From: Andrew Schulman <schulman.andrew@epamail.epa.gov>
To: cygwin@cygwin.com
Subject: Re: cygrunsrv autossh - tunnel does not come up
Date: Fri, 09 Jan 2009 11:45:00 -0000 [thread overview]
Message-ID: <5uaem4hkujkube83ulle0s8fsm93mghahi@4ax.com> (raw)
In-Reply-To: <gk65nu$nqh$1@ger.gmane.org>
> > I have problems running autossh via cygrunsrv on WIN2003:
> >
> > /bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-M 20000 -g2CN -R
> > 20120:localhost:3389 -i /etc/key-rsa -p 20012 user@192.168.100.12" -e
> > AUTOSSH_NTSERVICE=yes -y tcpip --type auto
> >
> > As soon as I start the service (net start autossh) it stops. So it looks
> > like it never came up:
> > Autossh.log:
> > 2009/01/08 23:26:25 autossh[10148]: starting ssh (count 1)
> > 2009/01/08 23:26:25 autossh[10148]: ssh child pid is 9528
> > Host key verification failed.
> > 2009/01/08 23:26:25 autossh[10148]: ssh exited prematurely with status 255;
> > autossh exiting
> >
> > Running just ssh or autossh the tunnel comes up and stays:
> > ssh: ssh -v -g2CN -R 20120:localhost:3389 -i /etc/key-rsa -p 20012
> > user@192.168.100.12
> > autossh: /bin/autossh -M 20000 -g2CN -R 20120:localhost:3389 -i /etc/key-rsa
> > -p 20012 user@192.168.100.12
>
> There's a big difference between running it as a service like you did,
> and running it as a user.
Agreed. "Host key verification failed" tells me that either the permission or
the ownership of /etc/key-rsa is wrong-- if you're going to run autossh as a
SYSTEM service, then the key has to be owned by SYSTEM and only readable by it.
Another possibility is that the key is encrypted, so SYSTEM can't read it
without a password; maybe your user process is getting it from an ssh-agent.
A good way to get more information about why the service fails to start would be
to add -v or -vv to the ssh flags (within the argument of -a).
> First thing to try: run the service as your user, i.e. add --user <user
> name> to the service installation.
Yes, this is really better. I need to recommend this in the autossh README.
> And don't expect too much, I use it all the time and it works but it
> fails to start very often, I end up starting it manually.
Hm, I'm surprised to hear that. I haven't run autossh as a service in a while,
but when I did it worked very reliably for me. Can you tell me anything more
about how or why it fails to start?
Andrew.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
next prev parent reply other threads:[~2009-01-09 10:58 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-09 0:29 hooner
2009-01-09 3:29 ` René Berber
2009-01-09 11:45 ` Andrew Schulman [this message]
2009-01-09 18:31 ` René Berber
2009-01-09 19:34 ` Andrew Schulman
2009-01-28 2:22 ` hooner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5uaem4hkujkube83ulle0s8fsm93mghahi@4ax.com \
--to=schulman.andrew@epamail.epa.gov \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).