* SSHD and XP problems; setguid fails
@ 2003-09-13 19:06 Stephen Biggs
2003-09-14 16:57 ` SSHD and XP problems; setguid fails - FIXED! Stephen Biggs
0 siblings, 1 reply; 2+ messages in thread
From: Stephen Biggs @ 2003-09-13 19:06 UTC (permalink / raw)
To: cygwin
Cygwin/SSHD on Windows XP SP1, all updated as of this evening.
I've seen some other posts on this issue but none really addresses what I
am seeing.
The output from running SSHD in debug mode:
root@localhost ~
$ /usr/sbin/sshd -p 22 -D -d -d -d
debug2: read_server_config: filename /etc/sshd_config
debug1: sshd version OpenSSH_3.6.1p2
debug1: private host key: #0 type 0 RSA1
debug3: Not a RSA1 key file /etc/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
.. After connection from another unprivileged cygwin prompt:
steve@localhost ~
$ ssh localhost
Read from socket failed: Connection reset by peer
The server outputs:
debug1: Server will not fork when running in debugging mode.
Connection from 127.0.0.1 port 1395
debug1: Client protocol version 2.0; client software version OpenSSH_3.6.1p2
debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.6.1p2
debug2: Network child is on pid 2228
debug3: privsep user:group 1010:545
debug3: preauth child monitor started
setgid failed for 545
debug3: mm_request_receive entering
debug1: Calling cleanup 0x422880(0x0)
root@localhost ~
$
A verbose client run gives:
steve@localhost ~
$ ssh -vvv localhost
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug2: key_type_from_name: unknown key type '----'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Comment:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '----'
debug3: key_read: missing keytype
debug1: identity file /home/steve/.ssh/identity type -1
debug3: Not a RSA1 key file /home/steve/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/steve/.ssh/id_rsa type 1
debug1: identity file /home/steve/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p2
debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer
debug1: Calling cleanup 0x41b2e0(0x0)
steve@localhost ~
$
The relevant entries in /etc/passwd:
Users:*:545:545:,S-1-5-32-545::
sshd:unused_by_nt/2000/xp:1010:545:sshd privsep,U-YIYEH-BESEDER\sshd,S-1-5-21-527237240-1004336348-1417001333-1010:/var/empty:/bin/false
sshd is the only UID in /etc/passwd that belongs to Users.
/etc/group entry:
Users:S-1-5-32-545:545:
/etc/passwd and /etc/group are world readable.
Can anybody point me in the right direction to find out how to get this
to work? I haven't even got to the fun parts trying to get key
authentication working, yet.
Thanks for any assistance.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: SSHD and XP problems; setguid fails - FIXED!
2003-09-13 19:06 SSHD and XP problems; setguid fails Stephen Biggs
@ 2003-09-14 16:57 ` Stephen Biggs
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Biggs @ 2003-09-14 16:57 UTC (permalink / raw)
To: cygwin
Permission problems.
Once I created the right permissions for the user id directory that the
remote was connecting to and made sure that SYSTEM.SYSTEM owned the host
private keys and the /var/empty directory, then everything worked like a
charm with the service.
The cygwin process for creating a home directory creates looser NTFS
permissions than should be. That is, the home directory should be full
control by the user and Administrators only, perhaps with SYSTEM getting
read access for things like ssh, but nothing and nobody else. This is
how it is in Unix.
NTFS permissions and the resulting Unix simulated permissions for the
entire cygwin tree seem to be a bit of a mess.
Maybe I'll create a patch. Where should I look? This is not simply a
question of just changing the /etc/profile script, is it?
On 13 Sep 2003 at 22:06, Stephen Biggs wrote:
> Cygwin/SSHD on Windows XP SP1, all updated as of this evening.
>
> I've seen some other posts on this issue but none really addresses what I
> am seeing.
