On 04.09.24 12:11, Andy Wood via Cygwin wrote:
Running "passwd -R" for 'other_user', as suggested by the subject of
the post, fixed the problems for me.
It looks like sshd isn't handling a login failure properly.
On Tue, Sep 3, 2024 at 7:57 PM Jim McNamara via Cygwin
<cygwin@cygwin.com> wrote:
This looks like a bug. Can anyone help? Is there a work-around?
Hi Andy,
There was some chatter the last week or 2 on someone trying to get ssh to work.
At the archive mailing list, you can read and see if that answers any of it.
I thought the gist of it is that a cipher is being swapped out or something.
Please read archives at the mailing list while you are waiting for a reply for
the past week or 2 msgs.
Also, the other person said they found out information in the release notes for
cygwin that were kind of recent.
I am under the impression that there may be a misbehavior in more recent
Cygwin OpenSSH :-(
I observe the same problem as Andy Wood was having, and found another
very recent identical report at https://serverfault.com/q/1168457/473559.
Their cases, as well as mine, seem to share, that OpenSSH can no longer
correctly authenticate as a user without having the plain text password
stored in the registry.
In my case, this is exclusively limited to domain users. Local users
work correctly. I can see that at least one other report, the one at
Serverfault, is also for a domain user. Also, everything that is
reported at Serverfault applies basically identically to my case, i.e.
the connection being just dropped, and the only relevant message from
OpenSSH being "fatal: seteuid 4096: Function not implemented".
Here more details about my setup:
I'm using current latest Cygwin 3.5.5-1, with OpenSSH version 9.9p1-1.
OpenSSH is installed as the Windows service, setup was performed with
the Cygwin OpenSSH setup script, strict permissions are enabled. I did
check that the service is running as "Local System". I did not set a
plaintext password (due to security considerations), so I do not know
if this would help. However, I can say that local Windows user accounts
just work, was they always did.
I've tested this on three different machines, all with latest Windows
and all updates from today, and the same version of Cygwin and OpensSSH.
I've also tested this with at least two different domain users, albeit
from the same Windows domain.
I've read the README, and followed basically all the tutorials and
docs on the Cygwin website that I could find. Particularly, I understand
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1 so that the
login should work even for domain users without plaintext password,
then OpenSSH is running under the SYSTEM account. This does not work
for me.
I also digged through the mail archive. The only relevant discussion,
with a possible relation to OpenSSH that I could find was the following:
https://cygwin.com/pipermail/cygwin/2024-February/255503.html But I
may read this wrong, so please forgive if this is not helping.
Any help would be greatly appreciated!
All the best,
Mario Emmenlauer
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
