Hi Ken, On Apr 16 10:04, Corinna Vinschen wrote: > On Apr 15 14:14, Ken Brown wrote: > > I've come across a glitch involving sshd and cygserver. I normally > > have both running, but I've discovered that I have to start sshd > > before I start cygserver, or else I have problems (can't ssh from a > > non-administrator account to an administrator account). Here are > > the details on 64 bit Cygwin; I haven't tested 32 bit: > > > > I've installed the full 2014-04-12 snapshot and removed /etc/passwd > > and /etc/group. I have an ordinary user kbrown and an administrator > > user kbrown-admin. I now do the following: > > > > 1. Start sshd. > > 2. Start cygserver. > > 3. Start a Cygwin Terminal as user kbrown. > > 4. ssh into the kbrown-admin account (with publickey authentication > > used by default). > > > > $ ssh kbrown-admin@localhost > > Enter passphrase for key '/home/kbrown/.ssh/id_rsa': > > setsockopt IPV6_TCLASS 16: Protocol not available: > > Last login: Tue Apr 15 13:57:12 2014 from fe80::9956:cbba:6928:151c%11 > > > > Everything is fine. > > > > Now I close the Cygwin Terminal, stop both services, and restart > > them in the other order (cygserver first, then sshd). Repeating > > steps 3 and 4, I can't login: > > > > $ ssh kbrown-admin@localhost > > kbrown-admin@localhost's password: > > Permission denied, please try again. > > kbrown-admin@localhost's password: > > > > Notice that (a) I didn't get a prompt for the passphrase for my ssh > > key, and (b) my password wasn't accepted. > > Thanks for the report, Ken. I'll have a look. To clarify: This is a non-domain machine, right? And sshd is running under the cyg_server account while cygserver is running under the LocalSystem account? I'm just testing this, only with a domain machine and domain accounts, and I can't reproduce this. I have a bit of a problem to test this on a non-domain machine because my network is set up for domain machines... However, I found that I made a blatant mistake in cygserver. The message length was computed one byte too short, so the trailing \0 in the passwd/group string wasn't transmitted. This *might* be the cause for your problem. I just built a new snapshot. Can you please try if this fixes it for you? Make sure to use the new cygserver! While I was at it, I also added a patch to get rid of the "setsockopt IPV6_TCLASS 16: Protocol not available" message. I just *love* it if Microsoft defines socket options in their headers, but then simply returns WSAENOPROTOOPT when the appliction dares to use them... Thanks, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat