Seteuid "operation not permitted" error when using LSA for sshd

David Koppenhofer david@coffeefish.org
Thu Aug 2 19:15:00 GMT 2012


> Why did you install cyglsa64 from the old snapshot?  The changes to
> cyglsa are supposed to be in the Cygwin 1.7.16 package anyway.

Because I was grasping for straws, and didn't know the fix was in the current
package.


> > I rebooted the server, made sure the sshd service was running, but I still
> > receive the "sshd: PID 3064: fatal: seteuid 1000: Operation not permitted"
error.
> 
> Does the service account have TCB privileges?  That's a hard requirement
> for the user switch.

Ah ha!  The service account does not have the "Act as part of the operating
system" permission.

However, I ended up asking the network admin to give "Create a token object" to
the service account.  Since key authentication started working after that, I'll
just leave things as they are.

Thanks for your help.

David



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list