sshd refuses ssh connections

Eliah Kagan
Thu Oct 20 21:31:00 GMT 2005

On 10/20/05, Albert Lunde <> wrote:
> On Wed, Oct 19, 2005 at 03:27:40PM -0700, Brian Dessent wrote:
> > > No, it's a red herring.  The host keys should be readable only by the
> > > process that runs sshd.  This must be SYSTEM in order for impersonation
> > > to work.  Thus they should be readable only by SYSTEM, and that is how
> > > ssh-host-config sets things up, correctly.  So if you try to run sshd as
> > > your normal user account, it will not work.  That's why it's a bad idea
> > > to mess around with running sshd from a regular prompt, because you will
> > > run into all kinds of permissions/ownership issues unless you know
> > > precisely what you're doing.
> >
> > The footnote to this is that if you obtain a shell as the SYSTEM user,
> > you can run sshd from a prompt in debugging mode without any issues.
> > There is a script somewhere in the mailing list archives, I think it's
> > called "sysbash", that achieves this.
> One can also do this with the commercial product "Firedaemon"
> which is a generic service control GUI.

Or with srvany.exe from Microsoft. See the Microsoft Knowledge Base
article "How To Create a User-Defined Service":;en-us;137890

That article is written for NT and 2000, but if you're running XP or
Server 2003 it works just as well--just get srvany.exe and instsrv.exe
from the free Windows Server 2003 Resource Kit Tools:

(You may have to paste that link together.)

You could also use Sysinternals' psexec to execute an application as
SYSTEM on your own computer (if you have the File and Printer Sharing
service installed). This also works by installing a service that runs
the application.


Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list