public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed
* cygwin & opensshd on .net enterprise server
@ 2002-05-15 12:55 Tony Hain
  2002-05-16  0:06 ` Christopher Faylor
                   ` (2 more replies)
  0 siblings, 3 replies; 11+ messages in thread
From: Tony Hain @ 2002-05-15 12:55 UTC (permalink / raw)
  To: cygwin; +Cc: mark

I am looking for any clues on how to make cygwin & opensshd work on a
.net enterprise server, and found nothing in the mail archive. I had
been running Mark's opensshd specific environment on W2k server without
trouble. When I installed a fresh build 3615, OpenSSH_3.1p1 failed, so I
thought I would try the full cygwin. That is failing in the same way, so
after a couple of days experimenting I am stuck.

With the intent of sending Mark a trace, I followed his instructions for
debugging by  using a scheduled task to get a system account command
window (if it is of any use, I have put a copy of the debug trace at the
end). What I found in the process is that there appears to be some
permissions related problem, because I get logged in as any valid user
over the ssh channel, but that immediately exits. Trying to figure that
out I found that the only process/user that can run the shell is the
system account. When I run sh, bash, or the cygwin.bat from any other
account it just exits, but they appear to work fine in the system
initiated command window. This is also true of many of the exe's in
/bin, although some of them just hang with 100% cpu for the non-system
user.

One thing I found in the process is that the old passwd file is useless.
The only way I could log in using ssh with either Mark's sshd subset, or
the full cygwin was to use the mkpasswd & mkgroup process to build those
files from scratch with the NT UIDs. What the log showed before I did
that was 'Cygwin Process Id = 0xC78 : fatal: setuid 520: Not owner.'
Simply changing that got me to the point of 'password accepted', but
until the shell runs for all accounts, that does no good.

I tried setting bash to W2k compatibility mode (actually all modes), and
turning off  the 'protect my computer from unauthorized activity'
checkbox in the run as ... option, but those made no difference. I also
tried setting the file owner for the entire subdirectory tree to system,
again no difference. cygrunsrv.exe and sshd.exe are running as system,
but it appears they end up running the shell in user space.

Any clues what to try next???
Tony



C:\Program Files\NetworkSimplicity\ssh>sshd -d -d -d -f sshd_config
debug1: sshd version OpenSSH_3.1p1
debug1: private host key: #0 type 0 RSA1
debug3: Not a RSA1 key file /ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug3: Not a RSA1 key file /ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: Bind to port 87 on 0.0.0.0.
Server listening on 0.0.0.0 port 87.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.123.34 port 4354
debug1: Client protocol version 1.99; client software version 3.0.0 SSH
Secure S
hell for Windows
debug1: match: 3.0.0 SSH Secure Shell for Windows pat 3.0.*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.1p1
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-gro
up1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit:
ssh-rsa,ssh-dss,x509v3-sign-dss,x509v3-sign-rsa
debug2: kex_parse_kexinit: 3des-cbc
debug2: kex_parse_kexinit: 3des-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server 3des-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: server->client 3des-cbc hmac-md5 none
debug1: dh_gen_key: priv key bits set: 194/384
debug1: bits set: 475/1024
debug1: expecting SSH2_MSG_KEXDH_INIT
debug1: bits set: 480/1024
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user ahain service ssh-connection method
none
debug1: attempt 0 failures 0
debug2: input_userauth_request: setting up authctxt for ahain
debug2: input_userauth_request: try method none
Failed none for ahain from 192.168.123.34 port 4354 ssh2
debug1: userauth-request for user ahain service ssh-connection method
none
debug1: attempt 1 failures 1
debug2: Unrecognized authentication method name: none
Failed none for ahain from 192.168.123.34 port 4354 ssh2
debug1: userauth-request for user ahain service ssh-connection method
password
debug1: attempt 2 failures 2
debug2: input_userauth_request: try method password
Accepted password for ahain from 192.168.123.34 port 4354 ssh2
debug1: Entering interactive session for SSH2.
debug1: fd 3 setting O_NONBLOCK
debug1: fd 7 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 10000 max
512
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request pty-req reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/tty1
debug3: tty_parse_modes: SSH2 n_bytes 0
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug1: fd 4 setting TCP_NODELAY
debug1: channel 0: rfd 9 isatty
debug1: fd 9 setting O_NONBLOCK
debug1: fd 8 setting O_NONBLOCK
debug1: server_input_channel_req: channel 0 request window-change reply
0
debug1: session_by_channel: session 0 channel 0
debug1: Received SIGCHLD.
debug1: session_input_channel_req: session 0 req window-change
debug3: tvp!=NULL kid 1 mili 100
debug2: notify_done: reading
debug1: session_by_pid: pid 3964
debug1: session_exit_message: session 0 channel 0 pid 3964
debug1: channel request 0: exit-status
debug1: session_exit_message: release channel 0
debug1: channel 0: write failed
debug1: channel 0: close_write
debug1: channel 0: output open -> closed
debug1: session_close: session 0 pid 3964
debug1: session_pty_cleanup: session 0 release /dev/tty1
Write failed: errno ESHUTDOWN triggered
debug1: Calling cleanup 0x41f104(0x0)
debug1: channel_free: channel 0: server-session, nchannels 1
debug3: channel_free: status: The following connections are open:
  #0 server-session (t4 r0 i0/185 o3/0 fd 9/-1)

debug3: channel_close_fds: channel 0: r 9 w -1 e -1
debug1: Calling cleanup 0x417030(0x0)


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: cygwin & opensshd on .net enterprise server
  2002-05-15 12:55 cygwin & opensshd on .net enterprise server Tony Hain
@ 2002-05-16  0:06 ` Christopher Faylor
  2002-05-16  6:51 ` Tony Hain
  2002-05-16 13:52 ` Prentis Brooks
  2 siblings, 0 replies; 11+ messages in thread
From: Christopher Faylor @ 2002-05-16  0:06 UTC (permalink / raw)
  To: cygwin

On Wed, May 15, 2002 at 12:30:26PM -0700, Tony Hain wrote:
>I am looking for any clues on how to make cygwin & opensshd work on a
>.net enterprise server, and found nothing in the mail archive. I had
>been running Mark's opensshd specific environment on W2k server without
>trouble. When I installed a fresh build 3615, OpenSSH_3.1p1 failed, so I
>thought I would try the full cygwin. That is failing in the same way, so
>after a couple of days experimenting I am stuck.
>
>With the intent of sending Mark a trace, I followed his instructions for
>debugging by  using a scheduled task to get a system account command
>window (if it is of any use, I have put a copy of the debug trace at the
>end). What I found in the process is that there appears to be some
>permissions related problem, because I get logged in as any valid user
>over the ssh channel, but that immediately exits. Trying to figure that
>out I found that the only process/user that can run the shell is the
>system account. When I run sh, bash, or the cygwin.bat from any other
>account it just exits, but they appear to work fine in the system
>initiated command window. This is also true of many of the exe's in
>/bin, although some of them just hang with 100% cpu for the non-system
>user.
>
>One thing I found in the process is that the old passwd file is useless.
>The only way I could log in using ssh with either Mark's sshd subset, or
>the full cygwin was to use the mkpasswd & mkgroup process to build those
>files from scratch with the NT UIDs. What the log showed before I did
>that was 'Cygwin Process Id = 0xC78 : fatal: setuid 520: Not owner.'
>Simply changing that got me to the point of 'password accepted', but
>until the shell runs for all accounts, that does no good.
>
>I tried setting bash to W2k compatibility mode (actually all modes), and
>turning off  the 'protect my computer from unauthorized activity'
>checkbox in the run as ... option, but those made no difference. I also
>tried setting the file owner for the entire subdirectory tree to system,
>again no difference. cygrunsrv.exe and sshd.exe are running as system,
>but it appears they end up running the shell in user space.
>
>Any clues what to try next???

Why don't you ask "Mark"?

cgf

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* RE: cygwin & opensshd on .net enterprise server
  2002-05-15 12:55 cygwin & opensshd on .net enterprise server Tony Hain
  2002-05-16  0:06 ` Christopher Faylor
@ 2002-05-16  6:51 ` Tony Hain
  2002-05-16 10:47   ` Larry Hall (RFK Partners, Inc)
  2002-05-16 12:13   ` Tony Hain
  2002-05-16 13:52 ` Prentis Brooks
  2 siblings, 2 replies; 11+ messages in thread
From: Tony Hain @ 2002-05-16  6:51 UTC (permalink / raw)
  To: cygwin; +Cc: mark

Christopher Faylor wrote:
> > I am looking for any clues on how to make cygwin & opensshd
> > work on a .net enterprise server, and found nothing in the
> > mail archive. I had been running Mark's opensshd specific
> > environment on W2k server without trouble. When I installed a
> > fresh build 3615, OpenSSH_3.1p1 failed, so I thought I would
> > try the full cygwin. That is failing in the same way, so
> > after a couple of days experimenting I am stuck.
> >
> > ... snip
> >
> > Any clues what to try next???
>
> Why don't you ask "Mark"?
>
> cgf

I did copy him on the original note so he would be aware of the issue,
but at this point I have completely removed his version (including
deleting registry keys) and installed the cygwin environment. It appears
that all of cygwin works when run in a system owned command window, but
nothing works from an administrator account. Does anyone have it working
on .net server, and if so was there anything unique about the
configuration?

I see there are lots of comments about setup being fixed and postinstall
not working, could there be a coorelation with what appear to be
privlidge issues and the version I used: setup-timestamp: 1021345807
setup-version: 2.218.2.4 ?


Tony



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* RE: cygwin & opensshd on .net enterprise server
  2002-05-16  6:51 ` Tony Hain
@ 2002-05-16 10:47   ` Larry Hall (RFK Partners, Inc)
  2002-05-16 12:13   ` Tony Hain
  1 sibling, 0 replies; 11+ messages in thread
From: Larry Hall (RFK Partners, Inc) @ 2002-05-16 10:47 UTC (permalink / raw)
  To: Tony Hain, cygwin; +Cc: mark

At 01:57 AM 5/16/2002, Tony Hain wrote:
>Christopher Faylor wrote:
> > > I am looking for any clues on how to make cygwin & opensshd
> > > work on a .net enterprise server, and found nothing in the
> > > mail archive. I had been running Mark's opensshd specific
> > > environment on W2k server without trouble. When I installed a
> > > fresh build 3615, OpenSSH_3.1p1 failed, so I thought I would
> > > try the full cygwin. That is failing in the same way, so
> > > after a couple of days experimenting I am stuck.
> > >
> > > ... snip
> > >
> > > Any clues what to try next???
> >
> > Why don't you ask "Mark"?
> >
> > cgf
>
>I did copy him on the original note so he would be aware of the issue,
>but at this point I have completely removed his version (including
>deleting registry keys) and installed the cygwin environment. It appears
>that all of cygwin works when run in a system owned command window, but
>nothing works from an administrator account.

Can you please acknowledge whether or not you read openssh*.README so that
we know whether you've missed the obvious user rights settings necessary for
the administrator account?


Larry Hall                              lhall@rfk.com
RFK Partners, Inc.                      http://www.rfk.com
838 Washington Street                   (508) 893-9779 - RFK Office
Holliston, MA 01746                     (508) 893-9889 - FAX


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* RE: cygwin & opensshd on .net enterprise server
  2002-05-16  6:51 ` Tony Hain
  2002-05-16 10:47   ` Larry Hall (RFK Partners, Inc)
@ 2002-05-16 12:13   ` Tony Hain
  1 sibling, 0 replies; 11+ messages in thread
From: Tony Hain @ 2002-05-16 12:13 UTC (permalink / raw)
  To: cygwin

Larry Hall wrote:
> > I did copy him on the original note so he would be aware of
> > the issue, but at this point I have completely removed his
> > version (including deleting registry keys) and installed the
> > cygwin environment. It appears that all of cygwin works when
> > run in a system owned command window, but nothing works from
> > an administrator account.
>
>
> Can you please acknowledge whether or not you read openssh*.README so
that
> we know whether you've missed the obvious user rights settings
necessary for
> the administrator account?

Yes I read it, along with everything else in /usr/doc/cygwin,
/usr/doc/openssh, and http://www.openssh.org/faq.html. I am not having
any problem getting sshd to run as a service, that is using the system
account as expected. Actually sshd is the only thing in the install that
is working as expected. As I have said a couple of times now, I can't
get a basic shell to work except from a system owned window. This has
nothing to do with ssh. The closest comment I see is in login.README:
   For usage with NT/W2K security, `login' is patched to allow login of
   domain users.  Setting CYGWIN=ntsec is mandatory for that feature.
I am not using a domain, and setting CYGWIN to null or ntsec makes no
difference.

Again, does anyone have cygwin working on .net server, and if so was
there anything unique about the configuration? If people have it working
without incident, obviously I have something wrong with my install, or
possibly something carries over in a W2k upgrade that isn't there in a
fresh install. The way this is acting I suspect there is a change to the
way MS handles rights and permissions because I have a simple
member-server configured in a workgroup. There is nothing special about
the accounts because they are all local.

Tony

If it makes any difference I last installed from:
ftp%3a%2f%2fftp.nas.nasa.gov%2fmirrors%2fcygwin.com%2fpub%2fcygwin
at 19:10 pdt on 5/14.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: cygwin & opensshd on .net enterprise server
  2002-05-15 12:55 cygwin & opensshd on .net enterprise server Tony Hain
  2002-05-16  0:06 ` Christopher Faylor
  2002-05-16  6:51 ` Tony Hain
@ 2002-05-16 13:52 ` Prentis Brooks
  2002-05-16 14:53   ` Prentis Brooks
  2002-05-17 10:04   ` Ulrich Voss
  2 siblings, 2 replies; 11+ messages in thread
From: Prentis Brooks @ 2002-05-16 13:52 UTC (permalink / raw)
  To: Tony Hain; +Cc: cygwin, mark

Ok, The setgid is a none error to me.  This happens when the passwd
files are not built properly.  Not your fault, some interesting Windows
installations give mkpasswd and mkgroup headaches, particularly on
Domain Controllers.  

If you check your /etc/passwd and /etc/group, you will find one of the
following:

1) You have duplicate entries in /etc/passwd for the user you are trying
to login as
2) You will find that the GID of your user in /etc/passwd does not exist
in /etc/group (most likely for the setgid error).

Check your /etc/passwd and /etc/group files, make sure that your
"Primary" NT group is in the /etc/group file and that it has the correct
GID.   In some cases I saw mkgroup create a Domain group as GID 513 and
/etc/passwd would use 10513 (I only saw this on a domain controller
where this is both a local and a domain group) or vice versa.  I think
it was the other way when I saw it.  

In short, fix your /etc/passwd and /etc/group so that they match and
your problem should be corrected.


On Wed, 15 May 2002, Tony Hain wrote:

> I am looking for any clues on how to make cygwin & opensshd work on a
> .net enterprise server, and found nothing in the mail archive. I had
> been running Mark's opensshd specific environment on W2k server without
> trouble. When I installed a fresh build 3615, OpenSSH_3.1p1 failed, so I
> thought I would try the full cygwin. That is failing in the same way, so
> after a couple of days experimenting I am stuck.
> 
> With the intent of sending Mark a trace, I followed his instructions for
> debugging by  using a scheduled task to get a system account command
> window (if it is of any use, I have put a copy of the debug trace at the
> end). What I found in the process is that there appears to be some
> permissions related problem, because I get logged in as any valid user
> over the ssh channel, but that immediately exits. Trying to figure that
> out I found that the only process/user that can run the shell is the
> system account. When I run sh, bash, or the cygwin.bat from any other
> account it just exits, but they appear to work fine in the system
> initiated command window. This is also true of many of the exe's in
> /bin, although some of them just hang with 100% cpu for the non-system
> user.
> 
> One thing I found in the process is that the old passwd file is useless.
> The only way I could log in using ssh with either Mark's sshd subset, or
> the full cygwin was to use the mkpasswd & mkgroup process to build those
> files from scratch with the NT UIDs. What the log showed before I did
> that was 'Cygwin Process Id = 0xC78 : fatal: setuid 520: Not owner.'
> Simply changing that got me to the point of 'password accepted', but
> until the shell runs for all accounts, that does no good.
> 
> I tried setting bash to W2k compatibility mode (actually all modes), and
> turning off  the 'protect my computer from unauthorized activity'
> checkbox in the run as ... option, but those made no difference. I also
> tried setting the file owner for the entire subdirectory tree to system,
> again no difference. cygrunsrv.exe and sshd.exe are running as system,
> but it appears they end up running the shell in user space.
> 
> Any clues what to try next???
> Tony
> 
> 
> 
> C:\Program Files\NetworkSimplicity\ssh>sshd -d -d -d -f sshd_config
> debug1: sshd version OpenSSH_3.1p1
> debug1: private host key: #0 type 0 RSA1
> debug3: Not a RSA1 key file /ssh/ssh_host_rsa_key.
> debug1: read PEM private key done: type RSA
> debug1: private host key: #1 type 1 RSA
> debug3: Not a RSA1 key file /ssh/ssh_host_dsa_key.
> debug1: read PEM private key done: type DSA
> debug1: private host key: #2 type 2 DSA
> debug1: Bind to port 87 on 0.0.0.0.
> Server listening on 0.0.0.0 port 87.
> debug1: Server will not fork when running in debugging mode.
> Connection from 192.168.123.34 port 4354
> debug1: Client protocol version 1.99; client software version 3.0.0 SSH
> Secure S
> hell for Windows
> debug1: match: 3.0.0 SSH Secure Shell for Windows pat 3.0.*
> Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.1p1
> debug1: list_hostkey_types: ssh-rsa,ssh-dss
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha1,diffie-hellman-gro
> up1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
> aes192-cbc,aes256-cbc
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
> aes192-cbc,aes256-cbc
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
> ssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
> ssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib
> debug2: kex_parse_kexinit: none,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit:
> ssh-rsa,ssh-dss,x509v3-sign-dss,x509v3-sign-rsa
> debug2: kex_parse_kexinit: 3des-cbc
> debug2: kex_parse_kexinit: 3des-cbc
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_init: found hmac-md5
> debug1: kex: client->server 3des-cbc hmac-md5 none
> debug2: mac_init: found hmac-md5
> debug1: kex: server->client 3des-cbc hmac-md5 none
> debug1: dh_gen_key: priv key bits set: 194/384
> debug1: bits set: 475/1024
> debug1: expecting SSH2_MSG_KEXDH_INIT
> debug1: bits set: 480/1024
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: KEX done
> debug1: userauth-request for user ahain service ssh-connection method
> none
> debug1: attempt 0 failures 0
> debug2: input_userauth_request: setting up authctxt for ahain
> debug2: input_userauth_request: try method none
> Failed none for ahain from 192.168.123.34 port 4354 ssh2
> debug1: userauth-request for user ahain service ssh-connection method
> none
> debug1: attempt 1 failures 1
> debug2: Unrecognized authentication method name: none
> Failed none for ahain from 192.168.123.34 port 4354 ssh2
> debug1: userauth-request for user ahain service ssh-connection method
> password
> debug1: attempt 2 failures 2
> debug2: input_userauth_request: try method password
> Accepted password for ahain from 192.168.123.34 port 4354 ssh2
> debug1: Entering interactive session for SSH2.
> debug1: fd 3 setting O_NONBLOCK
> debug1: fd 7 setting O_NONBLOCK
> debug1: server_init_dispatch_20
> debug1: server_input_channel_open: ctype session rchan 0 win 10000 max
> 512
> debug1: input_session_request
> debug1: channel 0: new [server-session]
> debug1: session_new: init
> debug1: session_new: session 0
> debug1: session_open: channel 0
> debug1: session_open: session 0: link with channel 0
> debug1: server_input_channel_open: confirm session
> debug1: server_input_channel_req: channel 0 request pty-req reply 0
> debug1: session_by_channel: session 0 channel 0
> debug1: session_input_channel_req: session 0 req pty-req
> debug1: Allocating pty.
> debug1: session_pty_req: session 0 alloc /dev/tty1
> debug3: tty_parse_modes: SSH2 n_bytes 0
> debug1: server_input_channel_req: channel 0 request shell reply 1
> debug1: session_by_channel: session 0 channel 0
> debug1: session_input_channel_req: session 0 req shell
> debug1: fd 4 setting TCP_NODELAY
> debug1: channel 0: rfd 9 isatty
> debug1: fd 9 setting O_NONBLOCK
> debug1: fd 8 setting O_NONBLOCK
> debug1: server_input_channel_req: channel 0 request window-change reply
> 0
> debug1: session_by_channel: session 0 channel 0
> debug1: Received SIGCHLD.
> debug1: session_input_channel_req: session 0 req window-change
> debug3: tvp!=NULL kid 1 mili 100
> debug2: notify_done: reading
> debug1: session_by_pid: pid 3964
> debug1: session_exit_message: session 0 channel 0 pid 3964
> debug1: channel request 0: exit-status
> debug1: session_exit_message: release channel 0
> debug1: channel 0: write failed
> debug1: channel 0: close_write
> debug1: channel 0: output open -> closed
> debug1: session_close: session 0 pid 3964
> debug1: session_pty_cleanup: session 0 release /dev/tty1
> Write failed: errno ESHUTDOWN triggered
> debug1: Calling cleanup 0x41f104(0x0)
> debug1: channel_free: channel 0: server-session, nchannels 1
> debug3: channel_free: status: The following connections are open:
>   #0 server-session (t4 r0 i0/185 o3/0 fd 9/-1)
> 
> debug3: channel_close_fds: channel 0: r 9 w -1 e -1
> debug1: Calling cleanup 0x417030(0x0)
> 
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 

-- 
Prentis Brooks	| prentis@aol.net | 703-265-0914 | AIM: PrentisBrooks
Senior System Administrator - Web Infrastructure & Security

       A knight is sworn to valor.  His heart knows only virtue.  His blade
       defends the helpless.  His word speaks only truth.  His wrath undoes
       the wicked. - the old code of Bowen, last of the dragonslayers


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: cygwin & opensshd on .net enterprise server
  2002-05-16 13:52 ` Prentis Brooks
@ 2002-05-16 14:53   ` Prentis Brooks
  2002-05-17 10:04   ` Ulrich Voss
  1 sibling, 0 replies; 11+ messages in thread
From: Prentis Brooks @ 2002-05-16 14:53 UTC (permalink / raw)
  To: Tony Hain; +Cc: cygwin, mark

Ok, I typed too fast... none is supposed to be known... sorry


On Thu, 16 May 2002, Prentis Brooks wrote:

> Ok, The setgid is a none error to me.  This happens when the passwd
> files are not built properly.  Not your fault, some interesting Windows
> installations give mkpasswd and mkgroup headaches, particularly on
> Domain Controllers.  
> 
> If you check your /etc/passwd and /etc/group, you will find one of the
> following:
> 
> 1) You have duplicate entries in /etc/passwd for the user you are trying
> to login as
> 2) You will find that the GID of your user in /etc/passwd does not exist
> in /etc/group (most likely for the setgid error).
> 
> Check your /etc/passwd and /etc/group files, make sure that your
> "Primary" NT group is in the /etc/group file and that it has the correct
> GID.   In some cases I saw mkgroup create a Domain group as GID 513 and
> /etc/passwd would use 10513 (I only saw this on a domain controller
> where this is both a local and a domain group) or vice versa.  I think
> it was the other way when I saw it.  
> 
> In short, fix your /etc/passwd and /etc/group so that they match and
> your problem should be corrected.
> 
> 
> On Wed, 15 May 2002, Tony Hain wrote:
> 
> > I am looking for any clues on how to make cygwin & opensshd work on a
> > .net enterprise server, and found nothing in the mail archive. I had
> > been running Mark's opensshd specific environment on W2k server without
> > trouble. When I installed a fresh build 3615, OpenSSH_3.1p1 failed, so I
> > thought I would try the full cygwin. That is failing in the same way, so
> > after a couple of days experimenting I am stuck.
> > 
> > With the intent of sending Mark a trace, I followed his instructions for
> > debugging by  using a scheduled task to get a system account command
> > window (if it is of any use, I have put a copy of the debug trace at the
> > end). What I found in the process is that there appears to be some
> > permissions related problem, because I get logged in as any valid user
> > over the ssh channel, but that immediately exits. Trying to figure that
> > out I found that the only process/user that can run the shell is the
> > system account. When I run sh, bash, or the cygwin.bat from any other
> > account it just exits, but they appear to work fine in the system
> > initiated command window. This is also true of many of the exe's in
> > /bin, although some of them just hang with 100% cpu for the non-system
> > user.
> > 
> > One thing I found in the process is that the old passwd file is useless.
> > The only way I could log in using ssh with either Mark's sshd subset, or
> > the full cygwin was to use the mkpasswd & mkgroup process to build those
> > files from scratch with the NT UIDs. What the log showed before I did
> > that was 'Cygwin Process Id = 0xC78 : fatal: setuid 520: Not owner.'
> > Simply changing that got me to the point of 'password accepted', but
> > until the shell runs for all accounts, that does no good.
> > 
> > I tried setting bash to W2k compatibility mode (actually all modes), and
> > turning off  the 'protect my computer from unauthorized activity'
> > checkbox in the run as ... option, but those made no difference. I also
> > tried setting the file owner for the entire subdirectory tree to system,
> > again no difference. cygrunsrv.exe and sshd.exe are running as system,
> > but it appears they end up running the shell in user space.
> > 
> > Any clues what to try next???
> > Tony
> > 
> > 
> > 
> > C:\Program Files\NetworkSimplicity\ssh>sshd -d -d -d -f sshd_config
> > debug1: sshd version OpenSSH_3.1p1
> > debug1: private host key: #0 type 0 RSA1
> > debug3: Not a RSA1 key file /ssh/ssh_host_rsa_key.
> > debug1: read PEM private key done: type RSA
> > debug1: private host key: #1 type 1 RSA
> > debug3: Not a RSA1 key file /ssh/ssh_host_dsa_key.
> > debug1: read PEM private key done: type DSA
> > debug1: private host key: #2 type 2 DSA
> > debug1: Bind to port 87 on 0.0.0.0.
> > Server listening on 0.0.0.0 port 87.
> > debug1: Server will not fork when running in debugging mode.
> > Connection from 192.168.123.34 port 4354
> > debug1: Client protocol version 1.99; client software version 3.0.0 SSH
> > Secure S
> > hell for Windows
> > debug1: match: 3.0.0 SSH Secure Shell for Windows pat 3.0.*
> > Enabling compatibility mode for protocol 2.0
> > debug1: Local version string SSH-2.0-OpenSSH_3.1p1
> > debug1: list_hostkey_types: ssh-rsa,ssh-dss
> > debug1: SSH2_MSG_KEXINIT sent
> > debug1: SSH2_MSG_KEXINIT received
> > debug2: kex_parse_kexinit:
> > diffie-hellman-group-exchange-sha1,diffie-hellman-gro
> > up1-sha1
> > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> > debug2: kex_parse_kexinit:
> > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
> > aes192-cbc,aes256-cbc
> > debug2: kex_parse_kexinit:
> > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
> > aes192-cbc,aes256-cbc
> > debug2: kex_parse_kexinit:
> > hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
> > ssh.com,hmac-sha1-96,hmac-md5-96
> > debug2: kex_parse_kexinit:
> > hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
> > ssh.com,hmac-sha1-96,hmac-md5-96
> > debug2: kex_parse_kexinit: none,zlib
> > debug2: kex_parse_kexinit: none,zlib
> > debug2: kex_parse_kexinit:
> > debug2: kex_parse_kexinit:
> > debug2: kex_parse_kexinit: first_kex_follows 0
> > debug2: kex_parse_kexinit: reserved 0
> > debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
> > debug2: kex_parse_kexinit:
> > ssh-rsa,ssh-dss,x509v3-sign-dss,x509v3-sign-rsa
> > debug2: kex_parse_kexinit: 3des-cbc
> > debug2: kex_parse_kexinit: 3des-cbc
> > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
> > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
> > debug2: kex_parse_kexinit: none
> > debug2: kex_parse_kexinit: none
> > debug2: kex_parse_kexinit:
> > debug2: kex_parse_kexinit:
> > debug2: kex_parse_kexinit: first_kex_follows 0
> > debug2: kex_parse_kexinit: reserved 0
> > debug2: mac_init: found hmac-md5
> > debug1: kex: client->server 3des-cbc hmac-md5 none
> > debug2: mac_init: found hmac-md5
> > debug1: kex: server->client 3des-cbc hmac-md5 none
> > debug1: dh_gen_key: priv key bits set: 194/384
> > debug1: bits set: 475/1024
> > debug1: expecting SSH2_MSG_KEXDH_INIT
> > debug1: bits set: 480/1024
> > debug1: kex_derive_keys
> > debug1: newkeys: mode 1
> > debug1: SSH2_MSG_NEWKEYS sent
> > debug1: waiting for SSH2_MSG_NEWKEYS
> > debug1: newkeys: mode 0
> > debug1: SSH2_MSG_NEWKEYS received
> > debug1: KEX done
> > debug1: userauth-request for user ahain service ssh-connection method
> > none
> > debug1: attempt 0 failures 0
> > debug2: input_userauth_request: setting up authctxt for ahain
> > debug2: input_userauth_request: try method none
> > Failed none for ahain from 192.168.123.34 port 4354 ssh2
> > debug1: userauth-request for user ahain service ssh-connection method
> > none
> > debug1: attempt 1 failures 1
> > debug2: Unrecognized authentication method name: none
> > Failed none for ahain from 192.168.123.34 port 4354 ssh2
> > debug1: userauth-request for user ahain service ssh-connection method
> > password
> > debug1: attempt 2 failures 2
> > debug2: input_userauth_request: try method password
> > Accepted password for ahain from 192.168.123.34 port 4354 ssh2
> > debug1: Entering interactive session for SSH2.
> > debug1: fd 3 setting O_NONBLOCK
> > debug1: fd 7 setting O_NONBLOCK
> > debug1: server_init_dispatch_20
> > debug1: server_input_channel_open: ctype session rchan 0 win 10000 max
> > 512
> > debug1: input_session_request
> > debug1: channel 0: new [server-session]
> > debug1: session_new: init
> > debug1: session_new: session 0
> > debug1: session_open: channel 0
> > debug1: session_open: session 0: link with channel 0
> > debug1: server_input_channel_open: confirm session
> > debug1: server_input_channel_req: channel 0 request pty-req reply 0
> > debug1: session_by_channel: session 0 channel 0
> > debug1: session_input_channel_req: session 0 req pty-req
> > debug1: Allocating pty.
> > debug1: session_pty_req: session 0 alloc /dev/tty1
> > debug3: tty_parse_modes: SSH2 n_bytes 0
> > debug1: server_input_channel_req: channel 0 request shell reply 1
> > debug1: session_by_channel: session 0 channel 0
> > debug1: session_input_channel_req: session 0 req shell
> > debug1: fd 4 setting TCP_NODELAY
> > debug1: channel 0: rfd 9 isatty
> > debug1: fd 9 setting O_NONBLOCK
> > debug1: fd 8 setting O_NONBLOCK
> > debug1: server_input_channel_req: channel 0 request window-change reply
> > 0
> > debug1: session_by_channel: session 0 channel 0
> > debug1: Received SIGCHLD.
> > debug1: session_input_channel_req: session 0 req window-change
> > debug3: tvp!=NULL kid 1 mili 100
> > debug2: notify_done: reading
> > debug1: session_by_pid: pid 3964
> > debug1: session_exit_message: session 0 channel 0 pid 3964
> > debug1: channel request 0: exit-status
> > debug1: session_exit_message: release channel 0
> > debug1: channel 0: write failed
> > debug1: channel 0: close_write
> > debug1: channel 0: output open -> closed
> > debug1: session_close: session 0 pid 3964
> > debug1: session_pty_cleanup: session 0 release /dev/tty1
> > Write failed: errno ESHUTDOWN triggered
> > debug1: Calling cleanup 0x41f104(0x0)
> > debug1: channel_free: channel 0: server-session, nchannels 1
> > debug3: channel_free: status: The following connections are open:
> >   #0 server-session (t4 r0 i0/185 o3/0 fd 9/-1)
> > 
> > debug3: channel_close_fds: channel 0: r 9 w -1 e -1
> > debug1: Calling cleanup 0x417030(0x0)
> > 
> > 
> > --
> > Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> > Bug reporting:         http://cygwin.com/bugs.html
> > Documentation:         http://cygwin.com/docs.html
> > FAQ:                   http://cygwin.com/faq/
> > 
> 
> 

-- 
Prentis Brooks	| prentis@aol.net | 703-265-0914 | AIM: PrentisBrooks
Senior System Administrator - Web Infrastructure & Security

       A knight is sworn to valor.  His heart knows only virtue.  His blade
       defends the helpless.  His word speaks only truth.  His wrath undoes
       the wicked. - the old code of Bowen, last of the dragonslayers


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: cygwin & opensshd on .net enterprise server
  2002-05-16 13:52 ` Prentis Brooks
  2002-05-16 14:53   ` Prentis Brooks
@ 2002-05-17 10:04   ` Ulrich Voss
  2002-05-17 12:18     ` Tony Hain
  1 sibling, 1 reply; 11+ messages in thread
From: Ulrich Voss @ 2002-05-17 10:04 UTC (permalink / raw)
  To: Tony Hain; +Cc: cygwin, mark, Prentis Brooks

I'll second everything Printis said and in addition please check, if 
you have the correct user-id in your passwd and group. On my 
W2K cygwin inserted (only) my local admin account to passwd, 
while I log in with my domain admin account. So id, ls -l etc. all 
look fine (admin admin), but nothing works, cause it is the false 
admin account (the false SID). OK, you mention, that you only 
have local users and no domain users, but make sure, that cygwin 
thinks the same ;-)

Ulrich.


-----------------------------------------------------------------

VoCal web publishing GmbH              \ \   / /__  / ___|__ _| |
vocal@vocalweb.de                       \ \ / / _ \| |   / _` | |
http://www.vocalweb.de                   \ V / (_) | |__| (_| | |
Tel: (++49) 203-306-1560                  \_/ \___/ \____\__,_|_|
Fax: (++49) 203-306-1561                           web publishing

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* RE: cygwin & opensshd on .net enterprise server
  2002-05-17 10:04   ` Ulrich Voss
@ 2002-05-17 12:18     ` Tony Hain
  2002-05-17 12:20       ` Prentis Brooks
  0 siblings, 1 reply; 11+ messages in thread
From: Tony Hain @ 2002-05-17 12:18 UTC (permalink / raw)
  To: Ulrich Voss; +Cc: cygwin, mark, Prentis Brooks

Ulrich Voss wrote:
> I'll second everything Printis said and in addition please check, if
> you have the correct user-id in your passwd and group. On my
> W2K cygwin inserted (only) my local admin account to passwd,
> while I log in with my domain admin account. So id, ls -l etc. all
> look fine (admin admin), but nothing works, cause it is the false
> admin account (the false SID). OK, you mention, that you only
> have local users and no domain users, but make sure, that cygwin
> thinks the same ;-)

I have deleted & regenerated both the passwd & group files a couple of
times while playing around with various edits. It is easy to
misconfigure them so that logging in via ssh fails, but when they are
fresh generated via mkpasswd & mkgroup the ssh login succeeds as
recorded in the event log, then the connection is immediately dropped. I
assume that is because bash or sh also immediately exit when run from a
command line under that user. When I run id under anything except the
system account it hangs at 100% cpu. It also makes no difference when I
set the account policies for the user to 'act as system', 'adjust memory
quotoas', & 'replace process token'.

I didn't have any problems at all with the W2k install. This all
happened when I moved to .net server. So far I haven't seen anyone
acknowledge that they have cygwin working under .net server, so I don't
know if the problem is local to my system, or something that MS has
changed in account handling due to their recent 'focus on security'.

I did receive a suggestion to run strace, and I have the output of that
for anyone that would care to look at it. (It doesn't seem like a good
idea to send that to an open list in general, and it is also fairly
long.) Short version below:

Tony


C:\cygroot\bin>strace bash --login -i
**********************************************
Program name: C:\cygroot\bin\bash.exe (3776)
App version:  1003.9, api: 0.51
DLL version:  1003.10, api: 0.51
DLL build:    2002-02-25 11:14
OS version:   Windows NT-5.1
Date/Time:    2002-05-17 10:30:09
**********************************************
 1994    3642 [main] bash 3776 environ_init: 0xA010420:
!C:=C:\cygroot\bin
...
...
...
10233 1949651 [main] bash 3776 fhandler_console::output_tcsetattr: 0 =
tcsetattr
 (,C50018) (ENABLE FLAGS 3) (lflag 107 oflag 9)
 9971 1959622 [main] bash 3776 dtable::init_std_file_from_handle: fd 2,
handle 0
xB
 9747 1969369 [main] bash 3776 dll_list::init: here
 5115 1974484 [main] bash 3776 dll_crt0_1: user_data->main 0x401208

C:\cygroot\bin>


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* RE: cygwin & opensshd on .net enterprise server
  2002-05-17 12:18     ` Tony Hain
@ 2002-05-17 12:20       ` Prentis Brooks
  2002-05-17 19:15         ` Tony Hain
  0 siblings, 1 reply; 11+ messages in thread
From: Prentis Brooks @ 2002-05-17 12:20 UTC (permalink / raw)
  To: Tony Hain; +Cc: Ulrich Voss, cygwin, mark

That is what I was saying, there are cases where mkpasswd and mkgroup do
not create clean files, primarily on Domain Controllers.  You need to
verify them manually.


On Fri, 17 May 2002, Tony Hain wrote:

> Ulrich Voss wrote:
> > I'll second everything Printis said and in addition please check, if
> > you have the correct user-id in your passwd and group. On my
> > W2K cygwin inserted (only) my local admin account to passwd,
> > while I log in with my domain admin account. So id, ls -l etc. all
> > look fine (admin admin), but nothing works, cause it is the false
> > admin account (the false SID). OK, you mention, that you only
> > have local users and no domain users, but make sure, that cygwin
> > thinks the same ;-)
> 
> I have deleted & regenerated both the passwd & group files a couple of
> times while playing around with various edits. It is easy to
> misconfigure them so that logging in via ssh fails, but when they are
> fresh generated via mkpasswd & mkgroup the ssh login succeeds as
> recorded in the event log, then the connection is immediately dropped. I
> assume that is because bash or sh also immediately exit when run from a
> command line under that user. When I run id under anything except the
> system account it hangs at 100% cpu. It also makes no difference when I
> set the account policies for the user to 'act as system', 'adjust memory
> quotoas', & 'replace process token'.
> 
> I didn't have any problems at all with the W2k install. This all
> happened when I moved to .net server. So far I haven't seen anyone
> acknowledge that they have cygwin working under .net server, so I don't
> know if the problem is local to my system, or something that MS has
> changed in account handling due to their recent 'focus on security'.
> 
> I did receive a suggestion to run strace, and I have the output of that
> for anyone that would care to look at it. (It doesn't seem like a good
> idea to send that to an open list in general, and it is also fairly
> long.) Short version below:
> 
> Tony
> 
> 
> C:\cygroot\bin>strace bash --login -i
> **********************************************
> Program name: C:\cygroot\bin\bash.exe (3776)
> App version:  1003.9, api: 0.51
> DLL version:  1003.10, api: 0.51
> DLL build:    2002-02-25 11:14
> OS version:   Windows NT-5.1
> Date/Time:    2002-05-17 10:30:09
> **********************************************
>  1994    3642 [main] bash 3776 environ_init: 0xA010420:
> !C:=C:\cygroot\bin
> ...
> ...
> ...
> 10233 1949651 [main] bash 3776 fhandler_console::output_tcsetattr: 0 =
> tcsetattr
>  (,C50018) (ENABLE FLAGS 3) (lflag 107 oflag 9)
>  9971 1959622 [main] bash 3776 dtable::init_std_file_from_handle: fd 2,
> handle 0
> xB
>  9747 1969369 [main] bash 3776 dll_list::init: here
>  5115 1974484 [main] bash 3776 dll_crt0_1: user_data->main 0x401208
> 
> C:\cygroot\bin>
> 

-- 
Prentis Brooks	| prentis@aol.net | 703-265-0914 | AIM: PrentisBrooks
Senior System Administrator - Web Infrastructure & Security

       A knight is sworn to valor.  His heart knows only virtue.  His blade
       defends the helpless.  His word speaks only truth.  His wrath undoes
       the wicked. - the old code of Bowen, last of the dragonslayers


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

* RE: cygwin & opensshd on .net enterprise server
  2002-05-17 12:20       ` Prentis Brooks
@ 2002-05-17 19:15         ` Tony Hain
  0 siblings, 0 replies; 11+ messages in thread
From: Tony Hain @ 2002-05-17 19:15 UTC (permalink / raw)
  To: Prentis Brooks; +Cc: Ulrich Voss, cygwin, mark

Well I found a way to get the process to stay alive by setting the shell
in /etc/passwd to: /cygdrive/c/win-es/system32/cmd.exe   Since I believe
the passwd/group & account info would all have to be aligned for a
successful login to work, I would like to look elsewhere for the issue
with the cygwin shells exiting.

Another thread mentioned cygcheck -s -r -v, so I am including that.  The
only thing that stands out to the untrained eye is that the registry
entries for mounts under current user and terminal server are empty,
while local machine has values that make sense. Is there a script that
might have failed to run that would set the other entries?

Tony


C:\>cygcheck -s -r -v

Cygwin Win95/NT Configuration Diagnostics
Current System Time: Fri May 17 14:41:53 2002

Windows .NET Enterprise Server Ver 5.1 Build 3615 Service Pack 1

Path:   C:\WIN-ES\system32
        C:\WIN-ES
        C:\WIN-ES\System32\Wbem
        c:\cmds
        C:\Program Files\Resource Pro Kit
        C:\Program Files\Microsoft Visual Studio\VC98\Bin
        C:\Program Files\Microsoft Visual Studio\common\msdev98\bin
        c:\cygroot\bin

SysDir: C:\WIN-ES\System32
WinDir: C:\Documents and Settings\ahain\WINDOWS

CYGWIN = `tty'
Path =
`C:\WIN-ES\system32;C:\WIN-ES;C:\WIN-ES\System32\Wbem;c:\cmds;C:\Program
Files\Resource Pro Kit;C:\Program Files\Microsoft Visual
Studio\VC98\Bin;C:\Prog
ram Files\Microsoft Visual Studio\common\msdev98\bin;c:\cygroot\bin'

ALLUSERSPROFILE = `C:\Documents and Settings\All Users'
APPDATA = `C:\Documents and Settings\ahain\Application Data'
CLIENTNAME = `EAGLES-WINGS'
ClusterLog = `C:\WIN-ES\Cluster\cluster.log'
CommonProgramFiles = `C:\Program Files\Common Files'
COMPUTERNAME = `LIBRARY'
ComSpec = `C:\WIN-ES\system32\cmd.exe'
HOMEDRIVE = `C:'
HOMEPATH = `\Documents and Settings\ahain'
LOGONSERVER = `\\LIBRARY'
NUMBER_OF_PROCESSORS = `2'
OS = `Windows_NT'
PATHEXT = `.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH'
PROCESSOR_ARCHITECTURE = `x86'
PROCESSOR_IDENTIFIER = `x86 Family 6 Model 7 Stepping 3, GenuineIntel'
PROCESSOR_LEVEL = `6'
PROCESSOR_REVISION = `0703'
ProgramFiles = `C:\Program Files'
PROMPT = `$P$G'
SESSIONNAME = `RDP-Tcp#1'
SystemDrive = `C:'
SystemRoot = `C:\WIN-ES'
TEMP = `C:\DOCUME~1\ahain\LOCALS~1\Temp\1'
TMP = `C:\DOCUME~1\ahain\LOCALS~1\Temp\1'
USERDOMAIN = `LIBRARY'
USERNAME = `ahain'
USERPROFILE = `C:\Documents and Settings\ahain'
windir = `C:\WIN-ES'

HKEY_CURRENT_USER\Software\Cygnus Solutions
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\mounts v2
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\Program Options
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2
  (default) = `/cygdrive'
  cygdrive flags = 0x00000022
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/
  (default) = `C:\cygroot'
  flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/usr/bin
  (default) = `C:\cygroot/bin'
  flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/usr/lib
  (default) = `C:\cygroot/lib'
  flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\Program Options
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal
Server\
Install\Software\Cygnus Solutions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal
Server\
Install\Software\Cygnus Solutions\Cygwin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal
Server\
Install\Software\Cygnus Solutions\Cygwin\mounts v2

a:  fd           N/A    N/A
c:  hd  NTFS   19461Mb  47% CP CS UN PA FC
d:  hd  NTFS   87926Mb  54% CP CS UN PA FC     Stripe Set
e:  cd           N/A    N/A
f:  cd  CDFS     587Mb 100%    CS              VSP600ENU1

C:\cygroot      /          system  binmode
C:\cygroot/bin  /usr/bin   system  binmode
C:\cygroot/lib  /usr/lib   system  binmode
.               /cygdrive  user    binmode,noumount

Found: c:\cygroot\bin\bash.exe
Found: c:\cygroot\bin\cat.exe
Found: c:\cygroot\bin\cpp.exe
Found: c:\cygroot\bin\find.exe
Found: c:\cygroot\bin\gcc.exe
Not Found: gdb
Found: c:\cygroot\bin\ld.exe
Found: c:\cygroot\bin\ls.exe
Found: c:\cygroot\bin\make.exe
Found: c:\cygroot\bin\sh.exe

  621k 2002/01/16 c:\cygroot\bin\cygcrypto.dll - os=4.0 img=1.0 sys=4.0
                  "cygcrypto.dll" v0.0 ts=2002/1/16 1:54
   45k 2001/04/25 c:\cygroot\bin\cygform5.dll - os=4.0 img=1.0 sys=4.0
                  "cygform5.dll" v0.0 ts=2001/4/24 22:28
   35k 2002/01/09 c:\cygroot\bin\cygform6.dll - os=4.0 img=1.0 sys=4.0
                  "cygform6.dll" v0.0 ts=2002/1/8 22:03
   19k 2002/02/20 c:\cygroot\bin\cyggdbm.dll - os=4.0 img=1.0 sys=4.0
                  "cyggdbm.dll" v0.0 ts=2002/2/19 19:05
   17k 2001/06/28 c:\cygroot\bin\cyghistory4.dll - os=4.0 img=1.0
sys=4.0
                  "cyghistory4.dll" v0.0 ts=2001/1/6 20:34
   20k 2002/01/13 c:\cygroot\bin\cyghistory5.dll - os=4.0 img=1.0
sys=4.0
                  "cyghistory5.dll" v0.0 ts=2002/1/12 17:27
   22k 2001/12/13 c:\cygroot\bin\cygintl-1.dll - os=4.0 img=1.0 sys=4.0
                  "cygintl-1.dll" v0.0 ts=2001/12/13 1:28
   21k 2001/06/20 c:\cygroot\bin\cygintl.dll - os=4.0 img=1.0 sys=4.0
                  "cygintl.dll" v0.0 ts=2001/6/20 10:09
   81k 2000/12/05 c:\cygroot\bin\cygitcl30.dll - os=4.0 img=1.0 sys=4.0
                  "cygitcl30.dll" v0.0 ts=2000/11/25 17:43
   35k 2000/12/05 c:\cygroot\bin\cygitk30.dll - os=4.0 img=1.0 sys=4.0
                  "cygitk30.dll" v0.0 ts=2000/11/25 17:43
   26k 2001/04/25 c:\cygroot\bin\cygmenu5.dll - os=4.0 img=1.0 sys=4.0
                  "cygmenu5.dll" v0.0 ts=2001/4/24 22:27
   20k 2002/01/09 c:\cygroot\bin\cygmenu6.dll - os=4.0 img=1.0 sys=4.0
                  "cygmenu6.dll" v0.0 ts=2002/1/8 22:03
  156k 2001/04/25 c:\cygroot\bin\cygncurses++5.dll - os=4.0 img=1.0
sys=4.0
                  "cygncurses++5.dll" v0.0 ts=2001/4/24 22:29
  175k 2002/01/09 c:\cygroot\bin\cygncurses++6.dll - os=4.0 img=1.0
sys=4.0
                  "cygncurses++6.dll" v0.0 ts=2002/1/8 22:03
  226k 2001/04/25 c:\cygroot\bin\cygncurses5.dll - os=4.0 img=1.0
sys=4.0
                  "cygncurses5.dll" v0.0 ts=2001/4/24 22:17
  202k 2002/01/09 c:\cygroot\bin\cygncurses6.dll - os=4.0 img=1.0
sys=4.0
                  "cygncurses6.dll" v0.0 ts=2002/1/8 22:03
   15k 2001/04/25 c:\cygroot\bin\cygpanel5.dll - os=4.0 img=1.0 sys=4.0
                  "cygpanel5.dll" v0.0 ts=2001/4/24 22:27
   12k 2002/01/09 c:\cygroot\bin\cygpanel6.dll - os=4.0 img=1.0 sys=4.0
                  "cygpanel6.dll" v0.0 ts=2002/1/8 22:03
   40k 2001/11/21 c:\cygroot\bin\cygpcre.dll - os=4.0 img=1.0 sys=4.0
                  "cygpcre.dll" v0.0 ts=2001/11/21 14:15
   39k 2001/11/21 c:\cygroot\bin\cygpcreposix.dll - os=4.0 img=1.0
sys=4.0
                  "cygpcreposix.dll" v0.0 ts=2001/11/21 14:15
  108k 2001/06/28 c:\cygroot\bin\cygreadline4.dll - os=4.0 img=1.0
sys=4.0
                  "cygreadline4.dll" v0.0 ts=2001/1/6 20:34
  121k 2002/01/13 c:\cygroot\bin\cygreadline5.dll - os=4.0 img=1.0
sys=4.0
                  "cygreadline5.dll" v0.0 ts=2002/1/12 17:27
  156k 2002/01/16 c:\cygroot\bin\cygssl.dll - os=4.0 img=1.0 sys=4.0
                  "cygssl.dll" v0.0 ts=2002/1/16 1:54
  390k 2000/12/05 c:\cygroot\bin\cygtcl80.dll - os=4.0 img=1.0 sys=4.0
                  "cygtcl80.dll" v0.0 ts=2000/11/25 17:39
    5k 2000/12/05 c:\cygroot\bin\cygtclpip80.dll - os=4.0 img=1.0
sys=4.0
   10k 2000/12/05 c:\cygroot\bin\cygtclreg80.dll - os=4.0 img=1.0
sys=4.0
                  "cygtclreg80.dll" v0.0 ts=2000/11/25 17:39
  623k 2000/12/05 c:\cygroot\bin\cygtk80.dll - os=4.0 img=1.0 sys=4.0
                  "cygtk80.dll" v0.0 ts=2000/11/25 17:43
   50k 2002/03/12 c:\cygroot\bin\cygz.dll - os=4.0 img=1.0 sys=4.0
                  "cygz.dll" v0.0 ts=2002/3/11 20:38
  751k 2002/05/16 c:\cygroot\bin\cygwin1.dll - os=4.0 img=1.0 sys=4.0
                  "cygwin1.dll" v0.0 ts=2002/2/25 8:14
    Cygwin DLL version info:
        DLL version: 1.3.10
        DLL epoch: 19
        DLL bad signal mask: 19005
        DLL old termios: 5
        DLL malloc env: 28
        API major: 0
        API minor: 51
        Shared data: 3
        DLL identifier: cygwin1
        Mount registry: 2
        Cygnus registry name: Cygnus Solutions
        Cygwin registry name: Cygwin
        Program options name: Program Options
        Cygwin mount registry name: mounts v2
        Cygdrive flags: cygdrive flags
        Cygdrive prefix: cygdrive prefix
        Cygdrive default prefix:
        Build date: Mon Feb 25 11:14:34 EST 2002
        Shared id: cygwin1S3


Cygwin Package Information
Last downloaded files to: D:\dist\cygwin
Last downloaded files from:
ftp://ftp.nas.nasa.gov/mirrors/cygwin.com/pub/cygwin


Package             Version
XFree86-base        4.2.0-1
XFree86-bin         4.2.0-1
XFree86-etc         4.2.0-1
XFree86-fenc        4.2.0-2
XFree86-fnts        4.2.0-2
XFree86-lib         4.2.0-3
XFree86-startup-scripts4.2.0-2
XFree86-xserv       4.2.0-2
ash                 20020131-1
bash                2.05a-3
binutils            20011002-1
cygrunsrv           0.95-1
cygutils            1.0.0-1
cygwin              1.3.10-1
cygwin-doc          1.0-1
diff                0.0
expect              20010117-1
fileutils           4.1-1
findutils           4.1
fvwm                2.4.7-2
gawk                3.0.4-1
gcc                 2.95.3-5
gdbm                1.8.0-4
gettext             0.10.40-1
grep                2.5-1
groff               1.17.2-1
gzip                1.3.2-1
less                374-1
libintl             0.10.38-3
libintl1            0.10.40-1
libncurses5         5.2-1
libncurses6         5.2-8
libreadline4        4.1-2
libreadline5        4.2a-1
login               1.4-3
make                3.79.1-5
man                 1.5g-2
mingw-runtime       1.3-2
more                2.11o-1
ncurses             5.2-8
openssh             3.1p1-1
openssl             0.9.6c-3
pcre                3.7-1
popt                1.6.2-1
readline            4.2a-1
sed                 3.02-1
sh-utils            2.0-2
tar                 1.13.19-1
tcltk               20001125-1
termcap             20020403-1
terminfo            5.2-2
textutils           2.0.21-1
w32api              1.3-2
which               1.5-1
zlib                1.1.4-1

Use -h to see help about each section

C:\>


> -----Original Message-----
> From: prentis@magetower.office.aol.com
> [mailto:prentis@magetower.office.aol.com]On Behalf Of Prentis Brooks
> Sent: Friday, May 17, 2002 11:02 AM
> To: Tony Hain
> Cc: Ulrich Voss; cygwin@cygwin.com; mark@networksimplicity.com
> Subject: RE: cygwin & opensshd on .net enterprise server
>
>
> That is what I was saying, there are cases where mkpasswd and
> mkgroup do
> not create clean files, primarily on Domain Controllers.  You need to
> verify them manually.
>
>
> On Fri, 17 May 2002, Tony Hain wrote:
>
> > Ulrich Voss wrote:
> > > I'll second everything Printis said and in addition
> please check, if
> > > you have the correct user-id in your passwd and group. On my
> > > W2K cygwin inserted (only) my local admin account to passwd,
> > > while I log in with my domain admin account. So id, ls -l etc. all
> > > look fine (admin admin), but nothing works, cause it is the false
> > > admin account (the false SID). OK, you mention, that you only
> > > have local users and no domain users, but make sure, that cygwin
> > > thinks the same ;-)
> >
> > I have deleted & regenerated both the passwd & group files
> a couple of
> > times while playing around with various edits. It is easy to
> > misconfigure them so that logging in via ssh fails, but
> when they are
> > fresh generated via mkpasswd & mkgroup the ssh login succeeds as
> > recorded in the event log, then the connection is
> immediately dropped. I
> > assume that is because bash or sh also immediately exit
> when run from a
> > command line under that user. When I run id under anything
> except the
> > system account it hangs at 100% cpu. It also makes no
> difference when I
> > set the account policies for the user to 'act as system',
> 'adjust memory
> > quotoas', & 'replace process token'.
> >
> > I didn't have any problems at all with the W2k install. This all
> > happened when I moved to .net server. So far I haven't seen anyone
> > acknowledge that they have cygwin working under .net
> server, so I don't
> > know if the problem is local to my system, or something that MS has
> > changed in account handling due to their recent 'focus on security'.
> >
> > I did receive a suggestion to run strace, and I have the
> output of that
> > for anyone that would care to look at it. (It doesn't seem
> like a good
> > idea to send that to an open list in general, and it is also fairly
> > long.) Short version below:
> >
> > Tony
> >
> >
> > C:\cygroot\bin>strace bash --login -i
> > **********************************************
> > Program name: C:\cygroot\bin\bash.exe (3776)
> > App version:  1003.9, api: 0.51
> > DLL version:  1003.10, api: 0.51
> > DLL build:    2002-02-25 11:14
> > OS version:   Windows NT-5.1
> > Date/Time:    2002-05-17 10:30:09
> > **********************************************
> >  1994    3642 [main] bash 3776 environ_init: 0xA010420:
> > !C:=C:\cygroot\bin
> > ...
> > ...
> > ...
> > 10233 1949651 [main] bash 3776
> fhandler_console::output_tcsetattr: 0 =
> > tcsetattr
> >  (,C50018) (ENABLE FLAGS 3) (lflag 107 oflag 9)
> >  9971 1959622 [main] bash 3776
> dtable::init_std_file_from_handle: fd 2,
> > handle 0
> > xB
> >  9747 1969369 [main] bash 3776 dll_list::init: here
> >  5115 1974484 [main] bash 3776 dll_crt0_1: user_data->main 0x401208
> >
> > C:\cygroot\bin>
> >
>
> --
> Prentis Brooks	| prentis@aol.net | 703-265-0914 | AIM:
> PrentisBrooks
> Senior System Administrator - Web Infrastructure & Security
>
>        A knight is sworn to valor.  His heart knows only
> virtue.  His blade
>        defends the helpless.  His word speaks only truth.
> His wrath undoes
>        the wicked. - the old code of Bowen, last of the dragonslayers
>
>


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

^ permalink raw reply	[flat|nested] 11+ messages in thread

end of thread, other threads:[~2002-05-17 22:01 UTC | newest]

Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2002-05-15 12:55 cygwin & opensshd on .net enterprise server Tony Hain
2002-05-16  0:06 ` Christopher Faylor
2002-05-16  6:51 ` Tony Hain
2002-05-16 10:47   ` Larry Hall (RFK Partners, Inc)
2002-05-16 12:13   ` Tony Hain
2002-05-16 13:52 ` Prentis Brooks
2002-05-16 14:53   ` Prentis Brooks
2002-05-17 10:04   ` Ulrich Voss
2002-05-17 12:18     ` Tony Hain
2002-05-17 12:20       ` Prentis Brooks
2002-05-17 19:15         ` Tony Hain

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).