From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-return-125527-listarch-cygwin=sourceware.org@cygwin.com>
Received: (qmail 20481 invoked by alias); 12 Sep 2006 14:43:01 -0000
Received: (qmail 20467 invoked by uid 22791); 12 Sep 2006 14:43:00 -0000
X-Spam-Check-By: sourceware.org
Received: from nz-out-0102.google.com (HELO nz-out-0102.google.com) (64.233.162.203)     by sourceware.org (qpsmtpd/0.31) with ESMTP; Tue, 12 Sep 2006 14:42:56 +0000
Received: by nz-out-0102.google.com with SMTP id s18so674437nze         for <cygwin@cygwin.com>; Tue, 12 Sep 2006 07:42:54 -0700 (PDT)
Received: by 10.35.61.17 with SMTP id o17mr10990698pyk;         Tue, 12 Sep 2006 07:42:54 -0700 (PDT)
Received: by 10.35.126.17 with HTTP; Tue, 12 Sep 2006 07:42:44 -0700 (PDT)
Message-ID: <91dd2cd50609120742v6b31dacbj56af222eaefc3c69@mail.gmail.com>
Date: Tue, 12 Sep 2006 14:43:00 -0000
From: "Michael Sowka" <msowka@sce.carleton.ca>
To: cygwin@cygwin.com
Subject: Re: Potential bug in sshd
In-Reply-To: <BAY109-DAV7795E27CE0EF144A63356CF2B0@phx.gbl>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <BAY109-DAV7795E27CE0EF144A63356CF2B0@phx.gbl>
X-Google-Sender-Auth: f6753a8d1e74bd42
X-IsSubscribed: yes
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
X-SW-Source: 2006-09/txt/msg00194.txt.bz2

Thanks Rob,

Ah yes, this explains the "zombie" processes as I cannot make actual
client connections.

Something is very bizarre with my cygwin setup here. I've noticed
other symptoms too: on reinstalling cygwin the info-update and cygwing
post-install scripts hang. In fact, after the cygwin install
supposedly finished, on logging out windows complained that 'cygwin
post-install scripts' were still up and it couldn't kill them.

So it seems that on attempting to connect the sshd thread hangs too
"unexpectedly closing the connection" or sometimes just hanging the
client.

To answer your question Rob, no I have not experienced any other
network problems, or unusually high traffic (this is my desktop
machine). Plus, I'm trying to do this from/to localhost.

! One thing I did notice as I was looking for logs to send in to the
list is that the System Events log is that recently I've had a barrage
of attempted break-ins via ssh (failed logins as root, admin, etc.). I
trust that OpenSSH is pretty solid, have experienced this before, and
don't make too much of it... but could this have melted my system?!

Finding useful info was easy enough (/var/log/ssh), here is an
excerpt. Speculation: this does seem to support the symptoms I'm
having (dropped connections from "worker" threads, no response, etc.).
I don't "read" Win32 logs but I have a hunch someone can ID this
problem on the spot.

  4864 [main] sshd 8156 C:\cygwin\usr\sbin\sshd.exe: *** fatal error
- C:\cygwin\usr\sbin\sshd.exe: *** recreate_mmaps_after_fork_failed
     2 [main] sshd 8144 child_info::sync: wait failed, pid 8156, Win32 error 0
    59 [main] sshd 4368 child_copy: linked dll data write copy
failed, 0x3EC000..0x3EC040, done 0, windows pid 2276036, Win32 error
487
3757715 [main] sshd 4368 child_copy: linked dll data write copy
failed, 0x3EC000..0x3EC040, done 0, windows pid 2276036, Win32 error
487
24253452 [main] sshd 4368 child_copy: linked dll data write copy
failed, 0x3EC000..0x3EC040, done 0, windows pid 2276036, Win32 error
487


HAS MY SYSTEM BEEN COMPROMISED?!

Mike

On 9/12/06, Rob Bosch <robbosch@msn.com> wrote:
> Sshd will spawn processes that deal with individual connections so even
> though you stop the service there may still be sshd processes running.  The
> way to tell if your sshd daemon is stopped is to run a netstat -a | find
> "ssh" | find "LISTEN".  This will only find sshd processes that are
> listening for new connections and not the ones that are established to deal
> with existing ssh connections.
>
> I've experienced connection problems from time to time with sshd on cygwin.
> Almost always this is either due to high load on the receiving server and it
> just can't handle it, or a problem with the network connection.
>
> Are your connections all on the LAN or WAN?
>
>
>
>

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/