This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: ssh service staring problem "bad owner /var/empty" but not fixed



> -----Original Message-----
> From: Elfyn [mailto:emcb_exposure@hotmail.com]
> Sent: Wednesday, October 09, 2002 12:02 PM
> To: cygml
> Subject: Re: ssh service staring problem "bad owner 
> /var/empty" but not
> fixed
> 
> 
> Hi,
> 
> I had that when i first installed it... i take it the 
> permissions on files
> like /etc/sshd* /etc/ssh_host* are exclusive to the SYSTEM 
> account (if your
> running a shared-style server) and the service is running as 
> SYSTEM. 

Let's see...:
$ ls -l /etc/ssh*
-rw-r--r--    1 Administ None         1049 Sep  5 15:59 /etc/ssh_config
-rw-r--r--    1 Administ None          668 Sep  5 15:19 /etc/ssh_host_dsa_key
-rw-r--r--    1 Administ None          614 Sep  5 15:19 /etc/ssh_host_dsa_key.pub
-rw-r--r--    1 Administ None          539 Sep  5 15:19 /etc/ssh_host_key
-rw-r--r--    1 Administ None          343 Sep  5 15:19 /etc/ssh_host_key.pub
-rw-r--r--    1 Administ None          883 Sep  5 15:19 /etc/ssh_host_rsa_key
-rw-r--r--    1 Administ None          234 Sep  5 15:19 /etc/ssh_host_rsa_key.pub
-rw-r--r--    1 Administ None         2041 Sep  5 15:59 /etc/sshd_config

Is "Administrator" here perfectly synonymous with "SYSTEM"? 
Also, I'm not sure what you mean by "shared style server", how to verify if that is my case, or how this would affect things.

The service in MMC shows it logs on as "Local System Account", "interact with desktop" NOT checked. Should this instead be running as sshd user or Administrator?

I personally prefer to get things running "the right way" and not blow holes through local security. That said, this is a test lab system and I'd go the "hack" way to Make It Work... if I knew what to do next.

>I got
> around that problem my making the system user the owner of 
> /var/empty with
> exclusive rwx permissions and group/other with none. if youre 
> not running
> the svc as SYSTEM just adjust the owner to your user.

I've already `chmod 700 /var/empty`. Not sure what you mean about ownership of the service. I'm not sure this was the correct thing to do, but I tried setting CYGWIN sshd to log on as Administrator, set the password, and now it returns "Error 1069: Logon failure" (the password IS correct). 
> 
> Have you had problems with ssh when logging in at all? 

I can't even get the service to START.

>my sshd has for some
> reason been denying access to anyone that trys to login to my 
> CYGWIN server
> with a permission/access denied message. nothing in sshd.log 
> but event-log
> shows a badpw error (very weird). i know the password is 
> correct bacause im
> using terminal services to login to the server right now...
> 
> hope the first bit helps, sorry to bore you with the latter :)

No problem. :-D  I've been reading everything I can on the subject. 

There might be enough demand for a Cygwin book; I'd buy one in a heartbeat. With problems like this you get the complexity UNIX is known for, with NT's lack of decent error reporting. When you're DONE, of course, you get powerful UNIX tools, with Win2K's good points (good points? A free PC in every box of MS Outlook)   :-)

I'm still stuck, if anyone else has ideas.

> 
> Elfyn
> 
> ----- Original Message -----
> From: "Scott Prive" <Scott.Prive@storigen.com>
> To: "Cygwin" <cygwin@cygwin.com>
> Sent: Wednesday, October 09, 2002 4:12 PM
> Subject: ssh service staring problem "bad owner /var/empty" 
> but not fixed
> 
> 
> Hello,
> 
> I understand the problem I am about to ask is not uncommon, 
> and I have made
> considerable effort to look for the answers in the archive...
> 
> On an up-to-date (today) Cygwin install, sshd refuses to start (the MS
> Management console gives a useless error). On other systems, I have
> installed Cygwin sshd and it worked fine (I have not done 
> this "recently"
> though and I understand there have been changes to ssd of sorts).
> 
> When I first attempted this install some weeks back, I 
> followed the guide at
> http://tech.erdelynet.com/cygwin-sshd.html
> 
> I didn't actually "run the permissions script" as the author 
> had just days
> before, pulled down the script. I'm not sure if the other 
> steps on this page
> complicate my problem, so I'll mention it.
> 
> The first thing I check is /var/log/sshd.log, and it's "bad 
> owner or mode
> for /var/empty". OK, it's some sort of NT permissions issue. 
> A Google search
> tells me /var/empty should be chmod 700 or 755 (it's 755).
> 
> grep /etc/passwd ssh shows ssh account is 1000:513, sshd 
> privsep, home of
> /var/empty and shell of /bin/false
> 
> I've also tried chowning the directory as SYSTEM:SYSTEM (or 18:18).
> 
> I did notice in the MMC Groups panel, there is no VISIBLE 
> group for "sshd",
> but there is a sshd user. My Google searches tell me there should be a
> group, so I attempt to add the group "sshd" and make "sshd" 
> user a member. I
> get the error: "while attempting to create the group sshd on computer
> QA2000TEST: The account already exists". I get this error if 
> I attempt to
> create the group "sshd" with or with-out the member "sshd".
> 
> I've Reinstalled openssh, and even selected Unininstall 
> followed by Install
> in case there was a difference. The version of openssh I have 
> is 3.4p1-5
> 
> I appreciate any help. I hope I have checked all of the 
> obvious "gotchas" so
> I don't waste anyone's time. Thanks.
> 
> -Scott
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 
> 

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]