Re: sshd on WinXP machine in Win2003 Domain -- can't log in
Problem solved, w00t Here's the odd thing, I had set the appropriate policies on the domain controller (or at least I thought I had), however when I ran: secpol.msc on my XP system (the machine that I want to SSH into), only Log on as Service policy was propogated from the domain controller. So, I tried to run: dompol.msc I got a Windows Error claiming that I didn't have permissions (even though I was logged in as Administrator), turns out this is a known issue on Windows 2003 (maybe 2000 also) I launched dompol.msc via the shortcut at Administrator Tools and click Domain Security Policy Just as I saw in the secpol.msc on the XP box, the only policy the sshd_user had was Log on as Service I added him to: Adjust memory quotas for a process Create a token object Deny log on locally Log on as a service Replace a process level token I then went back to the XP machine and ran from the command prompt: C:\ gpupdate I then checked secpol.msc and now all of the policies for sshd_user have propigated over. Now it works. Before I thought I'd done the same thing, but I must have modified the policies using the wrong tool...? Thanks for all the help. Mike Yuen Wing Seung [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I also got the same problem. but I am work for the Adminstrator. which is a local user. Others Domain users got the Permission Denied after checking the password. All others Domain Users can open the CYGWIN bash shell properly on the Window console, however ssh to the server is not work. MIke Hanby wrote: crum, nope, can't maintane the connection with a local user either. I get the same Permission Denied after logging in. All of this worked before I joined this machine to the Windows 2003 Active Directory domain, so it's got to be related, but beyond setting those Local Policies on the Domain controller, I don't know what else to try. Igor Pechtchanski [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hmm, really weird... I'm officially out of ideas. Does it work if you try to log in as a local user (i.e., not a domain one)? As for /dev, see http://cygwin.com/ml/cygwin/2004-03/msg01009.html. HTH, Igor On Sun, 21 Mar 2004, MIke Hanby wrote: stupid Symantec products, thanks for pointing that out my home directory is physically located in: C:\Documents and Settings\joeshmo.WIN2003DOMAIN I've created a link for /home to point to /cygdrive/c/Docume~1 lrwxrwxrwx1 1110710513 111 Mar 20 15:59 /home - /cygdrive/c/Docume~1/ I've created another link to make my home directory more user friendly lrwxrwxrwx1 1110710513 114 Mar 18 00:58 /home/joeshmo - ./joeshmo.WIN2003DOMAIN/ User ID 11107 is the id for joeshmo in the /etc/passwd file joeshmo:unused_by_nt/2000/xp:11107:10513:Joe Shmo,U-WIN2003DOMAIN\joeshmo,S-1-5-21-2516459027-1883439143-603107090-1107:/ home/joeshmo:/bin/bash Now, one thing I've noticed in the -v -v output of the ssh client: SSH_TTY=/dev/tty1 /bin/bash: Permission denied /dev doesn't exist, is this a problem? Thanks, Mike Igor Pechtchanski [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Mike, Thanks. First off (unrelated, but annoying): Norton Ghost screwed up your path -- you should remove the quotes around C:\Program Files\Symantec\Norton Ghost 2003\ in the PATH variable. Other than that, everything in your cygcheck output seems in order. The only other thing I can think of at the moment is: is the home directory of joeshmo readable by that user? Can you please run ls -ln on joeshmo's home directory? Oh, and do you realize that what sshd thinks the home directory is and what $HOME is set to don't match? Igor On Sun, 21 Mar 2004, MIke Hanby wrote: Ok, here's the version information: Cygwin: CYGWIN_NT-5.1 xphost 1.5.8(0.112/4/2) 2004-03-16 00:19 i686 unknown unknown Cygwin ssh: OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003 sshd: sshd version OpenSSH_3.8p1, OpenSSL 0.9.7c 30 Sep 2003 OS running sshd: Windows XP Pro Domain Controller OS: Windows 2003 Server I started sshd service with the -d -d double verbose debug output and ssh client with -v -v double verbose output. I've attached the ssh client, sshd service and cygcheck.out log files. I tried adding +rx to directory /bin, got the same Permission Denied error. I'm not putting the output in the message as it's quite long. Thanks for any help, Mike Igor Pechtchanski wrote: On Sun, 21 Mar 2004, MIke Hanby wrote: Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the
Re: sshd on WinXP machine in Win2003 Domain -- can't log in
I also got the same problem. but I am work for the Adminstrator. which is a local user. Others Domain users got the Permission Denied after checking the password. All others Domain Users can open the CYGWIN bash shell properly on the Window console, however ssh to the server is not work. MIke Hanby wrote: crum, nope, can't maintane the connection with a local user either. I get the same Permission Denied after logging in. All of this worked before I joined this machine to the Windows 2003 Active Directory domain, so it's got to be related, but beyond setting those Local Policies on the Domain controller, I don't know what else to try. Igor Pechtchanski [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hmm, really weird... I'm officially out of ideas. Does it work if you try to log in as a local user (i.e., not a domain one)? As for /dev, see http://cygwin.com/ml/cygwin/2004-03/msg01009.html. HTH, Igor On Sun, 21 Mar 2004, MIke Hanby wrote: stupid Symantec products, thanks for pointing that out my home directory is physically located in: C:\Documents and Settings\joeshmo.WIN2003DOMAIN I've created a link for /home to point to /cygdrive/c/Docume~1 lrwxrwxrwx1 1110710513 111 Mar 20 15:59 /home - /cygdrive/c/Docume~1/ I've created another link to make my home directory more user friendly lrwxrwxrwx1 1110710513 114 Mar 18 00:58 /home/joeshmo - ./joeshmo.WIN2003DOMAIN/ User ID 11107 is the id for joeshmo in the /etc/passwd file joeshmo:unused_by_nt/2000/xp:11107:10513:Joe Shmo,U-WIN2003DOMAIN\joeshmo,S-1-5-21-2516459027-1883439143-603107090-1107:/ home/joeshmo:/bin/bash Now, one thing I've noticed in the -v -v output of the ssh client: SSH_TTY=/dev/tty1 /bin/bash: Permission denied /dev doesn't exist, is this a problem? Thanks, Mike Igor Pechtchanski [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Mike, Thanks. First off (unrelated, but annoying): Norton Ghost screwed up your path -- you should remove the quotes around C:\Program Files\Symantec\Norton Ghost 2003\ in the PATH variable. Other than that, everything in your cygcheck output seems in order. The only other thing I can think of at the moment is: is the home directory of joeshmo readable by that user? Can you please run ls -ln on joeshmo's home directory? Oh, and do you realize that what sshd thinks the home directory is and what $HOME is set to don't match? Igor On Sun, 21 Mar 2004, MIke Hanby wrote: Ok, here's the version information: Cygwin: CYGWIN_NT-5.1 xphost 1.5.8(0.112/4/2) 2004-03-16 00:19 i686 unknown unknown Cygwin ssh: OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003 sshd: sshd version OpenSSH_3.8p1, OpenSSL 0.9.7c 30 Sep 2003 OS running sshd: Windows XP Pro Domain Controller OS: Windows 2003 Server I started sshd service with the -d -d double verbose debug output and ssh client with -v -v double verbose output. I've attached the ssh client, sshd service and cygcheck.out log files. I tried adding +rx to directory /bin, got the same Permission Denied error. I'm not putting the output in the message as it's quite long. Thanks for any help, Mike Igor Pechtchanski wrote: On Sun, 21 Mar 2004, MIke Hanby wrote: Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the following: $ ssh -p 3020 localhost [EMAIL PROTECTED]'s password: Last login: Sat Mar 20 16:01:17 2004 from localhost Fanfare!!! You are successfully logged in to this server!!! /bin/bash: Permission denied Connection to localhost closed. Permissions on /bin/bash were -rwxr-x---+, I tried adding +rx, still get the same error -rwxr-xr-x+ 1 joeshmo Users 527360 Oct 20 07:12 /bin/bash* Here's what I did to configure sshd 1. Installed Cygwin with packages that I downloaded today while logged in as my Active Directory user, joeshmo 2. Created a new Active Directory user, addomain\sshdproc, and added the following rights using the Windows 2003 Server Local Security Policy Create a token object Log on as a service Replcae a process level token Adjust memory quotas for a process 3. Added sshd as a service on the Windows XP Pro machine, it is set to start as the user addomain\sshdproc 4. Ran ssh-host-config and answered YES to all questions, including privilege separation 5. Ran the following on the Windows XP machine mkpasswd -l -d /etc/passwd mkgroup -l -d /etc/group 6. changed permissions on the following files touch /var/log/sshd.log chmod 644 /var/log/sshd.log chown sshdproc /var/empty /var/log/sshd.log /etc/ssh_* 7. Start sshd cygrunsrv --start sshd I then get the error above, /bin/bash:
