sshd on win7 x64

Alexey Luchko luch@ank-sia.com
Fri Aug 12 15:50:00 GMT 2011


Hi!

I've got back and tried to set up sshd again.

Now it tricks me in other way.  It fails on seteuid() when I try to connect 
with a domain user.
"""
$ /usr/sbin/sshd.exe -dd
...
debug1: userauth-request for user domain_user service ssh-connection method 
publickey
debug1: attempt 1 failures 0
debug2: input_userauth_request: try method publickey
debug1: test whether pkalg/pkblob are acceptable
debug1: temporarily_use_uid: 11135/10513 (e=1003/513)
seteuid 11135: Permission denied
debug1: do_cleanup
debug1: do_cleanup
"""


I've tried to login with a local user.  It seems it seteuid() works with 
local user.  But then it claims again that chown() on tty fails:
"""
debug1: userauth-request for user local_user service ssh-connection method pass
debug1: attempt 2 failures 1
debug2: input_userauth_request: try method password
Accepted password for local_user from ::1 port 63997 ssh2
debug1: monitor_child_preauth: local_user has been authenticated by 
privileged s
debug2: mac_setup: found hmac-md5
debug2: mac_setup: found hmac-md5
debug2: set_newkeys: mode 0
debug2: set_newkeys: mode 1
debug1: Entering interactive session for SSH2.
debug2: fd 4 setting O_NONBLOCK
debug2: fd 5 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug2: session_new: allocate (allocated 0 max 10)
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_global_request: rtype no-more-sessions@openssh.com want_re
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/tty3
chown(/dev/tty3, 1001, 513) failed: Bad file descriptor
debug1: do_cleanup
debug1: session_pty_cleanup: session 0 release /dev/tty3
"""

Should I try to run sshd service with a domain user for privilege 
separation?   Currently it is local, one of administrators group.

Both local_user and domain_user are administrators too.  Does it matter?


 >> Today I tried login to sshd running as windows service. ssh client 
told: """
 >> user@localhost's password:
 >> Last login: Mon Aug 8 19:21:03 2011 from ::1
 >> /bin/bash: Permission denied
 >> Connection to localhost closed.
 >>
 >> However, /bin/bash exists and the user is able to run it and the privilege
 >> separation account as well.
 >
 > This doesn't really mean that /bin/bash is inaccessible. It means that bash
 > found something else inaccessible when running.

I also checked all the paths I can guess.  They are accessible by privilege 
separation user and by both local_user and domain_user.

The previous time I was trying only a domain user.


Thank you for your help, Larry!

-- 
Regards,
Alexey.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list