RE: ssh ceased to work after recreation of /etc/passwd

RE: ssh ceased to work after recreation of /etc/passwd

[FischRon.external]

> ># Before recreating /etc/passwd
> >$ id
> >uid=400(fischron) gid=401(mkpasswd)
> >groups=544(Administrators),545(Users),10513(mkgroup_l_d),401(
> mkpasswd)
> >
> ># After recreating /etc/passwd
> >$ id
> >uid=121833(fischron) gid=10513(mkgroup_l_d)
> >groups=544(Administrators),545(Users),10513(mkgroup_l_d)
> >
> >I guess that the change in uid causes ssh to not to recognize me
> >anymore.
> >
> >What's the best way to deal with this situation? Do I have 
> to recreate
> >id_rsa
> >and id_rsa.pub (and redistribute my public key to all sites I need
> >access to)?
> 
> 
> The above error occurs in ssh-keygen.c when getpwuid(getuid) 
> fails.  It 
> appears Cygwin still thinks of you as uid 400. Just try stopping all 
> Cygwin shells and services and then restarting (via 
> cygwin.bat).  

It was the other way around. I happened to have an "old" open shell
where id was still seen as 400, and *there* did ssh work; but when
I closed the window and opened a new shell, my numeric user id is
now 121833 and ssh does not work anymore at all.

> You'll
> probably find that you need to change the ownership of files 
> in your home
> directory (at least) to enable public key authentication again.

You mean: changing all files to owner 121833? That is: Should I do this:

  chown -R 121833 ~

But for the test of ssh, wouldn't it make more sense to chown the id_rsa
file instead? Note that on my system, it is not in ~/.ssh, but in
/cygdrive/h/.ssh. So I did a 

  chown 121833 /cygdrive/h/.ssh/id_rsa

but ssh still fails.


Ronald

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

RE: ssh ceased to work after recreation of /etc/passwd

[Dave Korn]

----Original Message----
>From: FischRon.external@infineon.com
>Sent: 12 July 2005 15:01

>> The above error occurs in ssh-keygen.c when getpwuid(getuid)
>> fails.  It
>> appears Cygwin still thinks of you as uid 400. Just try stopping all
>> Cygwin shells and services and then restarting (via
>> cygwin.bat).
> 
> It was the other way around. I happened to have an "old" open shell
> where id was still seen as 400, and *there* did ssh work; but when
> I closed the window and opened a new shell, my numeric user id is
> now 121833 and ssh does not work anymore at all.



  400 is a local RID.  121833 is a domain RID.  Were you logged on as a
local user previously, and now you're logged on as a domain user?



    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

RE: ssh ceased to work after recreation of /etc/passwd

[Larry Hall]

At 10:01 AM 7/12/2005, you wrote:
>> ># Before recreating /etc/passwd
>> >$ id
>> >uid=400(fischron) gid=401(mkpasswd)
>> >groups=544(Administrators),545(Users),10513(mkgroup_l_d),401(
>> mkpasswd)
>> >
>> ># After recreating /etc/passwd
>> >$ id
>> >uid=121833(fischron) gid=10513(mkgroup_l_d)
>> >groups=544(Administrators),545(Users),10513(mkgroup_l_d)
>> >
>> >I guess that the change in uid causes ssh to not to recognize me
>> >anymore.
>> >
>> >What's the best way to deal with this situation? Do I have 
>> to recreate
>> >id_rsa
>> >and id_rsa.pub (and redistribute my public key to all sites I need
>> >access to)?
>> 
>> 
>> The above error occurs in ssh-keygen.c when getpwuid(getuid) 
>> fails.  It 
>> appears Cygwin still thinks of you as uid 400. Just try stopping all 
>> Cygwin shells and services and then restarting (via 
>> cygwin.bat).  
>
>It was the other way around. I happened to have an "old" open shell
>where id was still seen as 400, and *there* did ssh work; but when
>I closed the window and opened a new shell, my numeric user id is
>now 121833 and ssh does not work anymore at all.


Ah-huh.  And did you do what I suggested?


>> You'll
>> probably find that you need to change the ownership of files 
>> in your home
>> directory (at least) to enable public key authentication again.
>
>You mean: changing all files to owner 121833? That is: Should I do this:
>
>  chown -R 121833 ~

Yep.

>But for the test of ssh, wouldn't it make more sense to chown the id_rsa
>file instead? Note that on my system, it is not in ~/.ssh, but in
>/cygdrive/h/.ssh. So I did a 
>
>  chown 121833 /cygdrive/h/.ssh/id_rsa

And /cygdrive/h isn't your home directory as far as Cygwin is concerned?
Later email from you in another thread suggests it is.  If not, you're
going to have problems anyway unless you've made special allowances 
when invoking 'ssh'.

>but ssh still fails.

Well, if you've done as I suggested and you're still having problems, it's
time to run the server in debug mode and see what you get from that.  This
should tell you pretty clearly why it's not working for you.  I find the 
most convenient way to debug the server is to create a new service that I
can run instead of the current.  That way I don't have to keep editing 
the registry or uninstalling and reinstalling.  I use something like this:

cygrunsrv -I sshd_debug -d "CYGWIN sshd debug" -p /usr/sbin/sshd -a -D -d -d -d 

Then stop your current sshd service and start the new one above.  Remember
you have to restart it after each ssh client session finishes.

Have fun! ;-)


--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746                     


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

RE: ssh ceased to work after recreation of /etc/passwd

[FischRon.external]

[-- Attachment #1: Type: text/plain, Size: 1648 bytes --]

> >  chown: changing ownership of ....: Permission denied
> >
> >This seems to be related to another a problem I am discussing here in
> >the thread 
> >with subject line "chmod suddenly ceased to work on old files - NEW
> >FINDINGS".
> >chown seems to fail exactly for those files where I also have no
> >permission to
> >do a chmod.
> 
> 
> Yeah, that's certainly going to be a problem. You need to fix 
> this before
> you'll have much luck with permissions in general.  Maybe you 
> just need to 
> use Windows to take ownership of all these files.

I have included two screenshots, which I got by using Windows Explorer
on the file properties, and then digging deep into the extended
properties.
The first screenshot, Capture-1.jpg, shows properties of file x which
has the "permission" problem, while screenshot Capture-2.jpg shows file
y
where everything works fine. Have a look at the two lines at the
bottom. The bottommost line translates to "change ownership" and the
line above means "change permissions". In the properties box for file
x, these two checkboxes were unchecked, so I checked them and - voila!
- chmod and chown work!

Now having identified the problem, I'm wondering whether there is a way
to do this recursively for all files, because it is not feasible to
manually
click through every single file. I understand that this is not a
Cygwin-,
but a Windows question; but in case someone knows how to do it, I would
be
grateful for a (maybe off-list) message...

Thank you for all the suggestions. I did not know before that the
Windows security system was so intricate....

Ronald

[-- Attachment #2: Capture-1.jpg --]
[-- Type: image/jpeg, Size: 64386 bytes --]

[-- Attachment #3: Capture-2.jpg --]
[-- Type: image/jpeg, Size: 67310 bytes --]

[-- Attachment #4: Type: text/plain, Size: 218 bytes --]

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

RE: ssh ceased to work after recreation of /etc/passwd

[Larry Hall]

At 03:22 PM 7/13/2005, Igor wrote:
>On Wed, 13 Jul 2005, Larry Hall wrote:
>
>> At 01:46 AM 7/13/2005, FischRon.external wrote:
>>
>> >So what I did is to manually edit /etc/passwd and set my user id back
>> >to 400. Then I opened a new cygwin shell and, voila, ssh works again.
>> >
>> >Now the question is: What possible damage to my system could I have
>> >introduced by manually changing the uid for my account in /etc/passwd?
>> >After all, I'm always a bit reluctant to hack around in my passwd
>> >file....
>>
>> I expect you won't want to keep it this way but doing this for now is
>> fine. It just means the POSIX UID that Cygwin knows you as isn't the
>> same as Windows.  This will mean that POSIX permissions that Cygwin
>> creates on new files will be 400 instead of that of your domain user, so
>> there may be more files to "fix" once your general permission issue is
>> resolved.
>
>Sorry, but no.  Cygwin simply converts POSIX permission bits to the
>appropriate Windows ACLs.  The ACLs, of course, don't know anything about
>the Cygwin UIDs, and go by the SID.  So, as long as the SID is the same,
>nothing will change.


That's true.  It's the "as long as" that I was accounting for.  As far as 
I can tell, Ronald has only ever posted his '/etc/passwd' entry after 
running 'mkpasswd' as his domain login (or connected to the domain).  So
I'm not completely sure that his original SID and his current one are the
same.  But, that said, it's certainly true that if his UID is now 400 and
his SID is set to his domain personna, then there shouldn't really be 
further troubles, beyond the annoyance of having Cygwin think his UID is
UNKNOWN_UID (400).  




--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746                     


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

RE: ssh ceased to work after recreation of /etc/passwd

[Igor Pechtchanski]

On Wed, 13 Jul 2005, Larry Hall wrote:

> At 01:46 AM 7/13/2005, FischRon.external wrote:
>
> >So what I did is to manually edit /etc/passwd and set my user id back
> >to 400. Then I opened a new cygwin shell and, voila, ssh works again.
> >
> >Now the question is: What possible damage to my system could I have
> >introduced by manually changing the uid for my account in /etc/passwd?
> >After all, I'm always a bit reluctant to hack around in my passwd
> >file....
>
> I expect you won't want to keep it this way but doing this for now is
> fine. It just means the POSIX UID that Cygwin knows you as isn't the
> same as Windows.  This will mean that POSIX permissions that Cygwin
> creates on new files will be 400 instead of that of your domain user, so
> there may be more files to "fix" once your general permission issue is
> resolved.

Sorry, but no.  Cygwin simply converts POSIX permission bits to the
appropriate Windows ACLs.  The ACLs, of course, don't know anything about
the Cygwin UIDs, and go by the SID.  So, as long as the SID is the same,
nothing will change.

And now that I've authoritatively stated this, the *real* experts should
step in and bash me on the head if the above is misleading.

> But I expect that's not a problem for you.  The only thing you really
> don't want to edit in the passwd file is the Windows SUID, after the
> POSIX guid field.  The rest is fair game, though I temper that comment
> by saying that one shouldn't just start editing all these fields for fun
> (which I know is not the case for you).

FWIW, I find this slightly contradictory to what you said above (it agrees
with my "sorry, but no" comment).
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

If there's any real truth it's that the entire multidimensional infinity
of the Universe is almost certainly being run by a bunch of maniacs. /DA

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

RE: ssh ceased to work after recreation of /etc/passwd

[Larry Hall]

At 01:46 AM 7/13/2005, you wrote:

<snip>


>> >> You'll
>> >> probably find that you need to change the ownership of files 
>> >> in your home
>> >> directory (at least) to enable public key authentication again.
>> >
>> >You mean: changing all files to owner 121833? That is: 
>> Should I do this:
>> >
>> >  chown -R 121833 ~
>> 
>> Yep.
>
>Incidentally, this does not work for many files. I get the error message
>
>  chown: changing ownership of ....: Permission denied
>
>This seems to be related to another a problem I am discussing here in
>the thread 
>with subject line "chmod suddenly ceased to work on old files - NEW
>FINDINGS".
>chown seems to fail exactly for those files where I also have no
>permission to
>do a chmod.


Yeah, that's certainly going to be a problem. You need to fix this before
you'll have much luck with permissions in general.  Maybe you just need to 
use Windows to take ownership of all these files.


>> 
>> >But for the test of ssh, wouldn't it make more sense to 
>> chown the id_rsa
>> >file instead? Note that on my system, it is not in ~/.ssh, but in
>> >/cygdrive/h/.ssh. So I did a 
>> >
>> >  chown 121833 /cygdrive/h/.ssh/id_rsa
>> 
>> And /cygdrive/h isn't your home directory as far as Cygwin is 
>> concerned?
>
>It is, but for historical reasons, id_rsa is under /cygdrive/c/.ssh and
>I always pass the correct id_rsa via the -i flag of ssh.

OK, that's fine then.  Permissions need change there as we discussed.




>> cygrunsrv -I sshd_debug -d "CYGWIN sshd debug" -p 
>> /usr/sbin/sshd -a -D -d -d -d 
>
>I don't have a sshd on my machine. I use Windows only as ssh client, in
>order to 
>access some Unix hosts. 
>
>As I have no root rights on these hosts, it will be difficult to run ssh
>in
>debug mode there.


OK, yeah yeah.  I remember that now.  I forgot that this was across 
platforms for the server.


<snip>



>So what I did is to manually edit /etc/passwd and set my user id back to
>400.
>Then I opened a new cygwin shell and, voila, ssh works again.
>
>Now the question is: What possible damage to my system could I have 
>introduced by manually changing the uid for my account in /etc/passwd?
>After all, I'm always a bit reluctant to hack around in my passwd
>file....


I expect you won't want to keep it this way but doing this for now is fine.
It just means the POSIX UID that Cygwin knows you as isn't the same as 
Windows.  This will mean that POSIX permissions that Cygwin creates on new 
files will be 400 instead of that of your domain user, so there may be more 
files to "fix" once your general permission issue is resolved.  But I expect 
that's not a problem for you.  The only thing you really don't want to edit 
in the passwd file is the Windows SUID, after the POSIX guid field.  The rest 
is fair game, though I temper that comment by saying that one shouldn't 
just start editing all these fields for fun (which I know is not the case 
for you). 



--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746                     


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

RE: ssh ceased to work after recreation of /etc/passwd

[FischRon.external]

> >It was the other way around. I happened to have an "old" open shell
> >where id was still seen as 400, and *there* did ssh work; but when
> >I closed the window and opened a new shell, my numeric user id is
> >now 121833 and ssh does not work anymore at all.
> 
> 
> Ah-huh.  And did you do what I suggested?

Yes

> >> You'll
> >> probably find that you need to change the ownership of files 
> >> in your home
> >> directory (at least) to enable public key authentication again.
> >
> >You mean: changing all files to owner 121833? That is: 
> Should I do this:
> >
> >  chown -R 121833 ~
> 
> Yep.

Incidentally, this does not work for many files. I get the error message

  chown: changing ownership of ....: Permission denied

This seems to be related to another a problem I am discussing here in
the thread 
with subject line "chmod suddenly ceased to work on old files - NEW
FINDINGS".
chown seems to fail exactly for those files where I also have no
permission to
do a chmod.

> 
> >But for the test of ssh, wouldn't it make more sense to 
> chown the id_rsa
> >file instead? Note that on my system, it is not in ~/.ssh, but in
> >/cygdrive/h/.ssh. So I did a 
> >
> >  chown 121833 /cygdrive/h/.ssh/id_rsa
> 
> And /cygdrive/h isn't your home directory as far as Cygwin is 
> concerned?

It is, but for historical reasons, id_rsa is under /cygdrive/c/.ssh and
I always pass the correct id_rsa via the -i flag of ssh.

> Well, if you've done as I suggested and you're still having 
> problems, it's
> time to run the server in debug mode and see what you get 
> from that.  This
> should tell you pretty clearly why it's not working for you.  
> I find the 
> most convenient way to debug the server is to create a new 
> service that I
> can run instead of the current.  That way I don't have to 
> keep editing 
> the registry or uninstalling and reinstalling.  I use 
> something like this:
> 
> cygrunsrv -I sshd_debug -d "CYGWIN sshd debug" -p 
> /usr/sbin/sshd -a -D -d -d -d 

I don't have a sshd on my machine. I use Windows only as ssh client, in
order to 
access some Unix hosts. 

As I have no root rights on these hosts, it will be difficult to run ssh
in
debug mode there.

I have the feeling that all trouble I'm having, is connected to two 
problems. One is some kind of weird permission problem and means that
I can't chmod some (quite a few actually) files, and that I can't 
chown them (but note that I *can* chown id_rsa!). This symptom suddenly
became evident a few weeks ago.

The second problem is that ssh ceased to work. It ceased to work, as far
as
I can tell, after I had recreated /etc/passwd and /etc/group, and the
most
noticeable difference between the passwd before, and the passwd after,
is
that the user id had changed during recreation.  

So what I did is to manually edit /etc/passwd and set my user id back to
400.
Then I opened a new cygwin shell and, voila, ssh works again.

Now the question is: What possible damage to my system could I have 
introduced by manually changing the uid for my account in /etc/passwd?
After all, I'm always a bit reluctant to hack around in my passwd
file....

Ronald

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: ssh ceased to work after recreation of /etc/passwd

[Larry Hall]

At 06:00 AM 7/11/2005, you wrote:
>Due to various problems on my system, I have recreated /etc/group and
>/etc/passwd by
>
>  mkpasswd -l -c >/etc/passwd
>  mkgroup -l -c >/etc/group
>
>Now ssh does not work anymore: I always get the error message
>
>  "You don't exist, go away!"
>
>The error occurs only in Cygwin windows which I opened *after* I had
>recreated
>passwd and group. By comparing what the working and the non-working
>case, I see
>that by recreating /etc/passwd, my uid had changed:
>
># Before recreating /etc/passwd
>$ id
>uid=400(fischron) gid=401(mkpasswd)
>groups=544(Administrators),545(Users),10513(mkgroup_l_d),401(mkpasswd)
>
># After recreating /etc/passwd
>$ id
>uid=121833(fischron) gid=10513(mkgroup_l_d)
>groups=544(Administrators),545(Users),10513(mkgroup_l_d)
>
>I guess that the change in uid causes ssh to not to recognize me
>anymore.
>
>What's the best way to deal with this situation? Do I have to recreate
>id_rsa
>and id_rsa.pub (and redistribute my public key to all sites I need
>access to)?


The above error occurs in ssh-keygen.c when getpwuid(getuid) fails.  It 
appears Cygwin still thinks of you as uid 400.  Just try stopping all 
Cygwin shells and services and then restarting (via cygwin.bat).  You'll
probably find that you need to change the ownership of files in your home
directory (at least) to enable public key authentication again.




--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746                     


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

ssh ceased to work after recreation of /etc/passwd

[FischRon.external]

Due to various problems on my system, I have recreated /etc/group and
/etc/passwd by

  mkpasswd -l -c >/etc/passwd
  mkgroup -l -c >/etc/group

Now ssh does not work anymore: I always get the error message

  "You don't exist, go away!"

The error occurs only in Cygwin windows which I opened *after* I had
recreated
passwd and group. By comparing what the working and the non-working
case, I see
that by recreating /etc/passwd, my uid had changed:

# Before recreating /etc/passwd
$ id
uid=400(fischron) gid=401(mkpasswd)
groups=544(Administrators),545(Users),10513(mkgroup_l_d),401(mkpasswd)

# After recreating /etc/passwd
$ id
uid=121833(fischron) gid=10513(mkgroup_l_d)
groups=544(Administrators),545(Users),10513(mkgroup_l_d)

I guess that the change in uid causes ssh to not to recognize me
anymore.

What's the best way to deal with this situation? Do I have to recreate
id_rsa
and id_rsa.pub (and redistribute my public key to all sites I need
access to)?

Ronald
-- 
Ronald Fischer 
Infineon Technologies AG
 IT BT CFS IKM
Tel: +49 89 234 81643
Fax +49 89 234 27850
fischron.external@infineon.com 
***** VISIT US AT: <http://www.infineon.com> ***** 
 

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/