This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sshd+ssh localhost connects, but don't reach the shell


Vilar Camara wrote:

> Well, things get more and more confusing. That's what I did:
> 
> - Removed c:\cygwin from PATH;
> - Uninstalled cygwin services (actually only sshd);
> - Installed a fresh, new cygwin instance under J:\cygwin (a NTFS
> partition). Accepted default package set, only added openssh and
> dependences;
> - Rebooted, ssh-host-config -y;
> - ssh localhost.
> 
> Still no success!

Need more detail, and completeness (you don't say if you started the service and
how).

Can you "ping localhost"?

> Then (in despair):
> 
> - Stopped other non-cygwin related services (apache, filezilla) and
> background apps;
> - Killed every non-essential process from Task Manager;
> - Changed PATH to include only %SystemRoot%\system32 and %SystemRoot%;
> - Stopped sshd, ssh-host-config, started sshd;
> - ssh localhost.
> 
> Still, again, nothing!
> 
> Now I'm completely clueless. Since this happens in two very distinct
> machines (my desktop and my notebook), I don't think it is
> hardware-related.

Who said it was hardware related?

> May cygwin be incompatible with Brazilian Portuguese Windows? Or maybe
> my computers are cursed and need to be exorcized, I don't know.
> 
> Now, some answers:
> 
[snip]
> Still, it's strange that ssh-user-config generates files that produce
> parsing errors when read by ssh client.

That's not important, it says the same thing on mine when it doesn't find a RSA key.

[snip]
>> > debug1: Remote protocol version 2.0, remote software version
>> OpenSSH_4.3
> 
> I can't get the last line. Maybe the handshaking stops before an agreement.

So it looks like no communication, the client starts, looks for your keys and
then nothing.

[snip]
> If so, it should be important to note in the docs that FAT32 is
> incompatible with privilege separation. But there is also one thing: a
> year ago I was using cygwin sshd in my desktop (it was Windows 2000 back
> then), and I had no problems at all, even using FAT32.

We don't know if FAT32 is a factor.  From your testing it appears that it is not.

> Maybe security restrictions got tighter.
> 
>> I don't know why should it hang instead of showing an explicit error 
>> -- perhaps it only appears to hang, i.e. no output.
> 
> Hmm, maybe, but it's strange that when I run /usr/sbin/sshd -D the
> terminal completely hangs, i.e., it doesn't accept Ctrl+C anymore. I
> have to kill the window.

Sounds like normal Cygwin operation to me ;-)

When a program is executing code in a Windows dll it doesn't receive signals, so
maybe ssh is stuck waiting on a function that is from Windows.

>> 1.  Disable privilege separation.  Perhaps it doesn't work because of
>> FAT32.
> 
> Good point. Tried, but no luck with that.
> 
>> 2.  What does "ls -al ~/.ssh" show for owner/group/permissions.
> 
> On my desktop (NTFS):
> 
> drwx------+ 2 vilarnt Nenhum    0 May 29 21:02 .
> drwxr-xr-x+ 3 vilarnt Nenhum    0 May 29 20:52 ..
> -rw-------+ 1 vilarnt Nenhum 1650 May 29 21:02 authorized_keys
> -rw-------  1 vilarnt Nenhum  736 May 29 20:52 id_dsa
> -rw-r--r--  1 vilarnt Nenhum  607 May 29 20:52 id_dsa.pub
> -rw-------  1 vilarnt Nenhum 1743 May 29 21:02 id_rsa
> -rw-r--r--  1 vilarnt Nenhum  399 May 29 21:02 id_rsa.pub
> -rw-------  1 vilarnt Nenhum  980 May 29 21:02 identity
> -rw-r--r--  1 vilarnt Nenhum  644 May 29 21:02 identity.pub

Looks fine, so permissions are not the trouble (sshd will complain that your
home, ".." above is world readable, but nevertheless work).

[snip]
> I'm stuck here. I was hoping that a complete reinstallation under NTFS
> should solve the problem, but it was not the case.
> 
> Do you, or any other reader around, have any other tip?

Turn you attention to the network part.

The symptoms do appear like a firewall issue like Larry Hall said, also could be
a hijacked /etc/hosts, check it (hijacked by spyware that is redirecting network
traffic to their own spy server -- never seen an actual case but it comes to
mind after seeing similar redirections on a friend's computer).

If ping works, try "telnet 127.0.0.1 22" (use the numeric IP address) you should
see "SSH-2.0-OpenSSH_4.3", then type anything and you'll get "Protocol
mismatch." and the connection is closed.

If those two work... we'll see (I would break out the protocol analyzer but that
may be too much).

> And thanks for your priceless patience so far... :-)
-- 
René Berber


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]