From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 108143 invoked by alias); 15 Apr 2017 21:33:05 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 108130 invoked by uid 89); 15 Apr 2017 21:33:05 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-6.9 required=5.0 tests=BAYES_00,GIT_PATCH_2,RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy=H*r:8.14.7, Wasnt, Wasn't X-HELO: Ishtar.sc.tlinx.org Received: from ishtar.tlinx.org (HELO Ishtar.sc.tlinx.org) (173.164.175.65) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sat, 15 Apr 2017 21:33:04 +0000 Received: from [192.168.3.12] (Athenae [192.168.3.12]) by Ishtar.sc.tlinx.org (8.14.7/8.14.4/SuSE Linux 0.8) with ESMTP id v3FLX1E1004839 for ; Sat, 15 Apr 2017 14:33:03 -0700 Message-ID: <58F2918D.2020703@tlinx.org> Date: Sun, 16 Apr 2017 07:55:00 -0000 From: L A Walsh User-Agent: Thunderbird MIME-Version: 1.0 To: cygwin@cygwin.com Subject: Re: How to create root account to own /var/empty for ssh? References: <58F24188.3060503@tlinx.org> <93276a4b-b80f-b39d-ea16-4975a080c9a3@gmail.com> In-Reply-To: <93276a4b-b80f-b39d-ea16-4975a080c9a3@gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2017-04/txt/msg00196.txt.bz2 Marco Atzeri wrote: > >> >> How am I supposed to make ssh happy? >> >> Thanks! >> -l >> > > user separation ? > > $ ls -ld /var/empty > drwxr-xr-x+ 1 cyg_server Administrators 0 Jan 7 2015 /var/empty Um, could elaborate? I mean do I just create a user called cyg_server, and that makes it sshd happy? Or how is user separation different than having root own the directory? Also, is it the same separation mentioned in this deprecation message?: > /sbin/sshd /etc/sshd_config line 105: Deprecated option UsePrivilegeSeparation /var/empty must be owned by root and not group or world-writable. ...or has the option been renamed? FWIW -- this *used* to work on my machine until the upgrade. Thanks again! p.s. -- BTW, found this amusing: the old 'sshd' works still works and picks up the newer openssl lib:: New sshd: /sbin> /sbin/sshd -v sshd: unknown option -- v OpenSSH_7.5p1, OpenSSL 1.0.2k 26 Jan 2017 /sbin> /sbin/sshd -4 /etc/sshd_config line 105: Deprecated option UsePrivilegeSeparation Could not load host key: /etc/ssh_host_ed25519_key /var/empty must be owned by root and not group or world-writable. /sbin/ Old sshd: /sbin.o> ./sshd --version sshd: unknown option -- - OpenSSH_6.6.1p1, OpenSSL 1.0.2k 26 Jan 2017 /sbin.o> /sbin.o/sshd -4 Could not load host key: /etc/ssh_host_ed25519_key /sbin.o> (works) --------- Wasn't user-separation in 6.6? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple