sshd problems on specific host [1.5.25-15]
Tom Rodman
cygzu@trodman.com
Thu Mar 19 16:19:00 GMT 2009
Several hours after a reboot with no apparent trigger, sshd
stops working - 'ssh localhost' hangs prior to prompt for manual
password authentication. For example when trying:
ssh -v -v localhost
# same issue for
ssh HOSTNAME-HERE.FQDN-HERE
##
cygwin version and test case:
$ date;uname -a; cygcheck -c cygwin
Wed Mar 18 14:08:29 CDT 2009
CYGWIN_NT-5.0 myhost03 1.5.25(0.156/4/2) 2008-06-12 19:34 i686 Cygwin
Cygwin Package Information
Package Version Status
cygwin 1.5.25-15 OK
-- 'ssh -v -v localhost... minutes later manually killed sshd' --
/tmp $ date;ssh -v -v localhost
Wed Mar 18 12:59:12 CDT 2009
OpenSSH_5.1p1, OpenSSL 0.9.8j 07 Jan 2009
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/adm_tsr/.ssh/identity type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/adm_tsr/.ssh/id_rsa type 1
debug1: identity file /home/adm_tsr/.ssh/id_dsa type -1
ssh_exchange_identification: read: Connection reset by peer
/tmp $ : sshd killed, it is now: 13:03:04 Wed 090318
-- bash session showing 'strace of sshd' --
/drv/c/tmp $ net start sshd
The CYGWIN sshd service is starting.
The CYGWIN sshd service was started successfully.
/drv/c/tmp $ cd /tmp
/tmp $ p
PID PPID %CPU S VSZ USER TT SESS PGRP START COMMAND
2312 1 0.0 S 1596 SYSTEM ? 2312 2312 12:51 /usr/bin/cygrunsrv
1476 2312 0.0 S 2708 SYSTEM ? 2312 1476 12:51 /usr/sbin/sshd -D
--snip
2748 2128 0.0 R 2600 adm_tsr tty0 2128 2748 12:54 procps -wwo pid,ppid,%cpu,state,vsize,user,tty,session,pgrp,bsdstart,args -H -e
/tmp $ date;strace -ostrace.out -p1476
Wed Mar 18 12:59:02 CDT 2009
Windows process 1380 attached
Windows process 1380 detached
/tmp $ ls -lrt strace.out*
-r-xr-xr-x 1 adm_tsr 7rq_staff 1502 Mar 18 12:59 strace.out,b4-sshd-kill*
-r-xr-xr-x+ 1 adm_tsr 7rq_staff 4918 Mar 18 13:03 strace.out*
/tmp $
-- session showing 'kill of sshd minutes after "ssh localhost" blocked' --
/tmp $ p # 'p' is my alias for "procps -wwo pid,ppid..."
PID PPID %CPU S VSZ USER TT SESS PGRP START COMMAND
--snip
2248 2308 0.0 R 2600 adm_tsr tty2 2308 2248 12:57 procps -wwo pid,ppid,%cpu,state,vsize,user,tty,session,pgrp,bsdstart,args -H -e
2312 1 0.0 S 1620 SYSTEM ? 2312 2312 12:51 /usr/bin/cygrunsrv
1476 2312 0.0 S 2736 SYSTEM ? 2312 1476 12:51 /usr/sbin/sshd -D
--snip
/tmp $ ls -l strace.out
-r-xr-xr-x+ 1 adm_tsr 7rq_staff 1502 Mar 18 12:59 strace.out*
/tmp $ cp strace.out strace.out,b4-sshd-kill
/tmp $ p
PID PPID %CPU S VSZ USER TT SESS PGRP START COMMAND
--snip
1724 2308 0.0 R 2600 adm_tsr tty2 2308 1724 13:02 procps -wwo pid,ppid,%cpu,state,vsize,user,tty,session,pgrp,bsdstart,args -H -e
2312 1 0.0 S 1620 SYSTEM ? 2312 2312 12:51 /usr/bin/cygrunsrv
1476 2312 0.0 S 2760 SYSTEM ? 2312 1476 12:51 /usr/sbin/sshd -D
--snip
2208 2724 0.0 S 2832 adm_tsr tty1 2724 2208 12:59 ssh -v -v localhost
--snip
700 2128 0.0 S 1412 adm_tsr tty0 2128 700 12:59 <defunct>
/tmp $ date;kill -kill 1476
Wed Mar 18 13:03:04 CDT 2009
/tmp $
If you have test suggestions, let me know.
-------------- next part --------------
$ cygcheck -s -v -r
Cygwin Configuration Diagnostics
Current System Time: Wed Mar 18 14:08:47 2009
Windows 2000 Professional Ver 5.0 staffuser2 2195 Service Pack 4
Path: c:\aut\cyg\bin
c:\aut\cyg\bin
c:\aut\cyg\usr\X11R6\bin
c:\aut\m
c:\aut\ulb
c:\adm\bin\sys
c:\adm\bin\app
c:\WINNT\system32
c:\WINNT
c:\WINNT\System32\Wbem
d:\opt\Common Files\GTK\2.0\bin
c:\opt\ntreskit
c:\Program Files\Visual Networks\Dial Analysis\
d:\opt\QuickTime\QTSystem\
.
Output from c:\aut\cyg\bin\id.exe (nontsec)
UID: 1000(adm_usr1) GID: 1003(7rq_staff)
0(root) 513(None) 544(Administrators)
545(Users) 1003(7rq_staff)
Output from c:\aut\cyg\bin\id.exe (ntsec)
UID: 1000(adm_usr1) GID: 1003(7rq_staff)
0(root) 513(None) 544(Administrators)
545(Users) 1003(7rq_staff)
SysDir: C:\WINNT\system32
WinDir: C:\WINNT
USER = 'adm_usr1'
PWD = '/home/adm_usr1'
CYGWIN = 'binmode tty ntsec smbntsec'
HOME = '/home/adm_usr1'
MAKE_MODE = 'UNIX'
rv = '/adm/backup/recovery'
cfl = '/adm/sa/cfglog'
MANPATH = '/usr/local/man:/usr/share/man:/usr/man:'
HOSTNAME = 'myhost03'
D = '/drv'
LCL_PATH_ADM = 'c:'
TERM = 'cygwin'
PROCESSOR_IDENTIFIER = 'x86 Family 6 Model 4 Stepping 4, AuthenticAMD'
DIRCMD = '/A'
WINDIR = 'C:\WINNT'
TMPDIR = '/tmp'
Cu = '/drv/c/bcm_util'
OLDPWD = '/drv/c/tmp'
_mkt_dir = '/adm/sa/tmp'
USERDOMAIN = 'myhost03'
db = '/adm/db'
OS = 'Windows_NT'
ALLUSERSPROFILE = 'C:\Documents and Settings\All Users'
dc = '/adm/doc'
XCM_MKEP01_DB = '\\\bcmdb\xyzp01'
svars_bash_defined = 'yes'
PATH_ADM = 'c:'
OS2LIBPATH = 'C:\WINNT\system32\os2\dll;'
BASH_BIN = 'c:\aut\cyg\bin'
rg = 'C:\WINNT\system32\config'
TEMP = '/drv/c/DOCUME~1/adm_usr1/LOCALS~1/Temp'
COMMONPROGRAMFILES = 'C:\Program Files\Common Files'
PATH_ORIG = 'C:\aut\perl5\bin\;C:\aut\perl5\bin\;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;d
:\opt\Common Files\GTK\2.0\bin;c:\opt\ntreskit;C:\Program Files\Visual Networks\Dial Analysis\;D:\op
t\QuickTime\QTSystem\'
T = '/adm/sa/tmp'
bas = '/adm/bin/app/s'
QTJAVA = 'C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip'
s1 = '/adm/sa/1shot'
USERNAME = 'adm_usr1'
doc = '/adm/doc'
CMUTIL_PATH = 'c:\bcm_util'
dw = '/drv/c/Documents and Settings/All Users/Documents/DrWatson/drwtsn32.log'
PROCESSOR_LEVEL = '6'
XCM_TRAINING_DB = '\\\bcmdb\training'
XCM_PRODUCTION_DB = '\\\bcmdb\production'
recovery = '/adm/backup/recovery'
nu = '/adm/doc/bcm/newuser'
fdb = '/adm/db/sys/fdb_'
c9 = '//OurHost_onw/c_drive'
SYSTEMDRIVE = 'C:'
b = '/adm/bin/sys'
be = '//OurHost_ntq/d_drive/Installs/compile engines'
lg = '/adm/log'
EDITOR = '/usr/bin/vim'
bb = '/adm/backup/bin'
USERPROFILE = 'C:\Documents and Settings\adm_usr1'
AUT_PATH_GNU = 'c:/aut'
ba = '/adm/bin/app'
sa = '/adm/sa'
pro = '/adm/doc'
atl = '/adm/log/at'
dta = '/adm/db/app'
ETC_MNTPNT_DOS = 'NONE'
c3 = '//OurHost_ntq/c_drive'
PROCESSOR_ARCHITECTURE = 'x86'
!C: = 'C:\tmp'
cr = '/var/cron/tabs_edit'
SHLVL = '1'
lj = '/adm/log/lj'
PATHEXT = '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH'
s9 = '//OurHost_onw/tcm'
bw = '/adm/bin/win'
pa = '/adm/sa/packager/adm_tree/data'
RCSINIT = '-x,v/'
etc = 'C:\WINNT\system32\drivers\etc'
PROMPT = '$P$G'
COMSPEC = 'C:\WINNT\system32\cmd.exe'
BASH_PROFILE_MODE = 'interactive'
LOGNAME = 'adm_usr1'
bu = '/adm/backup'
LESS = '-X'
TMP = '/drv/c/DOCUME~1/adm_usr1/LOCALS~1/Temp'
SYSTEMROOT = 'C:\WINNT'
PROCESSOR_REVISION = '0404'
bs = '/adm/bin/sys/s'
CLASSPATH = '.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip'
bp = '/adm/config/bp'
LS = '/adm/config/etc/local.site'
INFOPATH = '/usr/local/info:/usr/share/info:/usr/info:'
WA_DEF_RT = 's:'
PROGRAMFILES = 'C:\Program Files'
s3 = '//OurHost_ntq/tcm'
dts = '/adm/db/sys'
sr = 'C:\WINNT'
NUMBER_OF_PROCESSORS = '1'
LCL_AUT_DRV = 'c:'
s32 = 'C:\WINNT\system32'
jc = '/adm/bin/xcm_/client'
_p = '/adm/config/etc/local.site/OurBizbcm/perms'
ccs = '/proc/registry/HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet'
COMPUTERNAME = 'myhost03'
SV = '/adm/config/svars_bash'
cf = '/adm/config'
_ = '/usr/bin/cygcheck'
HKEY_CURRENT_USER\Software\Cygnus Solutions
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\mounts v2
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\Program Options
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2
(default) = '/cygdrive'
cygdrive flags = 0x0000002a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/
(default) = 'c:\aut\cyg'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/adm
(default) = 'c:\adm'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/aut
(default) = 'c:\aut'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/drv/a
(default) = 'a:'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/drv/c
(default) = 'c:'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/drv/d
(default) = 'd:'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/drv/e
(default) = 'e:'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/srv
(default) = 'd:\srv'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/user
(default) = 'c:\user'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/usr/bin
(default) = 'c:\aut\cyg/bin'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/usr/lib
(default) = 'c:\aut\cyg/lib'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\Program Options
a: fd N/A N/A
c: hd NTFS 7629Mb 77% CP CS UN PA FC
d: hd NTFS 22888Mb 50% CP CS UN PA FC progs_and_data
e: cd N/A N/A
f: fd FAT 1936Mb 45% CP UN
c:\aut\cyg / system binmode
c:\adm /adm system binmode
c:\aut /aut system binmode
a: /drv/a system binmode
c: /drv/c system binmode
d: /drv/d system binmode
e: /drv/e system binmode
d:\srv /srv system binmode
c:\user /user system binmode
c:\aut\cyg/bin /usr/bin system binmode
c:\aut\cyg/lib /usr/lib system binmode
. /cygdrive system binmode,cygdrive
Found: c:\aut\cyg\bin\awk.exe
Found: c:\aut\cyg\bin\bash.exe
Found: c:\aut\cyg\bin\cat.exe
Found: c:\aut\cyg\bin\cp.exe
Not Found: cpp (good!)