Re: sshd on WinXP machine in Win2003 Domain -- can't log in
On Mar 21 18:19, MIke Hanby wrote: Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the following: $ ssh -p 3020 localhost [EMAIL PROTECTED]'s password: Last login: Sat Mar 20 16:01:17 2004 from localhost Fanfare!!! You are successfully logged in to this server!!! /bin/bash: Permission denied Connection to localhost closed. Perhaps ownership and permissions of the home directory and files in it? Does your home directory belong to the local user account? Do you have another joeshmo entry in /etc/passwd for the local user? Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developermailto:[EMAIL PROTECTED] Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
RE: sshd on WinXP machine in Win2003 Domain -- can't log in
From: MIke Hanby Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the following: $ ssh -p 3020 localhost [EMAIL PROTECTED]'s password: Last login: Sat Mar 20 16:01:17 2004 from localhost Fanfare!!! You are successfully logged in to this server!!! /bin/bash: Permission denied Connection to localhost closed. Permissions on /bin/bash were -rwxr-x---+, I tried adding +rx, still get the same error -rwxr-xr-x+ 1 joeshmo Users 527360 Oct 20 07:12 /bin/bash* WRT the appended + on the rigths flags; Might it be that $ getfacl /bin/bash would give any further clues? /Hannu E K Nevalainen, B.Sc. EE - 59+16.37'N, 17+12.60'E ** on a mailing list; please keep replies on that particular list ** -- printf(LocalTime: UTC+%02d\n,(DST)? 2:1); -- --END OF MESSAGE-- -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: sshd on WinXP machine in Win2003 Domain -- can't log in
Hmm, didn't even notice that, here's the output of $ getfacl /bin/bash # file: /bin/bash # owner: joeshmo # group: Users user::rwx user:sshdproc:rwx group::r-x group:root:rwx group:SYSTEM:rwx mask:rwx other:r-x Hannu E K Nevalainen [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] From: MIke Hanby Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the following: $ ssh -p 3020 localhost [EMAIL PROTECTED]'s password: Last login: Sat Mar 20 16:01:17 2004 from localhost Fanfare!!! You are successfully logged in to this server!!! /bin/bash: Permission denied Connection to localhost closed. Permissions on /bin/bash were -rwxr-x---+, I tried adding +rx, still get the same error -rwxr-xr-x+ 1 joeshmo Users 527360 Oct 20 07:12 /bin/bash* WRT the appended + on the rigths flags; Might it be that $ getfacl /bin/bash would give any further clues? /Hannu E K Nevalainen, B.Sc. EE - 59+16.37'N, 17+12.60'E ** on a mailing list; please keep replies on that particular list ** -- printf(LocalTime: UTC+%02d\n,(DST)? 2:1); -- --END OF MESSAGE-- -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
sshd on WinXP machine in Win2003 Domain -- can't log in
Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the following: $ ssh -p 3020 localhost [EMAIL PROTECTED]'s password: Last login: Sat Mar 20 16:01:17 2004 from localhost Fanfare!!! You are successfully logged in to this server!!! /bin/bash: Permission denied Connection to localhost closed. Permissions on /bin/bash were -rwxr-x---+, I tried adding +rx, still get the same error -rwxr-xr-x+ 1 joeshmo Users 527360 Oct 20 07:12 /bin/bash* Here's what I did to configure sshd 1. Installed Cygwin with packages that I downloaded today while logged in as my Active Directory user, joeshmo 2. Created a new Active Directory user, addomain\sshdproc, and added the following rights using the Windows 2003 Server Local Security Policy Create a token object Log on as a service Replcae a process level token Adjust memory quotas for a process 3. Added sshd as a service on the Windows XP Pro machine, it is set to start as the user addomain\sshdproc 4. Ran ssh-host-config and answered YES to all questions, including privilege separation 5. Ran the following on the Windows XP machine mkpasswd -l -d /etc/passwd mkgroup -l -d /etc/group 6. changed permissions on the following files touch /var/log/sshd.log chmod 644 /var/log/sshd.log chown sshdproc /var/empty /var/log/sshd.log /etc/ssh_* 7. Start sshd cygrunsrv --start sshd I then get the error above, /bin/bash: Permission denied Any idea what file(s) it might be referring to? Any ideas on what else I can do? Thanks in advance, Mike -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: sshd on WinXP machine in Win2003 Domain -- can't log in
Mike, Thanks. First off (unrelated, but annoying): Norton Ghost screwed up your path -- you should remove the quotes around C:\Program Files\Symantec\Norton Ghost 2003\ in the PATH variable. Other than that, everything in your cygcheck output seems in order. The only other thing I can think of at the moment is: is the home directory of joeshmo readable by that user? Can you please run ls -ln on joeshmo's home directory? Oh, and do you realize that what sshd thinks the home directory is and what $HOME is set to don't match? Igor On Sun, 21 Mar 2004, MIke Hanby wrote: Ok, here's the version information: Cygwin: CYGWIN_NT-5.1 xphost 1.5.8(0.112/4/2) 2004-03-16 00:19 i686 unknown unknown Cygwin ssh: OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003 sshd: sshd version OpenSSH_3.8p1, OpenSSL 0.9.7c 30 Sep 2003 OS running sshd: Windows XP Pro Domain Controller OS: Windows 2003 Server I started sshd service with the -d -d double verbose debug output and ssh client with -v -v double verbose output. I've attached the ssh client, sshd service and cygcheck.out log files. I tried adding +rx to directory /bin, got the same Permission Denied error. I'm not putting the output in the message as it's quite long. Thanks for any help, Mike Igor Pechtchanski wrote: On Sun, 21 Mar 2004, MIke Hanby wrote: Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the following: $ ssh -p 3020 localhost [EMAIL PROTECTED]'s password: Last login: Sat Mar 20 16:01:17 2004 from localhost Fanfare!!! You are successfully logged in to this server!!! /bin/bash: Permission denied Connection to localhost closed. Permissions on /bin/bash were -rwxr-x---+, I tried adding +rx, still get the same error -rwxr-xr-x+ 1 joeshmo Users 527360 Oct 20 07:12 /bin/bash* Here's what I did to configure sshd 1. Installed Cygwin with packages that I downloaded today while logged in as my Active Directory user, joeshmo 2. Created a new Active Directory user, addomain\sshdproc, and added the following rights using the Windows 2003 Server Local Security Policy Create a token object Log on as a service Replcae a process level token Adjust memory quotas for a process 3. Added sshd as a service on the Windows XP Pro machine, it is set to start as the user addomain\sshdproc 4. Ran ssh-host-config and answered YES to all questions, including privilege separation 5. Ran the following on the Windows XP machine mkpasswd -l -d /etc/passwd mkgroup -l -d /etc/group 6. changed permissions on the following files touch /var/log/sshd.log chmod 644 /var/log/sshd.log chown sshdproc /var/empty /var/log/sshd.log /etc/ssh_* 7. Start sshd cygrunsrv --start sshd I then get the error above, /bin/bash: Permission denied Any idea what file(s) it might be referring to? Any ideas on what else I can do? Thanks in advance, Mike Without the requisite information requested in the Cygwin problem reporting guidelines at http://cygwin.com/problems.html we can only guess, but, since you had to change the permissions on /bin/bash, I'd guess that you'll need to change the permissions on at least /bin as well. Also, try running sshd and ssh with a few -v flags (multiple -v's increase the verbosity level)... Igor -- http://cs.nyu.edu/~pechtcha/ |\ _,,,---,,_[EMAIL PROTECTED] ZZZzz /,`.-'`'-. ;-;;,_[EMAIL PROTECTED] |,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D. '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow! I have since come to realize that being between your mentor and his route to the bathroom is a major career booster. -- Patrick Naughton -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: sshd on WinXP machine in Win2003 Domain -- can't log in
stupid Symantec products, thanks for pointing that out my home directory is physically located in: C:\Documents and Settings\joeshmo.WIN2003DOMAIN I've created a link for /home to point to /cygdrive/c/Docume~1 lrwxrwxrwx1 1110710513 111 Mar 20 15:59 /home - /cygdrive/c/Docume~1/ I've created another link to make my home directory more user friendly lrwxrwxrwx1 1110710513 114 Mar 18 00:58 /home/joeshmo - ./joeshmo.WIN2003DOMAIN/ User ID 11107 is the id for joeshmo in the /etc/passwd file joeshmo:unused_by_nt/2000/xp:11107:10513:Joe Shmo,U-WIN2003DOMAIN\joeshmo,S-1-5-21-2516459027-1883439143-603107090-1107:/ home/joeshmo:/bin/bash Now, one thing I've noticed in the -v -v output of the ssh client: SSH_TTY=/dev/tty1 /bin/bash: Permission denied /dev doesn't exist, is this a problem? Thanks, Mike Igor Pechtchanski [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Mike, Thanks. First off (unrelated, but annoying): Norton Ghost screwed up your path -- you should remove the quotes around C:\Program Files\Symantec\Norton Ghost 2003\ in the PATH variable. Other than that, everything in your cygcheck output seems in order. The only other thing I can think of at the moment is: is the home directory of joeshmo readable by that user? Can you please run ls -ln on joeshmo's home directory? Oh, and do you realize that what sshd thinks the home directory is and what $HOME is set to don't match? Igor On Sun, 21 Mar 2004, MIke Hanby wrote: Ok, here's the version information: Cygwin: CYGWIN_NT-5.1 xphost 1.5.8(0.112/4/2) 2004-03-16 00:19 i686 unknown unknown Cygwin ssh: OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003 sshd: sshd version OpenSSH_3.8p1, OpenSSL 0.9.7c 30 Sep 2003 OS running sshd: Windows XP Pro Domain Controller OS: Windows 2003 Server I started sshd service with the -d -d double verbose debug output and ssh client with -v -v double verbose output. I've attached the ssh client, sshd service and cygcheck.out log files. I tried adding +rx to directory /bin, got the same Permission Denied error. I'm not putting the output in the message as it's quite long. Thanks for any help, Mike Igor Pechtchanski wrote: On Sun, 21 Mar 2004, MIke Hanby wrote: Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the following: $ ssh -p 3020 localhost [EMAIL PROTECTED]'s password: Last login: Sat Mar 20 16:01:17 2004 from localhost Fanfare!!! You are successfully logged in to this server!!! /bin/bash: Permission denied Connection to localhost closed. Permissions on /bin/bash were -rwxr-x---+, I tried adding +rx, still get the same error -rwxr-xr-x+ 1 joeshmo Users 527360 Oct 20 07:12 /bin/bash* Here's what I did to configure sshd 1. Installed Cygwin with packages that I downloaded today while logged in as my Active Directory user, joeshmo 2. Created a new Active Directory user, addomain\sshdproc, and added the following rights using the Windows 2003 Server Local Security Policy Create a token object Log on as a service Replcae a process level token Adjust memory quotas for a process 3. Added sshd as a service on the Windows XP Pro machine, it is set to start as the user addomain\sshdproc 4. Ran ssh-host-config and answered YES to all questions, including privilege separation 5. Ran the following on the Windows XP machine mkpasswd -l -d /etc/passwd mkgroup -l -d /etc/group 6. changed permissions on the following files touch /var/log/sshd.log chmod 644 /var/log/sshd.log chown sshdproc /var/empty /var/log/sshd.log /etc/ssh_* 7. Start sshd cygrunsrv --start sshd I then get the error above, /bin/bash: Permission denied Any idea what file(s) it might be referring to? Any ideas on what else I can do? Thanks in advance, Mike Without the requisite information requested in the Cygwin problem reporting guidelines at http://cygwin.com/problems.html we can only guess, but, since you had to change the permissions on /bin/bash, I'd guess that you'll need to change the permissions on at least /bin as well. Also, try running sshd and ssh with a few -v flags (multiple -v's increase the verbosity level)... Igor -- http://cs.nyu.edu/~pechtcha/ |\ _,,,---,,_ [EMAIL PROTECTED] ZZZzz /,`.-'`'-. ;-;;,_ [EMAIL PROTECTED] |,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D. '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow! I have since come to realize that being between your mentor and his route to
Re: sshd on WinXP machine in Win2003 Domain -- can't log in
