This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: "Illegal User" when logging into sshd
- To: Corinna Vinschen <cygwin at cygwin dot com>
- Subject: Re: "Illegal User" when logging into sshd
- From: Prentis Brooks <prentis at aol dot net>
- Date: Tue, 31 Jul 2001 10:53:15 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 31 Jul 2001, Corinna Vinschen wrote:
> On Tue, Jul 31, 2001 at 09:58:44AM -0400, Prentis Brooks wrote:
> > Here is the scenario:
> >
> > Running sshd out of cygrunsrv as system. sshd operating fine, performing
> > both password and rsa authentication for any domain admin account that I add
> > to /etc/passwd. I need to allow rsa authentication for a single non-domain
> > admin account onto my member servers. The problem is that regardless of the
> > authentication method, sshd reports a failed attempt for "illegal user foo".
> >
> > I have tried foo@host, domain\\foo@host, and even tried adding the user to the
> > local Adminstrators group to see if I had a perm issue. The domain account
> > was added to /etc/passwd in the following manner:
> >
> > mkpasswd -d | grep foo >>/etc/passwd
> > and the home directory was created and chowned to that user, still no dice.
>
> Did you restart sshd after creating the entry in /etc/passwd?
>
> Under Cygwin processes get a copy of /etc/passwd and /etc/group
> in the process memory on the first access to these files for
> performance reasons. Later changes to these files aren't recognized
> by a running process.
>
> Corinna
Nope, and that was my problem... now my next problem is how to get a clean
restart of the process. cygrunsrv -E sshd ; cygrun -S sshd does not make
a clean restart when I change files. It either causes future connects to
hang or be refused until I log into the host via GUI and stop all instances
of sshd (including running task manager to kill the always present errant
sshd.exe processes). I then restart cygrunsrv -S sshd and it works fine.
I have even tried creating a second sshd server running on another port to
see if I could clean up, but it doesn't seem to help. Either that or I am
doing something wrong.
>
>
Prentis Brooks | prentis@aol.net | 703-265-0914 | AIM: PrentisB
System Administrator - Web Infrastructure & Security
A knight is sworn to valor. His heart knows only virtue. His blade
defends the helpless. His word speaks only truth. His wrath undoes the
wicked. - the old code of Bowen, last of the dragonslayers
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (SunOS)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjtmxl8ACgkQT6P3Tdl1kzbcVgCgnf8prdXH7xdrn03HBmqRk3Mv
29cAoM8mvpqb/Kl978r+VUbxTMt7/06P
=+0RS
-----END PGP SIGNATURE-----
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/