Seteuid "operation not permitted" error when using LSA for sshd

David Koppenhofer
Thu Aug 2 19:15:00 GMT 2012

> Why did you install cyglsa64 from the old snapshot?  The changes to
> cyglsa are supposed to be in the Cygwin 1.7.16 package anyway.

Because I was grasping for straws, and didn't know the fix was in the current

> > I rebooted the server, made sure the sshd service was running, but I still
> > receive the "sshd: PID 3064: fatal: seteuid 1000: Operation not permitted"
> Does the service account have TCB privileges?  That's a hard requirement
> for the user switch.

Ah ha!  The service account does not have the "Act as part of the operating
system" permission.

However, I ended up asking the network admin to give "Create a token object" to
the service account.  Since key authentication started working after that, I'll
just leave things as they are.

Thanks for your help.


Problem reports:
Unsubscribe info:

More information about the Cygwin mailing list