1.5.21-1: sshd occasionally fails to start
Tom Mount
tmountjr@gmail.com
Sat Nov 18 02:30:00 GMT 2006
On 11/17/06, Igor Peshansky <pechtcha@> wrote:
> On Fri, 17 Nov 2006, Tom Mount wrote:
>
> > On 11/17/06, Igor Peshansky <> wrote:
> > > Ugh, top-posting... Reformatted.
> > >
> > > On Fri, 17 Nov 2006, Tom Mount wrote:
> > >
> > > > On 11/16/06, Larry Hall (Cygwin) <reply-to-list-only-lh@XXXXXX.XXX> wrote:
> > >
> > > <http://cygwin.com/acronyms/#PCYMTNQREAIYR>. Thanks.
> > >
> > > > > Tom Mount wrote:
> > > > > > How did you come up with that directory name? I searched through the
> > > > > > output file I posted and couldn't find it. I also ran a search on
> > > > > > that computer for any and all cygwin1.dll files - I probably should
> > > > > > have mentioned right off the bat that that's the first thing I do
> > > > > > when I can't start the sshd service. I can't find
> > > > > > c:/tools/foundstone, and I can't find any other cygwin1.dll files on
> > > > > > the system.
> > > > >
> > > > > Hm, I guess that's why it looked *so* familiar. Yours didn't
> > > > > overwrite the last one I viewed. :-(
> > > > >
> > > > > Are you sure tcpip is starting up in a timely manner? If it's not,
> > > > > 'sshd' won't either.
> > > >
> > > > For kicks I shut down the sshd process and attempted to start it right
> > > > back up. No dice. Here's the output from my bash window:
> > > >
> > > > Tmount@CS8664 ~
> > > > $ cygrunsrv -Q tcpip
> > > > Service : tcpip
> > > > Display name : TCP/IP Protocol Driver
> > > > Description : TCP/IP Protocol Driver
> > > > Current State : Running
> > > > Controls Accepted : Stop
> > > >
> > > > Tmount@CS8664 ~
> > > > $ net start sshd
> > > > The CYGWIN sshd service is starting.
> > > > The CYGWIN sshd service could not be started.
> > > >
> > > > A system error has occurred.
> > > >
> > > > System error 1067 has occurred.
> > > >
> > > > The process terminated unexpectedly.
> > > >
> > > >
> > > > Tmount@CS8664 ~
> > > > $ cygrunsrv -S sshd
> > > > cygrunsrv: Error starting a service: QueryServiceStatus: Win32
> > > > error 1062: The service has not been started.
> > >
> > > Do you have any extra information in the Event Log or in
> > > /var/log/sshd.log?
> > > Igor
> > > --
> > > http://cs.nyu.edu/~pechtcha/
> > > |\ _,,,---,,_ pechtcha@ | igor@
>
> Thanks, Tom, I appreciate your effort in removing the email addresses in
> my .signature, but just to clarify, the PCYMTNQREAIYR acronym only refers
> to the lead-in string (i.e., Joe <joe@example.com> wrote:), since that is
> a way of accidentally making someone's email address ripe for spammers to
> pick up. By putting the addresses in my signature, I have made a
> conscious choice to make them available, so there is no need to sanitize
> them. FWIW, feel free to remove the signature altogether from the quoted
> text (most mailers do that automatically).
>
> > sshd.log is empty. 0 bytes. In the even log I have errors like "The
> > CYGWIN sshd service terminated unexpectedly. It has done this 15
> > time(s)." These errors follow information entries like "The CYGWIN
> > sshd service was successfully sent a start control." Earlier in the
> > morning before I started messing with this, I got the following
> > information entry: "The system detected that network adapter
> > \DEVICE\TCPIP_{84D85DA7-3BDE-4091-9024-B1AA02CDDEB5} was connected to
> > the network, and has initiated normal operation over the network
> > adapter." I point that out because the source was "Tcpip."
>
> Looks like you're examining the wrong log. Take a look at the Application
> log, rather than the System log. There should be messages from "sshd" or
> "Cygwin sshd".
>
> > I'm wondering why sshd.log would be empty and if that means anything
> > for this problem. The SYSTEM user is the owner of the file, and it's
> > got full control minus execute permissions. The service is being run
> > by the local system account, so it should be able to interact with
> > that log file, right?
>
> It should be, but sshd uses the syslog mechanism to log events, and syslog
> messages by default go to the Windows Event Log. One way to rectify that
> would be to install syslogd as a service, and configure it to send
> messages from sshd to /var/log/sshd.log.
> Igor
> --
> http://cs.nyu.edu/~pechtcha/
> |\ _,,,---,,_ pechtcha@cs.nyu.edu | igor@watson.ibm.com
> ZZZzz /,`.-'`' -. ;-;;,_ Igor Peshansky, Ph.D. (name changed!)
> |,4- ) )-,_. ,\ ( `'-' old name: Igor Pechtchanski
> '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
>
> "Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
> "But no -- you are no fool; you call yourself a fool, there's proof enough in
> that!" -- Rostand, "Cyrano de Bergerac"
>
The systems are standard setup on our campus - novell client and all
its baggage, zenworks agent and all *its* baggage, and symantec
corporate AV 10.x - whatever's the most current. Beyond that we don't
have any security apps running.
I checked - the app log is a little borked, reporting virus updates
that happened January 3, 2080. However, there are no entries at all
for (cygwin) sshd in the application log, only in the system log.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list