Web lists-archives.com

Re: sshd: fatal: seteuid XXX : No such device or address




Greetings, renaud.rolles@xxxxxxxxxxxxx!

>> > I can login via password, it work and lets me in.
>> > But if i tried with my keys, I get in the event viewer :
>> > sshd: PID 3777: fatal: seteuid 1049076: No such device or address
>> 
>> - Make sure to login with the Administrator account case-sensitive.
>>   If your account is called "Administrator", then use an uppercase
>>   'A' when logging in.
>> 
>>   This case-sensitivity issue is a temporary workaround for a
>>   potential security problem in OpenSSH.  This will be rectified
>>   with OpenSSH 8.0 which allows to login case-insentive again.

> With Uppercase i do have a login prompt, but (with the good password), I cant login (remotly or localy).
> I also have Information event :
> sshd: PID 3788: Login name Administrator does not match stored username administrator
> sshd: PID 3788: Invalid user Administrator from 10.0.0.8 port 60876
> then three :
> sshd: PID 3788: Failed password for invalid user Administrator from 10.0.0.8 port 60876 ssh2

Please remove /etc/passwd and /etc/group files. They are no longer necessary,
unless you have some very special needs, and even then, they only needed for
that one or two accounts you need special treatment for.

>> 
>> - If that doesn't help, switch the user running the sshd service from
>>   "cyg_server" to SYSTEM (the services GUI calls it "LocalSystem")
>> 

> This worked, like a charm, thank you 😊

>>   Cygwin switched the logon method and this method doesn't run
>>   under the "cyg_server" account sometimes.  However, switching
>>   back to "LocalSystem" instead of having to create a special
>>   "cyg_server" service account is one of the advantages of the
>>   new logon method.  For details, see
>> 
>>   https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1
>> 
> I didn't fully understand it all to be honest, but, is there another
> drawback to have the localsystem running the deamon instead of the
> cyg_server user, other than having the administrator possibly knowing the
> password ?
> I only use (and by only, again, thank you for that, saved me lot of time),
> to make rsync over ssh on windows hosts.

The main security concern is, why your Administrator user:
1. have password, and
2. is not disabled?


-- 
With best regards,
Andrey Repin
Thursday, March 14, 2019 16:39:04

Sorry for my terrible english...
--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple