cygrunsrv autossh - tunnel does not come up

cygrunsrv autossh - tunnel does not come up

[hooner]

I have problems running autossh via cygrunsrv on WIN2003:
 
/bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-M 20000 -g2CN -R
20120:localhost:3389 -i /etc/key-rsa -p 20012 user@192.168.100.12" -e
AUTOSSH_NTSERVICE=yes -y tcpip --type auto

As soon as I start the service (net start autossh) it stops. So it looks
like it never came up:
Autossh.log:
2009/01/08 23:26:25 autossh[10148]: starting ssh (count 1)
2009/01/08 23:26:25 autossh[10148]: ssh child pid is 9528
Host key verification failed.
2009/01/08 23:26:25 autossh[10148]: ssh exited prematurely with status 255;
autossh exiting

Running just ssh or autossh the tunnel comes up and stays:
ssh: ssh -v -g2CN -R 20120:localhost:3389 -i /etc/key-rsa -p 20012
user@192.168.100.12
autossh: /bin/autossh -M 20000 -g2CN -R 20120:localhost:3389 -i /etc/key-rsa
-p 20012 user@192.168.100.12

I also tried to use standard 22; no changes then. 

thx for looking into this
H.
-- 
View this message in context: http://www.nabble.com/cygrunsrv-autossh---tunnel-does-not-come-up-tp21362436p21362436.html
Sent from the Cygwin list mailing list archive at Nabble.com.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: cygrunsrv autossh - tunnel does not come up

[René Berber]

hooner wrote:

> I have problems running autossh via cygrunsrv on WIN2003:
>  
> /bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-M 20000 -g2CN -R
> 20120:localhost:3389 -i /etc/key-rsa -p 20012 user@192.168.100.12" -e
> AUTOSSH_NTSERVICE=yes -y tcpip --type auto
> 
> As soon as I start the service (net start autossh) it stops. So it looks
> like it never came up:
> Autossh.log:
> 2009/01/08 23:26:25 autossh[10148]: starting ssh (count 1)
> 2009/01/08 23:26:25 autossh[10148]: ssh child pid is 9528
> Host key verification failed.
> 2009/01/08 23:26:25 autossh[10148]: ssh exited prematurely with status 255;
> autossh exiting
> 
> Running just ssh or autossh the tunnel comes up and stays:
> ssh: ssh -v -g2CN -R 20120:localhost:3389 -i /etc/key-rsa -p 20012
> user@192.168.100.12
> autossh: /bin/autossh -M 20000 -g2CN -R 20120:localhost:3389 -i /etc/key-rsa
> -p 20012 user@192.168.100.12

There's a big difference between running it as a service like you did,
and running it as a user.

First thing to try: run the service as your user, i.e. add --user <user
name> to the service installation.

And don't expect too much, I use it all the time and it works but it
fails to start very often, I end up starting it manually.
-- 
René Berber


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: cygrunsrv autossh - tunnel does not come up

[Andrew Schulman]

> > I have problems running autossh via cygrunsrv on WIN2003:
> >  
> > /bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-M 20000 -g2CN -R
> > 20120:localhost:3389 -i /etc/key-rsa -p 20012 user@192.168.100.12" -e
> > AUTOSSH_NTSERVICE=yes -y tcpip --type auto
> > 
> > As soon as I start the service (net start autossh) it stops. So it looks
> > like it never came up:
> > Autossh.log:
> > 2009/01/08 23:26:25 autossh[10148]: starting ssh (count 1)
> > 2009/01/08 23:26:25 autossh[10148]: ssh child pid is 9528
> > Host key verification failed.
> > 2009/01/08 23:26:25 autossh[10148]: ssh exited prematurely with status 255;
> > autossh exiting
> > 
> > Running just ssh or autossh the tunnel comes up and stays:
> > ssh: ssh -v -g2CN -R 20120:localhost:3389 -i /etc/key-rsa -p 20012
> > user@192.168.100.12
> > autossh: /bin/autossh -M 20000 -g2CN -R 20120:localhost:3389 -i /etc/key-rsa
> > -p 20012 user@192.168.100.12
> 
> There's a big difference between running it as a service like you did,
> and running it as a user.

Agreed.  "Host key verification failed" tells me that either the permission or
the ownership of /etc/key-rsa is wrong-- if you're going to run autossh as a
SYSTEM service, then the key has to be owned by SYSTEM and only readable by it.
Another possibility is that the key is encrypted, so SYSTEM can't read it
without a password; maybe your user process is getting it from an ssh-agent.

A good way to get more information about why the service fails to start would be
to add -v or -vv to the ssh flags (within the argument of -a).

> First thing to try: run the service as your user, i.e. add --user <user
> name> to the service installation.

Yes, this is really better.  I need to recommend this in the autossh README.

> And don't expect too much, I use it all the time and it works but it
> fails to start very often, I end up starting it manually.

Hm, I'm surprised to hear that.  I haven't run autossh as a service in a while,
but when I did it worked very reliably for me.  Can you tell me anything more
about how or why it fails to start?

Andrew.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: cygrunsrv autossh - tunnel does not come up

[René Berber]

Andrew Schulman wrote:

> Hm, I'm surprised to hear that.  I haven't run autossh as a service in a while,
> but when I did it worked very reliably for me.  Can you tell me anything more
> about how or why it fails to start?

No, sorry, there's no useful information on the events or on any log; I
just start it manually when it fails.

My guess is that since networking is very slow to get started on my
computer, and that's a feature of my network card / driver (I can see
the link go up on the switch long after boot up, after Windows starts in
fact, about when the login window appears) and the service dependency
doesn't help (that's a feature of Windows, it probably is starting the
service before the network is really up) the first logon attempt fails
and somehow autossh gives up, after bootup it behaves as it should
reestablishing the connection when lost, but not on first start, that's
why I guess the network is not really up and that makes the difference.
-- 
René Berber


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: cygrunsrv autossh - tunnel does not come up

[Andrew Schulman]

> > Hm, I'm surprised to hear that.  I haven't run autossh as a service in a while,
> > but when I did it worked very reliably for me.  Can you tell me anything more
> > about how or why it fails to start?
> 
> No, sorry, there's no useful information on the events or on any log; I
> just start it manually when it fails.

OK.  Well if you feel like pursuing this, I think that adding -v or -vv into the
autossh arguments in the service definition should give you some useful log
information, which you could post here.  Andrew.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: cygrunsrv autossh - tunnel does not come up

[hooner]

>
>> > I have problems running autossh via cygrunsrv on WIN2003:
>> >
>> > /bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-M 20000 -g2CN -R
>> > 20120:localhost:3389 -i /etc/key-rsa -p 20012 user@192.168.100.12" -e
>> > AUTOSSH_NTSERVICE=yes -y tcpip --type auto
>> >
>> > As soon as I start the service (net start autossh) it stops. So it
>> looks
>> > like it never came up:
>> > Autossh.log:
>> > 2009/01/08 23:26:25 autossh[10148]: starting ssh (count 1)
>> > 2009/01/08 23:26:25 autossh[10148]: ssh child pid is 9528
>> > Host key verification failed.
>> > 2009/01/08 23:26:25 autossh[10148]: ssh exited prematurely with status
>> 255;
>> > autossh exiting
>> >
>> > Running just ssh or autossh the tunnel comes up and stays:
>> > ssh: ssh -v -g2CN -R 20120:localhost:3389 -i /etc/key-rsa -p 20012
>> > user@192.168.100.12
>> > autossh: /bin/autossh -M 20000 -g2CN -R 20120:localhost:3389 -i
>> /etc/key-rsa
>> > -p 20012 user@192.168.100.12
>>
>> There's a big difference between running it as a service like you did,
>> and running it as a user.
.......

I have no idea to use a different user on cygwin than my windows domain
root. Should I just edit the /etc/passwd and create a new user pointing to a
new cygwin_home -> /home/new-user?
So I keep trying it with the my dom-root account.

.......
> A good way to get more information about why the service fails to start
> would be
> to add -v or -vv to the ssh flags (within the argument of -a).

okieh; I did the connection using -v with ssh and autossh. Looking to both
outputs I see a big difference

ssh:
bash-3.2$ ssh -v -i /etc/ssh/tu_LAN2DMZ_rsa -g -2C -N -R
20120:localhost:3389 -p 20012 user@192.168.100.12
OpenSSH_5.1p1, OpenSSL 0.9.8j 07 Jan 2009
debug1: Reading configuration data /home/root/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to 192.168.100.12 [192.168.100.12] port 20012.
debug1: Connection established.
debug1: identity file /etc/ssh/tu_LAN2DMZ_rsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2
debug1: match: OpenSSH_4.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 zlib@openssh.com
debug1: kex: client->server aes128-cbc hmac-md5 zlib@openssh.com
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '[192.168.100.12]:20012' is known and matches the RSA host key.
debug1: Found key in /home/root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /etc/ssh/tu_LAN2DMZ_rsa
debug1: read PEM private key done: type RSA
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (publickey).
debug1: Remote connections from LOCALHOST:20120 forwarded to local address
local
host:3389
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: remote forward success for: listen 20120, connect localhost:3389
debug1: All remote forwarding requests processed

autossh:
bash-3.2$ /bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-v -M 20000
-g2CN -R 20120:localhost:3389 -i /etc/ssh/tu_LAN2DMZ_rsa -p 20012
user@192.168.100.12" -e AUTOSSH_NTSERVICE=yes -y tcpip --type auto
2009/01/27 22:22:35 autossh[4876]: starting ssh (count 1)
2009/01/27 22:22:35 autossh[4876]: ssh child pid is 5028
OpenSSH_5.1p1, OpenSSL 0.9.8j 07 Jan 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to 192.168.100.12 [192.168.100.12] port 20012.
debug1: Connection established.
debug1: identity file /etc/ssh/tu_LAN2DMZ_rsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2
debug1: match: OpenSSH_4.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 zlib@openssh.com
debug1: kex: client->server aes128-cbc hmac-md5 zlib@openssh.com
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: checking without port identifier
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: permanently_drop_suid: 18
ssh_askpass: exec(/usr/sbin/ssh-askpass): No such file or directory
Host key verification failed.
2009/01/27 22:22:36 autossh[4876]: ssh exited prematurely with status 255;
autossh exiting

After the connection is established somehow the autossh don't recon the
known host thing and brings the error with /dev/tty......

sorry, for the output; I tried to make a diff of the two output files in
front but that gave not the full picture....

much thx;
H.
-- 
View this message in context: http://www.nabble.com/cygrunsrv-autossh---tunnel-does-not-come-up-tp21362436p21695547.html
Sent from the Cygwin list mailing list archive at Nabble.com.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/