Re: SSHd configuration problems (System error 1376) - CONFIRMED
I can confirm that this does fix the problem on at least one of my
systems. I'll be doing the other shortly.
Thank you!
Bruce Halco
On 01/07/2015 02:45 PM, craigmcd wrote:
Bruce said he could not see my edits. I'm posting from nabble and used the
raw tags, so maybe that did not go through. Here they are again:
$ diff -c cygwin-service-installation-helper.sh.orig
cygwin-service-installation-helper.sh
*** cygwin-service-installation-helper.sh.orig 2014-12-27 19:33:51.17425
-0500
--- cygwin-service-installation-helper.sh 2014-12-27 23:26:51.89300
-0500
***
*** 2966,2973
if [ "$username_in_sam" = "yes" ]
then
# always try to set group membership and privileges
! admingroup=$(/usr/bin/getent group S-1-5-32-544)
! admingroup="${admingroup%%:*}"
if [ -z "${admingroup}" ]
then
csih_warning "Cannot obtain the Administrators group name from
'mkgroup -l'."
--- 2966,2974
if [ "$username_in_sam" = "yes" ]
then
# always try to set group membership and privileges
! admingroup=$(/usr/bin/getent -w group S-1-5-32-544)
! admingroup="${admingroup#*:*:*\\}"
! admingroup="${admingroup%:*}"
if [ -z "${admingroup}" ]
then
csih_warning "Cannot obtain the Administrators group name from
'mkgroup -l'."
***
*** 3263,3268
--- 3264,3271
# is not yet installed, so compute the "expected" account under which
# privileged services should run.
+ mkpasswd -l > /etc/passwd
+
# use the following procedure if a privileged account is required:
if ( csih_is_nt2003 || [ "x$csih_FORCE_PRIVILEGED_USER" = "xyes" ] )
then
--
View this message in context:
http://cygwin.1069669.n5.nabble.com/Re-SSHd-configuration-problems-System-error-1376-CONFIRMED-tp113955p114109.html
Sent from the Cygwin list mailing list archive at Nabble.com.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
RE: SSHd configuration problems (System error 1376) - CONFIRMED
Bruce said he could not see my edits. I'm posting from nabble and used the
raw tags, so maybe that did not go through. Here they are again:
$ diff -c cygwin-service-installation-helper.sh.orig
cygwin-service-installation-helper.sh
*** cygwin-service-installation-helper.sh.orig 2014-12-27 19:33:51.17425
-0500
--- cygwin-service-installation-helper.sh 2014-12-27 23:26:51.89300
-0500
***
*** 2966,2973
if [ "$username_in_sam" = "yes" ]
then
# always try to set group membership and privileges
! admingroup=$(/usr/bin/getent group S-1-5-32-544)
! admingroup="${admingroup%%:*}"
if [ -z "${admingroup}" ]
then
csih_warning "Cannot obtain the Administrators group name from
'mkgroup -l'."
--- 2966,2974
if [ "$username_in_sam" = "yes" ]
then
# always try to set group membership and privileges
! admingroup=$(/usr/bin/getent -w group S-1-5-32-544)
! admingroup="${admingroup#*:*:*\\}"
! admingroup="${admingroup%:*}"
if [ -z "${admingroup}" ]
then
csih_warning "Cannot obtain the Administrators group name from
'mkgroup -l'."
***
*** 3263,3268
--- 3264,3271
# is not yet installed, so compute the "expected" account under which
# privileged services should run.
+ mkpasswd -l > /etc/passwd
+
# use the following procedure if a privileged account is required:
if ( csih_is_nt2003 || [ "x$csih_FORCE_PRIVILEGED_USER" = "xyes" ] )
then
--
View this message in context:
http://cygwin.1069669.n5.nabble.com/Re-SSHd-configuration-problems-System-error-1376-CONFIRMED-tp113955p114109.html
Sent from the Cygwin list mailing list archive at Nabble.com.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
cd /usr/share/csih Edit the cygwin-service-installation-helper.sh and change these two lines starting at line 2969: The use of the "-w" argument in getent and parsing the modified output fixed the "root" vs "Administrators" issue. There was still one more issue because the new users were not in the /etc/passwd file as expected in a later part of the script, so I had to add the following at line 3264: After making those changes, clean up the previous changes made by ssh-host-config as described in the earlier message, then rerun ssh-host-config. -- View this message in context: http://cygwin.1069669.n5.nabble.com/Re-SSHd-configuration-problems-System-error-1376-CONFIRMED-tp113955p114108.html Sent from the Cygwin list mailing list archive at Nabble.com. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
Could you be more specific about the changes you made? I'm not familiar enough with it for it to be obvious. Thanks. Bruce Halco On 01/07/2015 11:43 AM, craigmcd wrote: I had the same issue. It seems to be related to what /usr/bin/getent returns for the group name so that you end up trying to add to the group "root" rather than "Administrators". I had to hack /usr/share/csih/cygwin-service-installation-helper.sh in a couple of places to finally make it work for me: -- View this message in context: http://cygwin.1069669.n5.nabble.com/Re-SSHd-configuration-problems-System-error-1376-CONFIRMED-tp113955p114100.html Sent from the Cygwin list mailing list archive at Nabble.com. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
RE: SSHd configuration problems (System error 1376) - CONFIRMED
Forgot to add that you need to do this after making those changes: Clean up the mess ssh-host-config previously created: cygrunsrv --stop sshd cygrunsrv --remove sshd net user sshd /delete net user cyg_server /delete edit /etc/passwd and /etc/group to remove cyg_server and sshd rm -rf /etc/ssh* sc delete sshd ...and rerun ssh-host-config: ssh-host-config -y -- View this message in context: http://cygwin.1069669.n5.nabble.com/Re-SSHd-configuration-problems-System-error-1376-CONFIRMED-tp113955p114101.html Sent from the Cygwin list mailing list archive at Nabble.com. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
RE: SSHd configuration problems (System error 1376) - CONFIRMED
I had the same issue. It seems to be related to what /usr/bin/getent returns for the group name so that you end up trying to add to the group "root" rather than "Administrators". I had to hack /usr/share/csih/cygwin-service-installation-helper.sh in a couple of places to finally make it work for me: -- View this message in context: http://cygwin.1069669.n5.nabble.com/Re-SSHd-configuration-problems-System-error-1376-CONFIRMED-tp113955p114100.html Sent from the Cygwin list mailing list archive at Nabble.com. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
RE: SSHd configuration problems (System error 1376) - CONFIRMED
Ok, I'm hopeful this message is going to reach the correct thread. Thanks for your patience, I was accessing and posting to the discussion via web browser which is how I discovered it. Now that I'm properly subscribed to the list and using my email client... on to business. Regarding sshd configuration using the ssh-host-config command resulting in system error 1376: >System error 1376 has occurred. >The specified local group does not exist. >Adding user 'cyg_server' to local group 'root' failed! This result is fairly new. Success was the normal result as recently as a fresh Cygwin64 install on November 7. In the error scenario, if the user proceeds with the configuration the sshd service is assigned to the local windows SYSTEM user (per default choice provided if I remember correctly). Tied to the SYSTEM user account, the sshd service will start and run, but when remote login is attempted, the ssh connection is terminated immediately by host. As mentioned, I have both a "root" and "Administrators" entries in my etc\group file as the result of the default install procedure. There is no Windows group 'root'. The group file was not tampered with by hand. I see the same 'root' entry in the group file of the server we successfully built on Nov 7. The fact of the root entry in the group file may not have anything to do with the 1376 problem except that the local group 'root' is mentioned in the error message. In the error scenario, the Windows user account cyg_server is created. At conclusion of the process it is a member of the Windows "Users" group only. I attempted this work-around: 1) Manually making the Windows cyg_server account a member of the Windows Administrators group (via Windows User management interface) 2) Then re-running mkpasswd and confirming that user cyg_server was associated with the Administrators group 3) Then assigning the sshd service to start using the .\cyg_server user (via Windows interface) instead of SYSTEM. Shutting down and then restarting the service. The result was the service attempting to start, and then shutting itself down immediately. This is the work-around as I understand it from the posts above but perhaps I am missing a key step. Anyway, I'd like to help with solving the underlying problem if possible. Attached is the result of: cygcheck -s -v -r > cygcheck.out on my server with sensitive user and site-specific information redacted. You'll find "XX" anywhere I made a change to mask that info. Thanks for your time and any of your insights. - Hal cygcheck.out Description: cygcheck.out -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
Greetings, Will Parsons! Can you include cygcheck output as outlined in the link below? > Problem reports: http://cygwin.com/problems.html >> >>> I've got the plain text file cygcheck.out, but it is unclear to me how I can >>> attach it to a post in this discussion per the guidelines (I'm using the >>> Gmane interface). I must be missing something obvious. >> >> Use normal mail client. Google mail apps known to hardly support half the >> associated standards and interfaces. > This has nothing to do with Google mail - he's using Gmane > (presumably using NNTP, not mail). I don't know the answer to the > question, but I'd like to know too, since I'm also using Gmane. If he could have used NNTP, then there's no question of "how to", NNTP clients have all the capabilities of mail clients. Naw... I safely assume he's using rudimentary web interface. -- WBR, Andrey Repin Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
On 01/05/2015 04:56 PM, Hal Watson wrote: Larry Hall (Cygwin cygwin.com> writes: Can you include cygcheck output as outlined in the link below? Problem reports: http://cygwin.com/problems.html I've got the plain text file cygcheck.out, but it is unclear to me how I can attach it to a post in this discussion per the guidelines (I'm using the Gmane interface). I must be missing something obvious. Thanks for asking. As mentioned, the implicit assumption is that you're viewing and responding to the email list using a capable email client. Obviously with Gmane, that assumption doesn't hold. It's a whole different beast with other capabilities and priorities. I'm not familiar with the particulars of Gmane and my brief investigation didn't turn up an answer either. I'd recommend that you contact Gmane for help with this. -- Larry _ A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting annoying in email? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
Andrey Repin wrote: > Greetings, Hal Watson! > >>> Can you include cygcheck output as outlined in the link below? >>> >>> > Problem reports: http://cygwin.com/problems.html >>> > >> I've got the plain text file cygcheck.out, but it is unclear to me how I can >> attach it to a post in this discussion per the guidelines (I'm using the >> Gmane interface). I must be missing something obvious. > > Use normal mail client. Google mail apps known to hardly support half the > associated standards and interfaces. This has nothing to do with Google mail - he's using Gmane (presumably using NNTP, not mail). I don't know the answer to the question, but I'd like to know too, since I'm also using Gmane. -- Will -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
Greetings, Hal Watson! >> Can you include cygcheck output as outlined in the link below? >> >> > Problem reports: http://cygwin.com/problems.html >> > I've got the plain text file cygcheck.out, but it is unclear to me how I can > attach it to a post in this discussion per the guidelines (I'm using the > Gmane interface). I must be missing something obvious. Use normal mail client. Google mail apps known to hardly support half the associated standards and interfaces. -- WBR, Andrey Repin (anrdae...@yandex.ru) 06.01.2015, <02:09> Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
Larry Hall (Cygwin cygwin.com> writes: > Can you include cygcheck output as outlined in the link below? > > > Problem reports: http://cygwin.com/problems.html > I've got the plain text file cygcheck.out, but it is unclear to me how I can attach it to a post in this discussion per the guidelines (I'm using the Gmane interface). I must be missing something obvious. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
On 01/02/2015 05:27 PM, Hal Watson wrote: Hello all, thanks for this thread. I just got a request for several new servers this week, and System error 1376 issue has cropped up for the first time. These are fresh installs of stable release Cygwin X64 on a fresh Windows 2012 Server. The "1376" error seems to have cropped up in the last month. I've gone through the suggestions in the thread (above) but after making the resulting cyg_server user a member of the Windows Administrators group, and regenerating my passwd file (mkpasswd), I then attempt to start the sshd service. I can start the service as the local SYSTEM user, but cannot connect (ssh connection is terminated immediately by host)from a remote machine. If I change the sshd service to start as user cyg_server (via Windows interface), the service won't start. It attempts to start and then immediately shuts down. Maybe this is a new clue? Like Henri I have both a "root" entry and an "Administrators" entry in my group file. As far as I can tell they were generated as part of the default Cywin post-installation. I see this is true for installs we did earlier this year also. root:S-1-5-32-544:0: Administrators:S-1-5-32-544:544: Over the years my organization has been moving all of our new file servers to Windows and I'm relying on SSH via Cygwin to connect to them and push data from our Linux infrastructure. Up to now it has been rock-solid. I'm not a guru with Cygwin, but maybe I can be a good tester here? Willing to help, Thanks. Can you include cygcheck output as outlined in the link below? Problem reports: http://cygwin.com/problems.html -- Larry _ A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting annoying in email? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
Hello all, thanks for this thread. I just got a request for several new servers this week, and System error 1376 issue has cropped up for the first time. These are fresh installs of stable release Cygwin X64 on a fresh Windows 2012 Server. The "1376" error seems to have cropped up in the last month. I've gone through the suggestions in the thread (above) but after making the resulting cyg_server user a member of the Windows Administrators group, and regenerating my passwd file (mkpasswd), I then attempt to start the sshd service. I can start the service as the local SYSTEM user, but cannot connect (ssh connection is terminated immediately by host)from a remote machine. If I change the sshd service to start as user cyg_server (via Windows interface), the service won't start. It attempts to start and then immediately shuts down. Maybe this is a new clue? Like Henri I have both a "root" entry and an "Administrators" entry in my group file. As far as I can tell they were generated as part of the default Cywin post-installation. I see this is true for installs we did earlier this year also. root:S-1-5-32-544:0: Administrators:S-1-5-32-544:544: Over the years my organization has been moving all of our new file servers to Windows and I'm relying on SSH via Cygwin to connect to them and push data from our Linux infrastructure. Up to now it has been rock-solid. I'm not a guru with Cygwin, but maybe I can be a good tester here? Willing to help, Thanks. Hal Watson, Minnesota Dept. of Natural Resources hal.wat...@state.mn.us -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: SSHd configuration problems (System error 1376) - CONFIRMED
>> If you were really running in an elevated shell, I don't know why 544 didn't >> show up in the output of "id -G". >> >> Ken > Because Ilya's /etc/group file has a line that reads: > > root:S-1-5-32-544:0: > > in stead of: > > Administrators:S-1-5-32-544:544: > > ? > > Put differently, he has copied an old group file from another computer? Reinstalled Cygwin (1.7.34). To my surprise it has both a group file and a passwd file. Moreover, the group file has the above mentioned "root" entry. /etc/postinstall/000-cygwin-post-install.sh appears to be responsible for the creation of these files. Henri -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