Found: c:\aut\cyg\bin\crontab.exe
Found: c:\aut\cyg\bin\find.exe
Not Found: gcc
Not Found: gdb
Found: c:\aut\cyg\bin\grep.exe
Found: c:\aut\cyg\bin\kill.exe
Found: c:\aut\cyg\bin\ld.exe
Found: c:\aut\cyg\bin\ls.exe
Found: c:\aut\cyg\bin\make.exe
Found: c:\aut\cyg\bin\mv.exe
Found: c:\aut\cyg\bin\patch.exe
Found: c:\aut\cyg\bin\perl.exe
Found: c:\aut\cyg\bin\rm.exe
Found: c:\aut\cyg\bin\sed.exe
Found: c:\aut\cyg\bin\ssh.exe
Found: c:\aut\cyg\bin\sh.exe
Found: c:\aut\cyg\bin\tar.exe
Found: c:\aut\cyg\bin\test.exe
Not Found: vi
Found: c:\aut\cyg\bin\vim.exe
704k 2007/12/18 c:\aut\cyg\bin\cygaspell-15.dll - os=4.0 img=1.0 sys=4.0
"cygaspell-15.dll" v0.0 ts=2007/12/18 5:39
61k 2009/03/02 c:\aut\cyg\bin\cygbz2-1.dll - os=4.0 img=1.0 sys=4.0
"cygbz2-1.dll" v0.0 ts=2009/3/1 20:52
7k 2003/10/19 c:\aut\cyg\bin\cygcrypt-0.dll - os=4.0 img=1.0 sys=4.0
"cygcrypt-0.dll" v0.0 ts=2003/10/19 2:57
1125k 2006/10/04 c:\aut\cyg\bin\cygcrypto-0.9.7.dll - os=4.0 img=1.0 sys=4.0
"cygcrypto-0.9.7.dll" v0.0 ts=2006/10/4 7:12
1074k 2009/01/08 c:\aut\cyg\bin\cygcrypto-0.9.8.dll - os=4.0 img=1.0 sys=4.0
"cygcrypto-0.9.8.dll" v0.0 ts=2009/1/8 4:03
703k 2007/12/17 c:\aut\cyg\bin\cygdb-4.2.dll - os=4.0 img=1.0 sys=4.0
"cygdb-4.2.dll" v0.0 ts=2007/12/17 5:58
764k 2007/12/17 c:\aut\cyg\bin\cygdb-4.3.dll - os=4.0 img=1.0 sys=4.0
"cygdb-4.3.dll" v0.0 ts=2007/12/17 6:29
943k 2007/12/17 c:\aut\cyg\bin\cygdb-4.5.dll - os=4.0 img=1.0 sys=4.0
"cygdb-4.5.dll" v0.0 ts=2007/12/17 7:12
1036k 2007/12/17 c:\aut\cyg\bin\cygdb_cxx-4.2.dll - os=4.0 img=1.0 sys=4.0
"cygdb_cxx-4.2.dll" v0.0 ts=2007/12/17 5:58
1106k 2007/12/17 c:\aut\cyg\bin\cygdb_cxx-4.3.dll - os=4.0 img=1.0 sys=4.0
"cygdb_cxx-4.3.dll" v0.0 ts=2007/12/17 6:29
1296k 2007/12/17 c:\aut\cyg\bin\cygdb_cxx-4.5.dll - os=4.0 img=1.0 sys=4.0
"cygdb_cxx-4.5.dll" v0.0 ts=2007/12/17 7:12
118k 2007/04/06 c:\aut\cyg\bin\cygexpat-0.dll - os=4.0 img=1.0 sys=4.0
"cygexpat-0.dll" v0.0 ts=2007/4/6 15:43
118k 2008/05/09 c:\aut\cyg\bin\cygexpat-1.dll - os=4.0 img=1.0 sys=4.0
"cygexpat-1.dll" v0.0 ts=2008/5/8 23:03
161k 2008/06/01 c:\aut\cyg\bin\cygfontconfig-1.dll - os=4.0 img=1.0 sys=4.0
"cygfontconfig-1.dll" v0.0 ts=2008/6/1 17:16
19k 2008/10/26 c:\aut\cyg\bin\cygfontenc-1.dll - os=4.0 img=1.0 sys=4.0
"cygfontenc-1.dll" v0.0 ts=2008/10/26 16:25
40k 2009/03/01 c:\aut\cyg\bin\cygform-8.dll - os=4.0 img=1.0 sys=4.0
"cygform-8.dll" v0.0 ts=2009/2/28 20:40
41k 2009/03/05 c:\aut\cyg\bin\cygform-9.dll - os=4.0 img=1.0 sys=4.0
"cygform-9.dll" v0.0 ts=2009/3/5 0:02
45k 2001/04/25 c:\aut\cyg\bin\cygform5.dll - os=4.0 img=1.0 sys=4.0
"cygform5.dll" v0.0 ts=2001/4/25 0:28
35k 2002/01/09 c:\aut\cyg\bin\cygform6.dll - os=4.0 img=1.0 sys=4.0
"cygform6.dll" v0.0 ts=2002/1/9 0:03
48k 2003/08/09 c:\aut\cyg\bin\cygform7.dll - os=4.0 img=1.0 sys=4.0
"cygform7.dll" v0.0 ts=2003/8/9 4:25
430k 2009/01/28 c:\aut\cyg\bin\cygfreetype-6.dll - os=4.0 img=1.0 sys=4.0
"cygfreetype-6.dll" v0.0 ts=2009/1/27 23:48
42k 2009/03/12 c:\aut\cyg\bin\cyggcc_s-1.dll - os=4.0 img=1.0 sys=4.0
"cyggcc_s-1.dll" v0.0 ts=2009/3/6 5:54
28k 2003/07/20 c:\aut\cyg\bin\cyggdbm-3.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm-3.dll" v0.0 ts=2003/7/20 2:58
19k 2009/02/26 c:\aut\cyg\bin\cyggdbm-4.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm-4.dll" v0.0 ts=2009/2/26 1:55
19k 2003/03/22 c:\aut\cyg\bin\cyggdbm.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm.dll" v0.0 ts=2002/2/19 21:05
15k 2003/07/20 c:\aut\cyg\bin\cyggdbm_compat-3.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm_compat-3.dll" v0.0 ts=2003/7/20 3:00
8k 2009/02/26 c:\aut\cyg\bin\cyggdbm_compat-4.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm_compat-4.dll" v0.0 ts=2009/2/26 1:56
17k 2001/06/28 c:\aut\cyg\bin\cyghistory4.dll - os=4.0 img=1.0 sys=4.0
"cyghistory4.dll" v0.0 ts=2001/1/6 22:34
29k 2003/08/10 c:\aut\cyg\bin\cyghistory5.dll - os=4.0 img=1.0 sys=4.0
"cyghistory5.dll" v0.0 ts=2003/8/10 18:16
24k 2008/11/29 c:\aut\cyg\bin\cyghistory6.dll - os=4.0 img=1.0 sys=4.0
"cyghistory6.dll" v0.0 ts=2008/11/29 8:30
271k 2007/08/24 c:\aut\cyg\bin\cygicons-0.dll - os=4.0 img=1.0 sys=4.0
"cygicons-0.dll" v0.0 ts=2007/8/24 2:24
978k 2008/11/10 c:\aut\cyg\bin\cygiconv-2.dll - os=4.0 img=1.0 sys=4.0
"cygiconv-2.dll" v0.0 ts=2008/11/9 18:35
22k 2001/12/13 c:\aut\cyg\bin\cygintl-1.dll - os=4.0 img=1.0 sys=4.0
"cygintl-1.dll" v0.0 ts=2001/12/13 3:28
37k 2003/08/10 c:\aut\cyg\bin\cygintl-2.dll - os=4.0 img=1.0 sys=4.0
"cygintl-2.dll" v0.0 ts=2003/8/10 16:50
31k 2005/11/20 c:\aut\cyg\bin\cygintl-3.dll - os=4.0 img=1.0 sys=4.0
"cygintl-3.dll" v0.0 ts=2005/11/19 20:04
31k 2008/12/31 c:\aut\cyg\bin\cygintl-8.dll - os=4.0 img=1.0 sys=4.0
"cygintl-8.dll" v0.0 ts=2008/12/31 1:42
21k 2001/06/20 c:\aut\cyg\bin\cygintl.dll - os=4.0 img=1.0 sys=4.0
"cygintl.dll" v0.0 ts=2001/6/20 12:09
12k 2003/02/17 c:\aut\cyg\bin\cygioperm-0.dll - os=4.0 img=1.0 sys=4.0
"cygioperm-0.dll" v0.0 ts=2003/2/17 13:58
39k 2008/09/07 c:\aut\cyg\bin\cyglber-2-3-0.dll - os=4.0 img=1.0 sys=4.0
"cyglber-2-3-0.dll" v0.0 ts=2008/9/7 7:28
189k 2008/09/07 c:\aut\cyg\bin\cygldap-2-3-0.dll - os=4.0 img=1.0 sys=4.0
"cygldap-2-3-0.dll" v0.0 ts=2008/9/7 7:29
201k 2008/09/07 c:\aut\cyg\bin\cygldap_r-2-3-0.dll - os=4.0 img=1.0 sys=4.0
"cygldap_r-2-3-0.dll" v0.0 ts=2008/9/7 7:31
72k 2008/10/19 c:\aut\cyg\bin\cyglightcomp.dll - os=4.0 img=1.0 sys=4.0
"cyglightcomp.dll" v0.0 ts=2008/10/19 7:04
83k 2007/06/06 c:\aut\cyg\bin\cygmagic-1.dll - os=4.0 img=1.0 sys=4.0
"cygmagic-1.dll" v0.0 ts=2007/6/6 5:41
21k 2009/03/01 c:\aut\cyg\bin\cygmenu-8.dll - os=4.0 img=1.0 sys=4.0
"cygmenu-8.dll" v0.0 ts=2009/2/28 20:38
21k 2009/03/05 c:\aut\cyg\bin\cygmenu-9.dll - os=4.0 img=1.0 sys=4.0
"cygmenu-9.dll" v0.0 ts=2009/3/5 0:01
26k 2001/04/25 c:\aut\cyg\bin\cygmenu5.dll - os=4.0 img=1.0 sys=4.0
"cygmenu5.dll" v0.0 ts=2001/4/25 0:27
20k 2002/01/09 c:\aut\cyg\bin\cygmenu6.dll - os=4.0 img=1.0 sys=4.0
"cygmenu6.dll" v0.0 ts=2002/1/9 0:03
29k 2003/08/09 c:\aut\cyg\bin\cygmenu7.dll - os=4.0 img=1.0 sys=4.0
"cygmenu7.dll" v0.0 ts=2003/8/9 4:25
24k 2008/10/30 c:\aut\cyg\bin\cygminires.dll - os=4.0 img=1.2 sys=4.0
"cygminires.dll" v0.0 ts=2008/10/30 18:53
66k 2009/03/01 c:\aut\cyg\bin\cygncurses++-8.dll - os=4.0 img=1.0 sys=4.0
"cygncurses++-8.dll" v0.0 ts=2009/2/28 20:50
335k 2009/03/05 c:\aut\cyg\bin\cygncurses++-9.dll - os=4.0 img=1.0 sys=4.0
"cygncurses++-9.dll" v0.0 ts=2009/3/5 0:11
156k 2001/04/25 c:\aut\cyg\bin\cygncurses++5.dll - os=4.0 img=1.0 sys=4.0
"cygncurses++5.dll" v0.0 ts=2001/4/25 0:29
175k 2002/01/09 c:\aut\cyg\bin\cygncurses++6.dll - os=4.0 img=1.0 sys=4.0
"cygncurses++6.dll" v0.0 ts=2002/1/9 0:03
237k 2009/03/01 c:\aut\cyg\bin\cygncurses-8.dll - os=4.0 img=1.0 sys=4.0
"cygncurses-8.dll" v0.0 ts=2009/2/28 20:36
165k 2009/03/05 c:\aut\cyg\bin\cygncurses-9.dll - os=4.0 img=1.0 sys=4.0
"cygncurses-9.dll" v0.0 ts=2009/3/4 23:59
226k 2001/04/25 c:\aut\cyg\bin\cygncurses5.dll - os=4.0 img=1.0 sys=4.0
"cygncurses5.dll" v0.0 ts=2001/4/25 0:17
202k 2002/01/09 c:\aut\cyg\bin\cygncurses6.dll - os=4.0 img=1.0 sys=4.0
"cygncurses6.dll" v0.0 ts=2002/1/9 0:03
224k 2003/08/09 c:\aut\cyg\bin\cygncurses7.dll - os=4.0 img=1.0 sys=4.0
"cygncurses7.dll" v0.0 ts=2003/8/9 4:24
11k 2009/03/01 c:\aut\cyg\bin\cygpanel-8.dll - os=4.0 img=1.0 sys=4.0
"cygpanel-8.dll" v0.0 ts=2009/2/28 20:38
11k 2009/03/05 c:\aut\cyg\bin\cygpanel-9.dll - os=4.0 img=1.0 sys=4.0
"cygpanel-9.dll" v0.0 ts=2009/3/5 0:00
15k 2001/04/25 c:\aut\cyg\bin\cygpanel5.dll - os=4.0 img=1.0 sys=4.0
"cygpanel5.dll" v0.0 ts=2001/4/25 0:27
12k 2002/01/09 c:\aut\cyg\bin\cygpanel6.dll - os=4.0 img=1.0 sys=4.0
"cygpanel6.dll" v0.0 ts=2002/1/9 0:03
19k 2003/08/09 c:\aut\cyg\bin\cygpanel7.dll - os=4.0 img=1.0 sys=4.0
"cygpanel7.dll" v0.0 ts=2003/8/9 4:24
181k 2008/09/07 c:\aut\cyg\bin\cygpcre-0.dll - os=4.0 img=1.0 sys=4.0
"cygpcre-0.dll" v0.0 ts=2008/9/6 22:36
302k 2008/09/07 c:\aut\cyg\bin\cygpcrecpp-0.dll - os=4.0 img=1.0 sys=4.0
"cygpcrecpp-0.dll" v0.0 ts=2008/9/6 22:36
7k 2008/09/07 c:\aut\cyg\bin\cygpcreposix-0.dll - os=4.0 img=1.0 sys=4.0
"cygpcreposix-0.dll" v0.0 ts=2008/9/6 22:36
1543k 2008/07/03 c:\aut\cyg\bin\cygperl5_10.dll - os=4.0 img=1.0 sys=4.0
"cygperl5_10.dll" v0.0 ts=2008/6/30 11:06
22k 2002/06/09 c:\aut\cyg\bin\cygpopt-0.dll - os=4.0 img=1.0 sys=4.0
"cygpopt-0.dll" v0.0 ts=2002/6/9 0:45
4k 2007/12/18 c:\aut\cyg\bin\cygpspell-15.dll - os=4.0 img=1.0 sys=4.0
"cygpspell-15.dll" v0.0 ts=2007/12/18 5:40
108k 2001/06/28 c:\aut\cyg\bin\cygreadline4.dll - os=4.0 img=1.0 sys=4.0
"cygreadline4.dll" v0.0 ts=2001/1/6 22:34
148k 2003/08/10 c:\aut\cyg\bin\cygreadline5.dll - os=4.0 img=1.0 sys=4.0
"cygreadline5.dll" v0.0 ts=2003/8/10 18:16
155k 2008/11/29 c:\aut\cyg\bin\cygreadline6.dll - os=4.0 img=1.0 sys=4.0
"cygreadline6.dll" v0.0 ts=2008/11/29 8:30
78k 2004/10/13 c:\aut\cyg\bin\cygsasl2-2.dll - os=4.0 img=1.0 sys=4.0
"cygsasl2-2.dll" v0.0 ts=2004/10/13 17:50
231k 2006/10/04 c:\aut\cyg\bin\cygssl-0.9.7.dll - os=4.0 img=1.0 sys=4.0
"cygssl-0.9.7.dll" v0.0 ts=2006/10/4 7:12
232k 2009/01/08 c:\aut\cyg\bin\cygssl-0.9.8.dll - os=4.0 img=1.0 sys=4.0
"cygssl-0.9.8.dll" v0.0 ts=2009/1/8 4:03
66k 2009/03/05 c:\aut\cyg\bin\cygtic-9.dll - os=4.0 img=1.0 sys=4.0
"cygtic-9.dll" v0.0 ts=2009/3/4 23:55
22k 2008/02/24 c:\aut\cyg\bin\cygwrap-0.dll - os=4.0 img=1.0 sys=4.0
"cygwrap-0.dll" v0.0 ts=2008/2/23 1:03
65k 2009/03/02 c:\aut\cyg\bin\cygz.dll - os=4.0 img=1.0 sys=4.0
"cygz.dll" v0.0 ts=2009/3/1 19:19
1829k 2008/06/12 c:\aut\cyg\bin\cygwin1.dll - os=4.0 img=1.0 sys=4.0
"cygwin1.dll" v0.0 ts=2008/6/12 12:35
Cygwin DLL version info:
DLL version: 1.5.25
DLL epoch: 19
DLL bad signal mask: 19005
DLL old termios: 5
DLL malloc env: 28
API major: 0
API minor: 156
Shared data: 4
DLL identifier: cygwin1
Mount registry: 2
Cygnus registry name: Cygnus Solutions
Cygwin registry name: Cygwin
Program options name: Program Options
Cygwin mount registry name: mounts v2
Cygdrive flags: cygdrive flags
Cygdrive prefix: cygdrive prefix
Cygdrive default prefix:
staffuser2 date: Thu Jun 12 19:34:46 CEST 2008
CVS tag: cr-0x5f1
Shared id: cygwin1S4
Potential app conflicts:
ZoneAlarm Personal Firewall
Detected: HKLM Registry Key, Named file.
Service : cron
Display name : Cron daemon
Current State : Stopped
Command : /usr/sbin/cron -n
stdin path : /dev/null
stdout path : /var/log/cron.log
stderr path : /var/log/cron.log
Environment : CYGWIN="binmode tty ntsec smbntsec"
Process Type : Own Process
Startup : Automatic
Account : LocalSystem
Service : lighttpd
Current State : Stopped
Command : /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf.default
stdin path : /dev/null
stdout path : /var/log/lighttpd.log
stderr path : /var/log/lighttpd.log
Environment : PATH="/usr/bin:/bin:/drv/c/WINNT/system32:/drv/c/WINNT:/drv/c/WINNT/system32/W
bem"
Process Type : Own Process
Startup : Manual
Account : .\adm_usr1
Service : rc_startup
Current State : Stopped
Command : /usr/bin/bash -c /adm/config/rc/rc_startup
stdin path : /dev/null
stdout path : /var/log/rc_startup.log
stderr path : /var/log/rc_startup.log
Environment : PATH_ADM="c:" PATH="/home/adm_usr1/bin:/home/adm_usr1/bin:/usr/bin:/aut/m:/aut/u
lb:/adm/bin/sys:/adm/bin/app:/contrib/bin:/aut/perl5/bin/:/aut/perl5/bin/:/drv/c/WINNT/system32:/drv
/c/WINNT:/drv/c/WINNT/System32/Wbem:/drv/d/opt/Common Files/GTK/2.0/bin:/drv/c/opt/ntreskit:/drv/c/P
rogram Files/Visual Networks/Dial Analysis/:."
