On Sun, Aug 16, 2020 at 11:36:10AM +0200, Marco Atzeri via Cygwin wrote: > On 16.08.2020 10:17, Subramanya Narayanaswamy via Cygwin wrote: > > Hi Team, > > > > I'm facing below issue while trying to start CYGSSHD server. I'm running > > the below command as an Administrator but not sure why cygsshd is not > > starting. Any help? > > -------------------------------------------------------------- > > $ net start cygsshd > > The CYGWIN cygsshd service is starting. > > The CYGWIN cygsshd service could not be started. > > > > The service did not report an error. > > > > More help is available by typing NET HELPMSG 3534. > > > > Subramanya > > > > I saw the same problem. > The /var/log/sshd.log gave me the hint: > ----------------------------------------------- > Permissions 0640 for '/etc/ssh_host_rsa_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > .. > Permissions 0640 for '/etc/ssh_host_ecdsa_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > .. > Permissions 0640 for '/etc/ssh_host_ed25519_key' are too open. > It is required that your private key files are NOT accessible by others. > This private key will be ignored. > sshd: no hostkeys available -- exiting. > ------------------------------------------------
/var/log/sshd.config may provide helpful clues even if the issue is different from loose permissions on the private keys. Let us know what you find there if you are still having trouble. > from the Admin account > > $ cd /etc > $ chmod 600 ssh* > > solved the problem It may have but ... There is no need to restrict permissions on the public keys and restricting permissions on /etc/ssh_config may interfere with ssh client use by non-Administrator users. Moreover, I don't think /etc/sshd_config needs to be restricted though that could be a judgement call. Perhaps $ chmod 600 ssh_host_*_key is enough to fix the private key permissions, if in fact that is the problem. > $ cygrunsrv -Q cygsshd .... "cygrunsrv -V -Q cygsshd" will reveal even more information. --Stephen -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
