ssh login no longer allowed by local accounts other than main administrator account after taking machine off domain

Yuki Ishibashi
Fri Aug 2 19:13:00 GMT 2013

Hi all,

Recently I've been tasked with taking a Win7 machine that was running
Cygwin and sshd off of my company's old Active Directory domain...

Before taking the machine off the domain I created local accounts that
were able to be ssh'd into (our other servers were able to SSH into
the Win7 machine using ssh keys and the newly created local accounts),
but once I took the machine off the domain only the newly created
'OpsAdmin' local administrator account is allowed to SSH in
successfully .

For the rest of the local accounts connection is accepted, and
password security is accepted, Authentication succeeded, ssh sends
'Last login', then says:
/bin/bash: Operation not permitted
and closes the connection .

I highly suspect a permissions problem, but I don't know how to
resolve this problem!

I've tried to re-run ssh-host-config and said 'yes' to all of the
options (yes to priviledge separation), it mentions the sshd service
is already installed, and completely successfully. "net start sshd"
then works correctly, with the behavior I described above.

In the Windows Services side, CYGWIN sshd service seems to only start
correctly if I login as the main local administrator account.

many of the files in the C:\cygwin\ folder on the Windows Explorer
side of things have Everyone Read & execute permissions (plus main
administrator account)  full permissions, and the 'None' group able to
read and execute, Administrators group able to Read write & execute.
On the / Cygwin console-side, I see a lot of ownership by the previous
admin username and Domain Users group, some files with
'Administrators' owner, 'Domain Users' Group, and a few others with
the local administrator owner, 'Administrators' group.

I'm at wit's end... what do you recommend I do? Would you happen to
know the recommended owner/group for the various files in / in the
Cygwin console? Also all of the new users (and the local
administrator) are in the 'None' (513) group when I run mkpasswd -l .
I had added their accounts to /etc/passwd using a command like
"mkpasswd -l | grep USERNAME >> /etc/passwd" (something similar with
the group), and that was all working pre-domain-removal.

Any advise or points I will take... should I back up all files and
completely blow away the installation? Other options?

Attached, per forum request, is the output of cygcheck -s -v -r .
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cygcheck_output
Type: application/octet-stream
Size: 72315 bytes
Desc: not available
URL: <>
-------------- next part --------------
Problem reports:
Unsubscribe info:

More information about the Cygwin mailing list