Process Type : Own Process
Startup : Automatic
Account : .\adm_usr1
Service : sshd
Display name : CYGWIN sshd
Current State : Stopped
Command : /usr/sbin/sshd -D
stdin path : /dev/null
stdout path : /var/log/sshd.log
stderr path : /var/log/sshd.log
Environment : CYGWIN="ntsec"
Process Type : Own Process
Startup : Automatic
Dependencies : tcpip
Account : LocalSystem
Cygwin Package Information
Last downloaded files to: C:\birth\cyg
Last downloaded files from: http://sourceware.mirrors.tds.net/pub/sourceware.org/cygwin/
Package Version
_update-info-dir 00812-1
alternatives 1.3.30c-2
antiword 0.37-1
ash 20040127-4
aspell 0.60.5-1
aspell-en 6.0.0-1
base-files 3.7-1
base-passwd 2.2-1
bash 3.2.48-21
bc 1.06-2
binutils 20080624-2
bzip2 1.0.5-3
coreutils 6.10-2
cpio 2.9-1
cron 4.1-7
crypt 1.1-1
csih 0.1.8-1
cygrunsrv 1.34-1
cygutils 1.3.2-1
cygwin 1.5.25-15
cygwin-doc 1.4-4
dejagnu 20021217-2
diffutils 2.8.7-1
e2fsprogs 1.35-3
ed 1.0-1
editrights 1.01-2
expat 2.0.1-1
expect 20030128-1
file 4.21-1
findutils 4.4.0-3
font-bitstream-vera-ttf 1.10-1
fontconfig 2.6.0-1
gawk 3.1.6-1
gcc 3.4.4-999
gcc-core 3.4.4-999
gcc-g++ 3.4.4-999
gcc-mingw-core 20050522-1
gcc-mingw-g++ 20050522-1
gcc-testsuite 3.4.4-999
gdbm 1.8.3-9
grep 2.5.3-1
groff 1.19.2-2
gzip 1.3.12-2
hexedit 1.2.12-1
inetutils 1.5-4
ioperm 0.4-1
keychain 2.6.8-1
less 382-1
libaspell15 0.60.5-1
libbz2_1 1.0.5-3
libdb4.2 4.2.52.5-2
libdb4.3 4.3.29.1-1
libdb4.5 4.5.20.2-2
libexpat0 1.95.8-2
libexpat1 2.0.1-1
libexpat1-devel 2.0.1-1
libfontconfig1 2.6.0-1
libfontenc1 1.0.4-2
libfreetype26 2.3.8-1
libfreetype6 2.3.8-1
libgc 6.4-1
libgcc1 4.3.2-2
libgdbm 1.8.0-5
libgdbm-devel 1.8.3-9
libgdbm3 1.8.3-3
libgdbm4 1.8.3-9
libiconv2 1.12-1
libintl 0.10.38-3
libintl1 0.10.40-1
libintl2 0.12.1-3
libintl3 0.14.5-1
libintl8 0.17-3
libncurses-devel 5.7-4
libncurses5 5.2-1
libncurses6 5.2-8
libncurses7 5.3-4
libncurses8 5.5-4
libncurses9 5.7-4
libopenldap2_3_0 2.3.43-1
libpcre0 7.8-1
libpopt0 1.6.4-4
libreadline4 4.1-2
libreadline5 4.3-5
libreadline6 5.2.13-11
libsasl2 2.1.19-3
libwrap0 7.6-4
lighttpd 1.4.20-1
links 1.00pre20-1
login 1.9-8
lynx 2.8.5-4
m4 1.4.10b-2
make 3.81-2
man 1.6e-1
mingw-runtime 3.15.2-1
minires 1.02-1
mkfontdir 1.0.4-1
mkfontscale 1.0.5-1
mktemp 1.999-9
mt 2.3.2-1
ncurses 5.7-4
netcat 1.10-2
nfs-server 2.3-5
openldap 2.3.43-1
openssh 5.1p1-10
openssl 0.9.8j-1
openssl097 0.9.7l-1
par 1.52-1
patch 2.5.8-9
patchutils 0.3.0-1
perl 5.10.0-5
perl-libwin32 0.28-2
perl_manpages 5.10.0-5
ping 1.0-1
procps 3.2.7-1
psmisc 21.5-3
python 2.5.2-1
rcs 5.7-4
readline 5.2.13-11
rebase 2.4.4-1
rsync 3.0.4-1
run 1.1.10-1
rxvt 20050409-9
screen 4.0.3-1
sed 4.1.5-2
sharutils 4.7-1
shutdown 1.7-1
smartmontools 5.38-1
ssmtp 2.62-1
stow 1.3.3-1
sunrpc 4.0-3
tar 1.21-1
tcltk 20080420-1
termcap 20050421-1
terminfo 5.7_20090228-1
terminfo0 5.5_20061104-2
texinfo 4.8a-1
time 1.7-2
tnef 1.4.3-1
tzcode 2008h-1
units 1.77-1
unzip 5.52-3
util-linux 2.14.1-1
vim 7.2-3
w32api 3.13-1
w3m 0.5.1-2
wget 1.11.4-3
which 2.20-1
whois 4.7.24-1
wtf 0.0.4-6
zip 3.0-2
zlib 1.2.3-3
zlib-devel 1.2.3-3
zlib0 1.2.3-3
Use -h to see help about each section
-------------- next part --------------
This snip from cygcheck.out:
Potential app conflicts:
ZoneAlarm Personal Firewall
Detected: HKLM Registry Key, Named file.
is interesting/important!?; but I have searched the entire
registry for 'ZoneAlarm', using regedit and have found nothing;
also checked add/remove programs. What does it mean?
