Web lists-archives.com

Re: cygwin 3.0.1-1 breaks my sshd install






On Wed, 20 Feb 2019, Corinna Vinschen wrote:
On Feb 20 21:27, Andy Moreton wrote:
On Wed 20 Feb 2019, Corinna Vinschen wrote:

On Feb 20 21:01, Houder wrote:
On Wed, 20 Feb 2019 10:53:09, scowles at ckhb dot org wrote:
i can confirm the same behaviours on a 3.0.0 system.  i've done
several checks and have been unable to find the source of the
problem.  ssh -vvv shows that the connection proceeds all the way
through the connection process, sends the appropriate key tokens,
then the server abruptly closes the connection. all accounts on
the system show the same results.

my 2.11.1 system, with identical ssh[d]_config files has no such
problems.

on both systems, all relevant files and directories have correct
owners and permissions.

Yes, failure for 3.0.0 (and 3.0.1); success for 2.11.2

Henri

64-@@ uname -a
CYGWIN_NT-6.1 Seven 3.0.1(0.338/5/3) 2019-02-20 10:19 x86_64 Cygwin

64-@@ tail /var/log/sshd.log
Server listening on 0.0.0.0 port 222.
seteuid 1004: Permission denied

Sorry guys, but I can't reproduce this problem at all.  I tested ssh
login on Vista, W7 and W10 1809, in each case on 64 bit and under
WOW64.  On all systems I can login with domain as well as local
accounts.

For completeness sake I started sshd under SYSTEM as wel as under
cyg_server account and every time it just worked.

I've seen a similar failure, on a domain-joined Windows 10 box running
cygsshd using a local cyg_server user account. I've fixed it by:
1) Open the "Computer Management" app
   Select "Services and Applications", then "Services", and
   choose the cygsshd service from the list.
2) Stop the service
3) Select the "Log On" tab, choose "Local System Account" and click OK.
4) Restart the service.

This changed the account reported by "cygrunsrv -VQ" from "./cyg_server"
to "LocalSystem".

That actually fixed it for you?  I'm a bit surprised but at least that's
a neat solution, given that the new way to switch the user context
doesn't require the cyg_server account anymore.  SYSTEM is the way to
go in future.

While talking about it, i have a couple of OpenSSH upstream patches in
the loop:

- Rename Cygwin's sshd service to "cygsshd" becasue Microsoft hijacked
 the "sshd" service name for their own sshd.

- The ssh-host-config script will install the service under SYSTEM
 in future, unless you're trying to install under Windows 7 WOW64,
 which will still require the cyg_server account.

- Allowing to login with case-insensitive usernames.  This also
 enables case-insensitive user and group name matching in
 sshd_config "Match" rules.

The first patch has been merged already, I'm still waiting for
feedback on the other two patches...


i am also at a loss. i am running local only, no domain. no ssh configs have been changed in the last 3 months. as soon as i downgrade from 3.0.1-1 to 2.11.1 and reboot, ssh is immediately functional, again.


--
s. cowles
scowles@xxxxxxxx
Key fingerprint = A156 277B 875A D6E3 A00C  23D9 869E 72BE 1FD3 5B80

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple