ssh to 2003 server exist immediately
Andrew DeFaria
Andrew@DeFaria.com
Tue May 16 06:11:00 GMT 2006
* * wrote:
> You might try reconfiguring with "privilege separation" turned on.
> Also, turn on auditing of failed file access, and/or run sysInternals
> RegMon and FileMon.
Reconfigured with privilege separation turned on. Same problem.
Interesting note: I removed /var/empty so that the ssh-host-config would
recreate it. It does, but it's owned by my user. Starting sshd yields
the following in /var/log/sshd.log:
/var/empty must be owned by root and not group or world-writable.
At first I did chown SYSTEM:SYSTEM /var/empty but that didn't help. It
was not until I did a chown sshd_server /var/empty that I was able to
start sshd. It was not apparent to me that, in this context, "root" ==
"sshd_server" nor that ssh-host-config, knowing that I'm running on 2003
and needing to create a local sshd_server user and using privilege
separation, would not know to do a chown sshd_server on /var/empty. Bug?
> I think your sshd_server user doesn't have permission to execute
> Winsock2 which is %SYSTEMROOT%\System32\ws2_32.dll or one of it's
> dependencies. Did you also check the Application Event Log?
Again, whenever I go to view the Application log in the Event Viewer
after trying an ssh it's corrupted. I can right click on the Application
log and Clear All Events, thus creating a new Application log, which
works. But if I do an ssh and go back to the Event Viewer it says the
Application log is corrupted!
Meantime I edited sshd_server's rights so I could do a "runas
/user:sshd_server cmd". From here I started bash --login -i then did an
"strace /usr/sbin/sshd -d > /tmp/sshd.strace.log 2>&1" (attached). The
"relevant" part seems to be here:
61 3956481 [main] sshd 1404 sync_with_parent: no
problems
84 3956501 [main] sshd 5380 child_info::sync: n 2, waiting for
subproc_ready(0x598) and child process(0x588)
45 3956526 [main] sshd 1404 frok::child: hParent 0x594, child 1
first_dll 0x28010000, load_dlls 0
82 3956608 [main] sshd 1404 set_privilege: 0 = set_privilege ((token
77C) SeRestorePrivilege, 1)
60 3956668 [main] sshd 1404 set_privilege: 1 = set_privilege ((token
77C) SeChangeNotifyPrivilege, 1)
61 3956729 [main] sshd 1404 set_file_api_mode: File APIs set to
ANSI
58 3956787 [main] sshd 1404 dtable::fixup_after_fork: fd 3
()
57 3956844 [main] sshd 1404 fhandler_socket::fixup_after_fork:
WSASocket begin, dwServiceFlags1=131174
3957121 [main] sshd 1404 C:\Cygwin\usr\sbin\sshd.exe: *** fatal error -
could not load ws2_32, Win32 error 0
277 3957121 [main] sshd 1404 C:\Cygwin\usr\sbin\sshd.exe: *** fatal
error - could not load ws2_32, Win32 error 0
1171 3958292 [main] sshd 1404 sigproc_terminate:
entering
53 3958345 [main] sshd 1404 sig_send: my_sendsig 0x0, myself->sendsig
0x0, exit_state 12
55 3958400 [main] sshd 1404 __set_errno: int sig_send(_pinfo*,
siginfo_t&, _cygtls*):558 val 11
56 3958456 [main] sshd 1404 sig_send: returning 0x1 from sending
signal -42
53 3958509 [main] sshd 1404 proc_terminate: nprocs
0
52 3958561 [main] sshd 1404 proc_terminate:
leaving
108 3958669 [main] sshd 1404 __to_clock_t: dwHighDateTime 0,
dwLowDateTime 156250
57 3958726 [main] sshd 1404 __to_clock_t: total 00000000
0000000F
53 3958779 [main] sshd 1404 __to_clock_t: dwHighDateTime 0,
dwLowDateTime 0
52 3958831 [main] sshd 1404 __to_clock_t: total 00000000
00000000
1179 3960010 [main] sshd 1404 pinfo::exit: Calling ExitProcess n 0x1,
exitcode 0x1
I'd appreciate any pointers (guesses) at this point?
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: sshd.strace.log
URL: <http://cygwin.com/pipermail/cygwin/attachments/20060516/8acd0833/attachment.log>
-------------- next part --------------
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list