This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ssh service staring problem "bad owner /var/empty" but not fixed


I am not sure if I understand all the details of your setup but here are some comments. Unless you typed an user name and password in the sshd service setup box you are running sshd as SYSTEM. SYSTEM is totally different from Administrator, the 2 accounts different sids, different privileges, network access capabilities. You need to have /etc/ssh*, /var/empty and /var/log/sshd.log belong to SYSTEM (chown SYSTEM ...)

I hope this helps.

Marius

----- Original Message ----- 
From: "Scott Prive" <Scott.Prive@storigen.com>
To: "Elfyn" <emcb_exposure@hotmail.com>; "cygml" <cygwin@cygwin.com>
Sent: Wednesday, October 09, 2002 11:03 AM
Subject: RE: ssh service staring problem "bad owner /var/empty" but not fixed


Looks like our problems are somewhat related. I wonder if anyone else has ideas...


> -----Original Message-----
> From: Elfyn [mailto:emcb_exposure@hotmail.com]
> Sent: Wednesday, October 09, 2002 1:44 PM
> To: cygml; Scott Prive
> Subject: Re: ssh service staring problem "bad owner 
> /var/empty" but not
> fixed
> 
> 
> Hey,
> 
> What i meant by shared-server is that more than one person 
> (other than you)
> would be accessing the server. So if it is a shared 
> environment you might
> want to tighten security.
> 
> In general you should run things like crond,sshd etc. as the 
> SYSTEM user as
> Administrator doesnt have the required run as service tokens 
> and others
> needed for a run-as-user service unless youve added them in 
> [domain|local]
> security policy(s) thingys in Administrative tools.
> 
> I dont know whats going on. I just had to stop sshd so i 
> could so i could
> get rid of an ssh process that wouldnt go away, went away 
> when the service
> stopped but now i cant restart it. I get these errors in the 
> eventlog...
> 
> Event Type: Error
> Event Source: sshd
> Event Category: None
> Event ID: 0
> Date:  09/10/2002
> Time:  17:57:14
> User:  NT AUTHORITY\SYSTEM
> Computer: W3
> Description:
> The description for Event ID ( 0 ) in Source ( sshd ) cannot 
> be found. The
> local computer may not have the necessary registry 
> information or message
> DLL files to display messages from a remote computer. The following
> information is part of the event: sshd : Win32 Process Id = 
> 0xCA8 : Cygwin
> Process Id = 0xCA8 : starting service `sshd' failed: execv: 
> 1, Operation not
> permitted.

YES! I get exactly this message in Event Viewer, except execv=255 error=255

> 
> Event Type: Error
> Event Source: sshd
> Event Category: None
> Event ID: 0
> Date:  09/10/2002
> Time:  17:57:13
> User:  NT AUTHORITY\SYSTEM
> Computer: W3
> Description:
> The description for Event ID ( 0 ) in Source ( sshd ) cannot 
> be found. The
> local computer may not have the necessary registry 
> information or message
> DLL files to display messages from a remote computer. The following
> information is part of the event: sshd : Win32 Process Id = 
> 0x950 : Cygwin
> Process Id = 0x950 : starting service `l' failed: 
> redirect_fd: open (1,
> /var/log/sshd.log): 22, Invalid argument.
> 
I don't get this one exactly. The second error I get is line-for-line identical with the first event, minus the bit about "execv=255" (not a different error number... just not there at all).

