work under "vanilla" conditions, I then rebooted my system.
After the reboot cycle, ssh to localhost or to the hostname of my
system still worked.
The only odd thing is that the ssh authentication prompt is now "Enter
passphrase for key '/home/kasper/.ssh/id_rsa':" instead of
"kasper@localhost's password:", but I don't *think* that's too big a deal.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
More information about the Cygwin