This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Problem with SSHD


Just a quick question, is CYGWIN sent globally in your environment.  I
have seen this problem when CYGWIN is not in SYSTEM's environment with
ntsec enabled.  Probably not your problem, but at least something to
verify.


On Mon, 13 May 2002, Zeus [ISO-8859-1] Gómez Marmolejo wrote:

> Hi all,
> 
> I've searched all the historical messages of the list but I haven't find 
> any solution to my problem. Any help would be appreciated. I've 
> installed cygwin sshd in a W2k server box but I can't manage to start 
> it. When I run it as a service, I get the following error:
> 
> $ cygrunsrv -S sshd
> cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error 1062:
> The service has not been started.
> 
> Viewing the logs, there's a couple of errors:
> $ cat /var/log/sshd.log
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for '/etc/ssh_host_key' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for '/etc/ssh_host_rsa_key' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_rsa_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for '/etc/ssh_host_dsa_key' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /etc/ssh_host_dsa_key
> Could not load host key: /etc/ssh_host_dsa_key
> Disabling protocol version 1. Could not load host key
> Disabling protocol version 2. Could not load host key
> sshd: no hostkeys available -- exiting.
> 
> But, in this case when I do an ls of the /etc/ directory I get the 
> following:
> $ ls -las /etc
> total 139
>    4 drwxrwxrwx    5 Administ None         4096 May 12 10:22 .
>    4 drwxrwxrwx   10 Administ None         4096 May  9 12:44 ..
>    1 -rwxrwxrwx    1 Administ None          280 May  9 12:44 group
>   86 -rwxrwxrwx    1 Administ None        88039 Mar  7 16:50 moduli
>    1 -rwxrwxrwx    1 Administ None          966 May 12 10:09 passwd
>    4 drwxrwxrwx    2 Administ None         4096 May  9 12:44 postinstall
>    0 -rw-r--r--    1 Administ None            0 May 12 10:21 primes
>    1 -rwxrwxrwx    1 Administ None          386 May  9 12:44 profile
>    0 drwxrwxrwx    2 Administ None            0 May  9 12:42 profile.d
>   16 drwxrwxrwx    2 Administ None        16384 May  9 12:43 setup
>    1 -rw-rw-rw-    1 Administ Administ      955 May  9 12:45 ssh_config
>    1 -rw-------    1 SYSTEM   SYSTEM        668 May  9 12:45 
> ssh_host_dsa_key
>    1 -rw-r--r--    1 Administ Administ      612 May  9 12:45 
> ssh_host_dsa_key.pub
>    1 -rw-------    1 SYSTEM   SYSTEM        537 May  9 12:44 ssh_host_key
>    1 -rw-r--r--    1 Administ Administ      341 May  9 12:44 
> ssh_host_key.pub
>    1 -rw-------    1 SYSTEM   SYSTEM        887 May  9 12:45 
> ssh_host_rsa_key
>    1 -rw-r--r--    1 Administ Administ      232 May  9 12:45 
> ssh_host_rsa_key.pub
>    2 -rw-rw-rw-    1 Administ Administ     1562 May 12 10:22 sshd_config
>   13 -rwxrwxrwx    1 Administ None        12306 Apr  3 17:11 termcap
> 
> The ssh_host*_key files have 0600 permissions and the logs are 
> incorrect. I have tried to change the owner of these files to 
> Administrator and run the service in the command line (as Administrator):
> $ /usr/sbin/sshd -D
> 
> The command succeeds but when I try to login, passwords doesn't match (I 
> suppose that sshd has to be run as SYSTEM account to authenticate 
> users). How can I solve this problem?
> 
> Windows 2000 acls shows that /etc/ssh_host*_key has the Everyone user 
> but no permissions with it. Can be this problem? I can't remove the 
> 'Everyone' user of the acl because the owner is SYSTEM and I would be 
> changing the ownership of the files... What should I do?
> 
> CYGWIN is set to "ntsec tty". Any thanks in advance.
> 
> 
> Zeus Gómez.
> 
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 

-- 
Prentis Brooks	| prentis@aol.net | 703-265-0914 | AIM: PrentisBrooks
Senior System Administrator - Web Infrastructure & Security

       A knight is sworn to valor.  His heart knows only virtue.  His blade
       defends the helpless.  His word speaks only truth.  His wrath undoes
       the wicked. - the old code of Bowen, last of the dragonslayers



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]