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: strace.out,b4-sshd-kill" charset="us-ascii
URL: <http://cygwin.com/pipermail/cygwin/attachments/20090319/c20ce227/attachment.ksh>
-------------- next part --------------
1288 1288 [unknown (0x90C)] sshd 1476 _cygtls::remove: wait 0x0
409 1697 [unknown (0x90C)] sshd 1476 _cygtls::remove: removed 0x1917CE64 element 1
705 2402 [sig] sshd 1476 **********************************************
470 2872 [sig] sshd 1476 Program name: c:\aut\cyg\usr\sbin\sshd.exe (pid 1476, ppid 2312)
127 2999 [sig] sshd 1476 App version: 1005.25, api: 0.156
90 3089 [sig] sshd 1476 DLL version: 1005.25, api: 0.156
91 3180 [sig] sshd 1476 DLL build: 2008-06-12 19:34
101 3281 [sig] sshd 1476 OS version: Windows NT-5.0
84 3365 [sig] sshd 1476 Heap size: 402653184
84 3449 [sig] sshd 1476 **********************************************
10459601 10463050 [select_socket] sshd 1476 thread_socket: Win32 select returned 1
584 10463634 [select_socket] sshd 1476 thread_socket: s 0x663310, testing fd 3 ()
116 10463750 [select_socket] sshd 1476 thread_socket: read_ready
36154 10499904 [main] sshd 1476 select_stuff::wait: woke up. wait_ret 1. verifying
257 10500161 [main] sshd 1476 select_stuff::wait: gotone 1
69 10500230 [main] sshd 1476 select_stuff::wait: returning 0
67 10500297 [main] sshd 1476 select_stuff::cleanup: calling cleanup routines
66 10500363 [main] sshd 1476 socket_cleanup: si 0x663C30 si->thread 0x61106F30
153 10500516 [main] sshd 1476 socket_cleanup: sent a byte to exitsock 0x268, res -1
126 10500642 [main] sshd 1476 socket_cleanup: reading a byte from exitsock 0x268
167224414 177725056 [sig] sshd 1476 talktome: pid 1724 wants some information
263 177725319 [sig] sshd 1476 open_shared: name Global\cygwin1S4.cygpid.1724, n 1724, shared 0x19140000 (wanted 0x0), h 0x18C
313 177725632 [commune_process] sshd 1476 commune_process: processing PICOM_CMDLINE
2029 177727661 [commune_process] sshd 1476 commune_process: synchronized with pid 1724
538735 178266396 [sig] sshd 1476 talktome: pid 1724 wants some information
375 178266771 [sig] sshd 1476 open_shared: name Global\cygwin1S4.cygpid.1724, n 1724, shared 0x19140000 (wanted 0x0), h 0x18C
91609 178358380 [commune_process] sshd 1476 commune_process: processing PICOM_FD
520 178358900 [commune_process] sshd 1476 commune_process: synchronized with pid 1724
30652 178389552 [sig] sshd 1476 talktome: pid 1724 wants some information
295 178389847 [sig] sshd 1476 open_shared: name Global\cygwin1S4.cygpid.1724, n 1724, shared 0x19140000 (wanted 0x0), h 0x190
62241 178452088 [commune_process] sshd 1476 commune_process: processing PICOM_FD
1312 178453400 [commune_process] sshd 1476 commune_process: synchronized with pid 1724
30056 178483456 [sig] sshd 1476 talktome: pid 1724 wants some information
277 178483733 [sig] sshd 1476 open_shared: name Global\cygwin1S4.cygpid.1724, n 1724, shared 0x19140000 (wanted 0x0), h 0x190
62677 178546410 [commune_process] sshd 1476 commune_process: processing PICOM_FD
211 178546621 [commune_process] sshd 1476 __set_errno: cygheap_fdget::cygheap_fdget(int, bool, bool):394 val 9
1362 178547983 [commune_process] sshd 1476 commune_process: synchronized with pid 1724
62669185 241217168 [sig] sshd 1476 sigpacket::process: signal 9 processing
270 241217438 [sig] sshd 1476 sigpacket::process: signal 9, about to call do_exit
80 241217518 [sig] sshd 1476 _cygtls::signal_exit: about to call do_exit (9)
64 241217582 [sig] sshd 1476 do_exit: do_exit (9), exit_state 1
73 241217655 [sig] sshd 1476 void: 0x401140 = signal (20, 0x1)
66 241217721 [sig] sshd 1476 void: 0x4010F0 = signal (1, 0x1)
61 241217782 [sig] sshd 1476 void: 0x0 = signal (2, 0x1)
59 241217841 [sig] sshd 1476 void: 0x401130 = signal (3, 0x1)
63 241217904 [sig] sshd 1476 fhandler_base::close: closing '/dev/null' handle 0x10C
80 241217984 [sig] sshd 1476 fhandler_base::close: closing '/var/log/sshd.log' handle 0x108
111 241218095 [sig] sshd 1476 fhandler_base::close: closing '/var/log/sshd.log' handle 0x3D4
316 241218411 [sig] sshd 1476 fhandler_socket::close: 0 = fhandler_socket::close()
2304 241220715 [sig] sshd 1476 sigproc_terminate: entering
378 241221093 [sig] sshd 1476 sig_send: my_sendsig 0x344, myself->sendsig 0x344, exit_state 12
136 241221229 [sig] sshd 1476 __set_errno: int sig_send(_pinfo*, siginfo_t&, _cygtls*):583 val 11
67 241221296 [sig] sshd 1476 sig_send: returning 0x1 from sending signal -42
63 241221359 [sig] sshd 1476 proc_terminate: nprocs 0
62 241221421 [sig] sshd 1476 proc_terminate: leaving
238 241221659 [sig] sshd 1476 __to_clock_t: dwHighDateTime 0, dwLowDateTime 312500
75 241221734 [sig] sshd 1476 __to_clock_t: total 00000000 0000001F
62 241221796 [sig] sshd 1476 __to_clock_t: dwHighDateTime 0, dwLowDateTime 468750
58 241221854 [sig] sshd 1476 __to_clock_t: total 00000000 0000002E
753 241222607 [sig] sshd 1476 pinfo::exit: Calling ExitProcess n 0x9, exitcode 0x9
-------------- next part --------------
I have re-installed the cygwin 'base', and 'net' "group
packages" using cygwin setup.exe, and then ran the rebaseall procedure
per the README. Since then I removed/reinstalled sshd using ssh-host-config.
The box has been scanned for viruses, I've checked the system and app
event logs, and the sshd.log. I ran 'gmer' to check for rootkits.
This box has had cygwin on it for years, working just fine; wish
I could suggest a change that may have triggered this - cygwin
was updated in the last month, but then the box is also getting
automatic updates from Microsoft also...
--
thanks/regards,
Tom
-------------- next part --------------
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list