This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sshd+ssh localhost connects, but don't reach the shell


René Berber wrote:
Vilar Camara wrote:

First of all, thank you for the quick answer.

I've installed sshd following the tutorial on
http://pigtail.net/LRP/printsrv/cygwin-sshd.html, including the
mkpasswd
[snip]

Stop right there.

If you search this list for that link you'll find that many people
have problems
after following the instructions.
Wow, I didn't expect this. Of course I should have double-checked the
source, sorry. It's unfortunate that it is the first Google hit.

The only procedure that should be followed is in
/usr/share/doc/Cygwin/openssh.README; unless you really know what you
are doing.
Ok, I read it. First I had to erase every trace of previous installation:

rm -f /etc/ssh*
rm -rf ~/.ssh
Erased CYGWIN system environment variable
cygrunsrv -E/-R sshd
Killed all running "sshd.exe" processes
Deleted the sshd user
(Did I leave anything behind?)

Then:

ssh-host-config -y, CYGWIN=ntsec
ssh-user-config -y, passphrases match my user password
cygrunsrv -S sshd

"netstat -an | grep 22" gives me
 TCP    0.0.0.0:22             0.0.0.0:0              LISTENING
so I think the service is running and listening.

Unfortunately the client still does nothing: "ssh localhost" keeps
waiting forever.

As a last resort, I renamed the user directory under /home, created a
new empty one and ran ssh-user-config again. Still no luck.

One particular thing at openssh.README file is the following phrase:

   If you start sshd as deamon via cygrunsrv.exe you MUST give the
   "-D" option to sshd. Otherwise the service can't get started at all.

I can't get exactly what that means. It appears that the phrase should
be "If you *manually install* sshd as daemon" or "If you run
/usr/sbin/sshd as a non-daemon process". "ssh-host-config" already gives
"-a -D" to "cygrunsrv -I". "cygrunsrv -S sshd -a -D" doesn't work (as I
suspected).

Yes, you are right. The ssh-host-config script does include the -D when it installs the service.

Three additional things that may be clarifying or not:

1) /var/log/sshd.log is *always* empty (0-byte length);

Normal. The only thing I see there are errors when I make an error changing /etc/sshd_config.

Usually sshd sends messages to the Windows Application Event log.  I'm using
syslogd-ng so that messages go to /var/log/messages.

2) "ssh -vvv localhost" now gives a lot of complaining messages:
   OpenSSH_4.3p2, OpenSSL 0.9.8a 11 Oct 2005
   debug1: Reading configuration data /etc/ssh_config
   debug2: ssh_connect: needpriv 0
   debug1: Connecting to localhost [127.0.0.1] port 22.
   debug1: Connection established.
   debug1: identity file /home/vilarnt/.ssh/identity type 0
   debug3: Not a RSA1 key file /home/vilarnt/.ssh/id_rsa.
   debug2: key_type_from_name: unknown key type '-----BEGIN'

Normal output. The only difference I see is "type -1" which probably means that I don't have rsa key or identity.

[snip]
   debug2: key_type_from_name: unknown key type '-----END'
   debug3: key_read: missing keytype
   debug1: identity file /home/vilarnt/.ssh/id_rsa type 1
   debug3: Not a RSA1 key file /home/vilarnt/.ssh/id_dsa.
   debug2: key_type_from_name: unknown key type '-----BEGIN'
   debug3: key_read: missing keytype
   debug3: key_read: missing whitespace
...
   debug2: key_type_from_name: unknown key type '-----END'
   debug3: key_read: missing keytype
   debug1: identity file /home/vilarnt/.ssh/id_dsa type 2

What is that? Anyway, I think this is not the main problem,

Correct.


as I've said
in the previous post that the "SSH Secure Shell" Windows client also hangs;

3) If I kill all "sshd.exe" processes while ssh is stuck, the client
terminates with the message "ssh_exchange_identification: Connection
closed by remote host". As I said, this may or may not be clarifying.

Does anybody have a clue?

Not yet, could you show the rest of that output? or the end, to see where things stopped.

Some ideas: are you running anything on your ~/.profile or equivalent file?;
what shell do you use? can you try a user with a home in an NTFS partition? (I
don't know if FAT32 is the problem because I don't use that)

Again, thanks to everyone for the patience and dedication.

Please keep your replies on the list, the more people that see them the higher the probability that someone will spot the problem.

Two other things to try/consider


  1. Firewall restrictions (port 22 by default).
  2. Running the server in debug mode will provide better diagnostics than
     the verbose output of the client, though looking at both together in
     real-time can be even more enlightening.


-- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 838 Washington Street (508) 893-9889 - FAX Holliston, MA 01746

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]