This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: Potential bug in sshd


Not sure about the error. Dave is cross-referencing
http://cygwin.com/ml/cygwin/2006-09/msg00194.html which doesn't show a
resolution.  What service account do you have sshd running under?  Are you
sure there are no permission issues with this account? 

I'd recommend only allowing ssh connections from known IP's at the firewall
level.  We see a lot of hack attempts from worms and malicious folks from
other countries trying to get into the ssh port.  Dave's right, passwords
will protect you but we just lock down the inbound IP's so we don't have to
worry about the hacking attempts.

The error is beyond my knowledge...sorry.

-----Original Message-----
From: Michael Sowka [mailto:msowka@gmail.com] 
Sent: Tuesday, September 12, 2006 8:42 AM
To: Rob Bosch
Subject: Re: Potential bug in sshd

Thanks Rob,

Ah yes, this explains the "zombie" processes as I cannot make actual
client connections.

Something is very bizarre with my cygwin setup here. I've noticed
other symptoms too: on reinstalling cygwin the info-update and cygwing
post-install scripts hang. In fact, after the cygwin install
supposedly finished, on logging out windows complained that 'cygwin
post-install scripts' were still up and it couldn't kill them.

So it seems that on attempting to connect the sshd thread hangs too
"unexpectedly closing the connection" or sometimes just hanging the
client.

To answer your question Rob, no I have not experienced any other
network problems, or unusually high traffic (this is my desktop
machine). Plus, I'm trying to do this from/to localhost.

! One thing I did notice as I was looking for logs to send in to the
list is that the System Events log is that recently I've had a barrage
of attempted break-ins via ssh (failed logins as root, admin, etc.). I
trust that OpenSSH is pretty solid, have experienced this before, and
don't make too much of it... but could this have melted my system?!

Finding useful info was easy enough (/var/log/ssh), here is an
excerpt. Speculation: this does seem to support the symptoms I'm
having (dropped connections from "worker" threads, no response, etc.).
I don't "read" Win32 logs but I have a hunch someone can ID this
problem on the spot.

   4864 [main] sshd 8156 C:\cygwin\usr\sbin\sshd.exe: *** fatal error
- C:\cygwin\usr\sbin\sshd.exe: *** recreate_mmaps_after_fork_failed
      2 [main] sshd 8144 child_info::sync: wait failed, pid 8156, Win32
error 0
     59 [main] sshd 4368 child_copy: linked dll data write copy
failed, 0x3EC000..0x3EC040, done 0, windows pid 2276036, Win32 error
487
3757715 [main] sshd 4368 child_copy: linked dll data write copy
failed, 0x3EC000..0x3EC040, done 0, windows pid 2276036, Win32 error
487
24253452 [main] sshd 4368 child_copy: linked dll data write copy
failed, 0x3EC000..0x3EC040, done 0, windows pid 2276036, Win32 error
487


HAS MY SYSTEM BEEN COMPROMISED?!

Mike

On 9/12/06, Rob Bosch <robbosch@msn.com> wrote:
> Sshd will spawn processes that deal with individual connections so even
> though you stop the service there may still be sshd processes running.
The
> way to tell if your sshd daemon is stopped is to run a netstat -a | find
> "ssh" | find "LISTEN".  This will only find sshd processes that are
> listening for new connections and not the ones that are established to
deal
> with existing ssh connections.
>
> I've experienced connection problems from time to time with sshd on
cygwin.
> Almost always this is either due to high load on the receiving server and
it
> just can't handle it, or a problem with the network connection.
>
> Are your connections all on the LAN or WAN?
>
>
>
>


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]