Cygwin 2.763 32bit SSHD public key auth. failure on Windows Server 2016 R2 64bit

Aliaksei Hladkikh Aliaksei.Hladkikh@seavus.com
Mon Feb 5 08:01:00 GMT 2018 

Hello

Can't connect to Cygwin SSHD using public key set up, but same Cygwin configuration/OS/client
works with Cygwin 2.763 32bit on Windows Server 2008 R2 64bit.
See var/log/messages extracts.

Seems to be connected with SeTcbPrivilege problem because of 
"fatal: seteuid 1049698: Operation not permitted" log record, but ALL existing Local Policy privileges were granted
to dsm user under which Windows service runs or Administrators group where dsm is a member,
gpupdate executed and service restarted.

Going to try x64 Cygwin, but it's scary to change that Server 2016 R2.

Regards
------------------------------------------------------------
sshd_public_key_fail.log:

Feb  5 08:18:16 MPDiagnostics2 sshd: PID 6104: debug1: userauth-request for user dsm service ssh-connection method none [preauth]
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 6104: debug1: attempt 0 failures 0 [preauth]
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 6104: debug1: userauth-request for user dsm service ssh-connection method publickey [preauth]
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 6104: debug1: attempt 1 failures 0 [preauth]
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 6104: debug1: userauth_pubkey: test whether pkalg/pkblob are acceptable for RSA SHA256:WwiWbTcBCmRCXPeuoN9D792twtGPp0xK0GfUCgqUS1Q [preauth]
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 6104: debug1: temporarily_use_uid: 1049698/1049089 (e=197609/197121)
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 5684: debug1: rekey after 4294967296 blocks [preauth]
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 5684: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 5684: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 6104: fatal: seteuid 1049698: Operation not permitted
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 6104: debug1: do_cleanup
Feb  5 08:18:16 MPDiagnostics2 sshd: PID 6104: debug1: Killing privsep child 5592
Feb  5 08:18:18 MPDiagnostics2 sshd: PID 5684: debug1: SSH2_MSG_NEWKEYS received [preauth]
Feb  5 08:18:18 MPDiagnostics2 sshd: PID 5684: debug1: rekey after 4294967296 blocks [preauth]
Feb  5 08:18:18 MPDiagnostics2 sshd: PID 5684: debug1: KEX done [preauth]

sshd_password_ok.log:

Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: userauth-request for user dsm service ssh-connection method password [preauth]
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: attempt 3 failures 2 [preauth]
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: Accepted password for dsm from 37.17.38.141 port 10330 ssh2
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: monitor_child_preauth: dsm has been authenticated by privileged process
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: monitor_read_log: child log fd closed
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: rekey after 4294967296 blocks
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: rekey after 4294967296 blocks
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: ssh_packet_set_postauth: called
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: Entering interactive session for SSH2.
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: server_init_dispatch
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: input_session_request
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: channel 0: new [server-session]
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: session_new: session 0
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: session_open: channel 0
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: session_open: session 0: link with channel 0
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: server_input_channel_open: confirm session
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: server_input_channel_req: channel 0 request pty-req reply 1
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: session_by_channel: session 0 channel 0
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: session_input_channel_req: session 0 req pty-req
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: Allocating pty.
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: session_pty_req: session 0 alloc /dev/pty1
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: server_input_channel_req: channel 0 request shell reply 1
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: session_by_channel: session 0 channel 0
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: debug1: session_input_channel_req: session 0 req shell
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 5684: Starting session: shell on pty1 for dsm from 37.17.38.141 port 10330 id 0
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 980: debug1: Setting controlling tty using TIOCSCTTY.
Feb  5 08:19:33 MPDiagnostics2 sshd: PID 980: debug1: permanently_set_uid: 1049698/1049089
Feb  5 08:19:34 MPDiagnostics2 sshd: PID 3692: debug1: fd 5 clearing O_NONBLOCK
Feb  5 08:19:34 MPDiagnostics2 sshd: PID 3692: debug1: Forked child 4728.
Feb  5 08:19:34 MPDiagnostics2 sshd: PID 4728: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Feb  5 08:19:34 MPDiagnostics2 sshd: PID 4728: rexec line 96: Deprecated option UsePrivilegeSeparation
Feb  5 08:19:34 MPDiagnostics2 sshd: PID 4728: debug1: inetd sockets after dupping: 3, 3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cygcheck.out
Type: application/octet-stream
Size: 18568 bytes
Desc: cygcheck.out
URL: <http://cygwin.com/pipermail/cygwin/attachments/20180205/0c74b076/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sshd_password_ok.log
Type: application/octet-stream
Size: 3198 bytes
Desc: sshd_password_ok.log
URL: <http://cygwin.com/pipermail/cygwin/attachments/20180205/0c74b076/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sshd_public_key_fail.log
Type: application/octet-stream
Size: 1519 bytes
Desc: sshd_public_key_fail.log
URL: <http://cygwin.com/pipermail/cygwin/attachments/20180205/0c74b076/attachment-0002.obj>
-------------- next part --------------

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list