> are you getting anything similar?
> 
> Elfyn
> 
> 
> ----- Original Message -----
> From: "Scott Prive" <Scott.Prive@storigen.com>
> To: "Elfyn" <emcb_exposure@hotmail.com>; "cygml" <cygwin@cygwin.com>
> Sent: Wednesday, October 09, 2002 6:23 PM
> Subject: RE: ssh service staring problem "bad owner 
> /var/empty" but not
> fixed
> 
> 
> 
> 
> > -----Original Message-----
> > From: Elfyn [mailto:emcb_exposure@hotmail.com]
> > Sent: Wednesday, October 09, 2002 12:02 PM
> > To: cygml
> > Subject: Re: ssh service staring problem "bad owner
> > /var/empty" but not
> > fixed
> >
> >
> > Hi,
> >
> > I had that when i first installed it... i take it the
> > permissions on files
> > like /etc/sshd* /etc/ssh_host* are exclusive to the SYSTEM
> > account (if your
> > running a shared-style server) and the service is running as
> > SYSTEM.
> 
> Let's see...:
> $ ls -l /etc/ssh*
> -rw-r--r--    1 Administ None         1049 Sep  5 15:59 
> /etc/ssh_config
> -rw-r--r--    1 Administ None          668 Sep  5 15:19
> /etc/ssh_host_dsa_key
> -rw-r--r--    1 Administ None          614 Sep  5 15:19
> /etc/ssh_host_dsa_key.pub
> -rw-r--r--    1 Administ None          539 Sep  5 15:19 
> /etc/ssh_host_key
> -rw-r--r--    1 Administ None          343 Sep  5 15:19
> /etc/ssh_host_key.pub
> -rw-r--r--    1 Administ None          883 Sep  5 15:19
> /etc/ssh_host_rsa_key
> -rw-r--r--    1 Administ None          234 Sep  5 15:19
> /etc/ssh_host_rsa_key.pub
> -rw-r--r--    1 Administ None         2041 Sep  5 15:59 
> /etc/sshd_config
> 
> Is "Administrator" here perfectly synonymous with "SYSTEM"?
> Also, I'm not sure what you mean by "shared style server", 
> how to verify if
> that is my case, or how this would affect things.
> 
> The service in MMC shows it logs on as "Local System 
> Account", "interact
> with desktop" NOT checked. Should this instead be running as 
> sshd user or
> Administrator?
> 
> I personally prefer to get things running "the right way" and 
> not blow holes
> through local security. That said, this is a test lab system 
> and I'd go the
> "hack" way to Make It Work... if I knew what to do next.
> 
> >I got
> > around that problem my making the system user the owner of
> > /var/empty with
> > exclusive rwx permissions and group/other with none. if youre
> > not running
> > the svc as SYSTEM just adjust the owner to your user.
> 
> I've already `chmod 700 /var/empty`. Not sure what you mean 
> about ownership
> of the service. I'm not sure this was the correct thing to 
> do, but I tried
> setting CYGWIN sshd to log on as Administrator, set the 
> password, and now it
> returns "Error 1069: Logon failure" (the password IS correct).
> >
> > Have you had problems with ssh when logging in at all?
> 
> I can't even get the service to START.
> 
> >my sshd has for some
> > reason been denying access to anyone that trys to login to my
> > CYGWIN server
> > with a permission/access denied message. nothing in sshd.log
> > but event-log
> > shows a badpw error (very weird). i know the password is
> > correct bacause im
> > using terminal services to login to the server right now...
> >
> > hope the first bit helps, sorry to bore you with the latter :)
> 
> No problem. :-D  I've been reading everything I can on the subject.
> 
> There might be enough demand for a Cygwin book; I'd buy one 
> in a heartbeat.
> With problems like this you get the complexity UNIX is known 
> for, with NT's
> lack of decent error reporting. When you're DONE, of course, you get
> powerful UNIX tools, with Win2K's good points (good points? A 
> free PC in
> every box of MS Outlook)   :-)
> 
> I'm still stuck, if anyone else has ideas.
> 
> >
> > Elfyn
> >
> > ----- Original Message -----
> > From: "Scott Prive" <Scott.Prive@storigen.com>
> > To: "Cygwin" <cygwin@cygwin.com>
> > Sent: Wednesday, October 09, 2002 4:12 PM
> > Subject: ssh service staring problem "bad owner /var/empty"
> > but not fixed
> >
> >
> > Hello,
> >
> > I understand the problem I am about to ask is not uncommon,
> > and I have made
> > considerable effort to look for the answers in the archive...
> >
> > On an up-to-date (today) Cygwin install, sshd refuses to 
> start (the MS
> > Management console gives a useless error). On other systems, I have
> > installed Cygwin sshd and it worked fine (I have not done
> > this "recently"
> > though and I understand there have been changes to ssd of sorts).
> >
> > When I first attempted this install some weeks back, I
> > followed the guide at
> > http://tech.erdelynet.com/cygwin-sshd.html
> >
> > I didn't actually "run the permissions script" as the author
> > had just days
> > before, pulled down the script. I'm not sure if the other
> > steps on this page
> > complicate my problem, so I'll mention it.
> >
> > The first thing I check is /var/log/sshd.log, and it's "bad
> > owner or mode
> > for /var/empty". OK, it's some sort of NT permissions issue.
> > A Google search
> > tells me /var/empty should be chmod 700 or 755 (it's 755).
> >
> > grep /etc/passwd ssh shows ssh account is 1000:513, sshd
> > privsep, home of
> > /var/empty and shell of /bin/false
> >
> > I've also tried chowning the directory as SYSTEM:SYSTEM (or 18:18).
> >
> > I did notice in the MMC Groups panel, there is no VISIBLE
> > group for "sshd",
> > but there is a sshd user. My Google searches tell me there 
> should be a
> > group, so I attempt to add the group "sshd" and make "sshd"
> > user a member. I
> > get the error: "while attempting to create the group sshd 
> on computer
> > QA2000TEST: The account already exists". I get this error if
> > I attempt to
> > create the group "sshd" with or with-out the member "sshd".
> >
> > I've Reinstalled openssh, and even selected Unininstall
> > followed by Install
> > in case there was a difference. The version of openssh I have
> > is 3.4p1-5
> >
> > I appreciate any help. I hope I have checked all of the
> > obvious "gotchas" so
> > I don't waste anyone's time. Thanks.
> >
> > -Scott
> >
> > --
> > Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> > Bug reporting:         http://cygwin.com/bugs.html
> > Documentation:         http://cygwin.com/docs.html
> > FAQ:                   http://cygwin.com/faq/
> >
> > --
> > Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> > Bug reporting:         http://cygwin.com/bugs.html
> > Documentation:         http://cygwin.com/docs.html
> > FAQ:                   http://cygwin.com/faq/
> >
> >
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]