Hmm, really weird... I'm officially out of ideas. Does it work if you try to log in as a local user (i.e., not a domain one)? As for /dev, see http://cygwin.com/ml/cygwin/2004-03/msg01009.html. HTH, Igor On Sun, 21 Mar 2004, MIke Hanby wrote: stupid Symantec products, thanks for pointing that out my home directory is physically located in: C:\Documents and Settings\joeshmo.WIN2003DOMAIN I've created a link for /home to point to /cygdrive/c/Docume~1 lrwxrwxrwx1 1110710513 111 Mar 20 15:59 /home - /cygdrive/c/Docume~1/ I've created another link to make my home directory more user friendly lrwxrwxrwx1 1110710513 114 Mar 18 00:58 /home/joeshmo - ./joeshmo.WIN2003DOMAIN/ User ID 11107 is the id for joeshmo in the /etc/passwd file joeshmo:unused_by_nt/2000/xp:11107:10513:Joe Shmo,U-WIN2003DOMAIN\joeshmo,S-1-5-21-2516459027-1883439143-603107090-1107:/home/joeshmo:/bin/bash Now, one thing I've noticed in the -v -v output of the ssh client: SSH_TTY=/dev/tty1 /bin/bash: Permission denied /dev doesn't exist, is this a problem? Thanks, Mike Igor Pechtchanski [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Mike, Thanks. First off (unrelated, but annoying): Norton Ghost screwed up your path -- you should remove the quotes around C:\Program Files\Symantec\Norton Ghost 2003\ in the PATH variable. Other than that, everything in your cygcheck output seems in order. The only other thing I can think of at the moment is: is the home directory of joeshmo readable by that user? Can you please run ls -ln on joeshmo's home directory? Oh, and do you realize that what sshd thinks the home directory is and what $HOME is set to don't match? Igor On Sun, 21 Mar 2004, MIke Hanby wrote: Ok, here's the version information: Cygwin: CYGWIN_NT-5.1 xphost 1.5.8(0.112/4/2) 2004-03-16 00:19 i686 unknown unknown Cygwin ssh: OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003 sshd: sshd version OpenSSH_3.8p1, OpenSSL 0.9.7c 30 Sep 2003 OS running sshd: Windows XP Pro Domain Controller OS: Windows 2003 Server I started sshd service with the -d -d double verbose debug output and ssh client with -v -v double verbose output. I've attached the ssh client, sshd service and cygcheck.out log files. I tried adding +rx to directory /bin, got the same Permission Denied error. I'm not putting the output in the message as it's quite long. Thanks for any help, Mike Igor Pechtchanski wrote: On Sun, 21 Mar 2004, MIke Hanby wrote: Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the following: $ ssh -p 3020 localhost [EMAIL PROTECTED]'s password: Last login: Sat Mar 20 16:01:17 2004 from localhost Fanfare!!! You are successfully logged in to this server!!! /bin/bash: Permission denied Connection to localhost closed. Permissions on /bin/bash were -rwxr-x---+, I tried adding +rx, still get the same error -rwxr-xr-x+ 1 joeshmo Users 527360 Oct 20 07:12 /bin/bash* Here's what I did to configure sshd 1. Installed Cygwin with packages that I downloaded today while logged in as my Active Directory user, joeshmo 2. Created a new Active Directory user, addomain\sshdproc, and added the following rights using the Windows 2003 Server Local Security Policy Create a token object Log on as a service Replcae a process level token Adjust memory quotas for a process 3. Added sshd as a service on the Windows XP Pro machine, it is set to start as the user addomain\sshdproc 4. Ran ssh-host-config and answered YES to all questions, including privilege separation 5. Ran the following on the Windows XP machine mkpasswd -l -d /etc/passwd mkgroup -l -d /etc/group 6. changed permissions on the following files touch /var/log/sshd.log chmod 644 /var/log/sshd.log chown sshdproc /var/empty /var/log/sshd.log /etc/ssh_* 7. Start sshd cygrunsrv --start sshd I then get the error above, /bin/bash: Permission denied Any idea what file(s) it might be referring to? Any ideas on what else I can do? Thanks in advance, Mike Without the requisite information requested in the Cygwin problem reporting guidelines at http://cygwin.com/problems.html we can only guess, but, since you had to change the permissions on /bin/bash, I'd guess that you'll need to change the permissions on at least /bin as well. Also, try running sshd and ssh with a few -v flags
Re: sshd on WinXP machine in Win2003 Domain -- can't log in