>
> The output from running SSHD in debug mode:
> root@localhost ~
> $ /usr/sbin/sshd -p 22 -D -d -d -d
> debug2: read_server_config: filename /etc/sshd_config
> debug1: sshd version OpenSSH_3.6.1p2
> debug1: private host key: #0 type 0 RSA1
> debug3: Not a RSA1 key file /etc/ssh_host_rsa_key.
> debug1: read PEM private key done: type RSA
> debug1: private host key: #1 type 1 RSA
> debug3: Not a RSA1 key file /etc/ssh_host_dsa_key.
> debug1: read PEM private key done: type DSA
> debug1: private host key: #2 type 2 DSA
> debug1: Bind to port 22 on 0.0.0.0.
> Server listening on 0.0.0.0 port 22.
> Generating 768 bit RSA key.
> RSA key generation complete.
>
> .. After connection from another unprivileged cygwin prompt:
> steve@localhost ~
> $ ssh localhost
> Read from socket failed: Connection reset by peer
>
> The server outputs:
> debug1: Server will not fork when running in debugging mode.
> Connection from 127.0.0.1 port 1395
> debug1: Client protocol version 2.0; client software version OpenSSH_3.6.1p2
> debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-1.99-OpenSSH_3.6.1p2
> debug2: Network child is on pid 2228
> debug3: privsep user:group 1010:545
> debug3: preauth child monitor started
> setgid failed for 545
> debug3: mm_request_receive entering
> debug1: Calling cleanup 0x422880(0x0)
>
> root@localhost ~
> $
>
> A verbose client run gives:
> steve@localhost ~
> $ ssh -vvv localhost
> OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
> debug1: Reading configuration data /etc/ssh_config
> debug1: Rhosts Authentication disabled, originating port will not be trusted.
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to localhost [127.0.0.1] port 22.
> debug1: Connection established.
> debug2: key_type_from_name: unknown key type '----'
> debug3: key_read: missing keytype
> debug2: key_type_from_name: unknown key type 'Comment:'
> debug3: key_read: missing keytype
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug2: key_type_from_name: unknown key type '----'
> debug3: key_read: missing keytype
> debug1: identity file /home/steve/.ssh/identity type -1
> debug3: Not a RSA1 key file /home/steve/.ssh/id_rsa.
> debug2: key_type_from_name: unknown key type '-----BEGIN'
> debug3: key_read: missing keytype
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug2: key_type_from_name: unknown key type '-----END'
> debug3: key_read: missing keytype
> debug1: identity file /home/steve/.ssh/id_rsa type 1
> debug1: identity file /home/steve/.ssh/id_dsa type -1
> debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p2
> debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2
> debug1: SSH2_MSG_KEXINIT sent
> Read from socket failed: Connection reset by peer
> debug1: Calling cleanup 0x41b2e0(0x0)
>
> steve@localhost ~
> $
>
> The relevant entries in /etc/passwd:
> Users:*:545:545:,S-1-5-32-545::
> sshd:unused_by_nt/2000/xp:1010:545:sshd privsep,U-YIYEH-BESEDER\sshd,S-1-5-21-527237240-1004336348-1417001333-1010:/var/empty:/bin/false
>
> sshd is the only UID in /etc/passwd that belongs to Users.
>
> /etc/group entry:
> Users:S-1-5-32-545:545:
>
> /etc/passwd and /etc/group are world readable.
>
> Can anybody point me in the right direction to find out how to get this
> to work? I haven't even got to the fun parts trying to get key
> authentication working, yet.
>
> Thanks for any assistance.
>
>
>
> --
> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> Problem reports: http://cygwin.com/problems.html
> Documentation: http://cygwin.com/docs.html
> FAQ: http://cygwin.com/faq/
>
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-09-14 16:57 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-09-13 19:06 SSHD and XP problems; setguid fails Stephen Biggs
2003-09-14 16:57 ` SSHD and XP problems; setguid fails - FIXED! Stephen Biggs
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).