crum, nope, can't maintane the connection with a local user either. I get the same Permission Denied after logging in. All of this worked before I joined this machine to the Windows 2003 Active Directory domain, so it's got to be related, but beyond setting those Local Policies on the Domain controller, I don't know what else to try. Igor Pechtchanski [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hmm, really weird... I'm officially out of ideas. Does it work if you try to log in as a local user (i.e., not a domain one)? As for /dev, see http://cygwin.com/ml/cygwin/2004-03/msg01009.html. HTH, Igor On Sun, 21 Mar 2004, MIke Hanby wrote: stupid Symantec products, thanks for pointing that out my home directory is physically located in: C:\Documents and Settings\joeshmo.WIN2003DOMAIN I've created a link for /home to point to /cygdrive/c/Docume~1 lrwxrwxrwx1 1110710513 111 Mar 20 15:59 /home - /cygdrive/c/Docume~1/ I've created another link to make my home directory more user friendly lrwxrwxrwx1 1110710513 114 Mar 18 00:58 /home/joeshmo - ./joeshmo.WIN2003DOMAIN/ User ID 11107 is the id for joeshmo in the /etc/passwd file joeshmo:unused_by_nt/2000/xp:11107:10513:Joe Shmo,U-WIN2003DOMAIN\joeshmo,S-1-5-21-2516459027-1883439143-603107090-1107:/ home/joeshmo:/bin/bash Now, one thing I've noticed in the -v -v output of the ssh client: SSH_TTY=/dev/tty1 /bin/bash: Permission denied /dev doesn't exist, is this a problem? Thanks, Mike Igor Pechtchanski [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Mike, Thanks. First off (unrelated, but annoying): Norton Ghost screwed up your path -- you should remove the quotes around C:\Program Files\Symantec\Norton Ghost 2003\ in the PATH variable. Other than that, everything in your cygcheck output seems in order. The only other thing I can think of at the moment is: is the home directory of joeshmo readable by that user? Can you please run ls -ln on joeshmo's home directory? Oh, and do you realize that what sshd thinks the home directory is and what $HOME is set to don't match? Igor On Sun, 21 Mar 2004, MIke Hanby wrote: Ok, here's the version information: Cygwin: CYGWIN_NT-5.1 xphost 1.5.8(0.112/4/2) 2004-03-16 00:19 i686 unknown unknown Cygwin ssh: OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003 sshd: sshd version OpenSSH_3.8p1, OpenSSL 0.9.7c 30 Sep 2003 OS running sshd: Windows XP Pro Domain Controller OS: Windows 2003 Server I started sshd service with the -d -d double verbose debug output and ssh client with -v -v double verbose output. I've attached the ssh client, sshd service and cygcheck.out log files. I tried adding +rx to directory /bin, got the same Permission Denied error. I'm not putting the output in the message as it's quite long. Thanks for any help, Mike Igor Pechtchanski wrote: On Sun, 21 Mar 2004, MIke Hanby wrote: Hey y'all, (sorry if this double posts) System: Windows XP Pro with brand new install of cygwin running sshd. This system is a member of a Widnows 2003 Active Directory domain. Problem: I've gone through the config steps listed below and unable to connect to my sshd server. On the sshd server, from the cygwin prompt I enter the following: $ ssh -p 3020 localhost [EMAIL PROTECTED]'s password: Last login: Sat Mar 20 16:01:17 2004 from localhost Fanfare!!! You are successfully logged in to this server!!! /bin/bash: Permission denied Connection to localhost closed. Permissions on /bin/bash were -rwxr-x---+, I tried adding +rx, still get the same error -rwxr-xr-x+ 1 joeshmo Users 527360 Oct 20 07:12 /bin/bash* Here's what I did to configure sshd 1. Installed Cygwin with packages that I downloaded today while logged in as my Active Directory user, joeshmo 2. Created a new Active Directory user, addomain\sshdproc, and added the following rights using the Windows 2003 Server Local Security Policy Create a token object Log on as a service Replcae a process level token Adjust memory quotas for a process 3. Added sshd as a service on the Windows XP Pro machine, it is set to start as the user addomain\sshdproc 4. Ran ssh-host-config and answered YES to all questions, including privilege separation 5. Ran the following on the Windows XP machine mkpasswd -l -d /etc/passwd mkgroup -l -d /etc/group 6. changed permissions on the following files touch /var/log/sshd.log chmod 644 /var/log/sshd.log chown sshdproc /var/empty /var/log/sshd.log /etc/ssh_* 7. Start sshd cygrunsrv --start sshd I then get the error above, /bin/bash: Permission denied Any idea what file(s) it might be referring to? Any ideas on
