ssh logon failure

CONTENTS DELETED

CONTENTS DELETED

CONTENTS DELETED

CONTENTS DELETED

CONTENTS DELETED

CONTENTS DELETED

CONTENTS DELETED

CONTENTS DELETED

CONTENTS DELETED

CONTENTS DELETED

CONTENTS DELETED

I experienced the "operation not permitted" problem as many others have.  

I had not changed my setup when the error was experienced, but I noticed
that every computer which presented this difficulty was a work machine with
our IT security suite installed.  On every PC _without_ an IT security
package, cygwin sshd worked just fine out of the box. On any PC without a
security package which subsequently had one installed, sshd stopped working.

Like at least one other user, I have concluded that my "evil" IT people are
the root cause of the problem.  However, they are of no help whatsoever. By
some combination of dumb luck, relentless hacking and bits of help online, I
arrived at the following conslusions and solution:

Problem one: by default, cygwin sshd uses the windows log, which is hard to
read and doesn't contain the desired diagnostic output. Fixing this revealed
useful clues.

Problem two: /var/empty had the incorrect owner.

THE FIX:

1) Setup cygwin's sshd normally by invoking: ssh-host-config -y (If you have
been thrashing about trying to solve this problem and have changed
permissions and config files, just run the script again to ensure that your
setup is reasonable)
2) DON'T START sshd.
3) Issue "chown SYSTEM /var/empty"
4) Uninstall the default sshd service by invoking: cygrunsrv --remove sshd
5) Reinstall the service and make the sshd output go to /var/log/sshd.log by
invoking: cygrunsrv -I sshd -d "Cygwin sshd" -p /usr/sbin/sshd -a '-D -e'

I hope this works for you.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

CONTENTS DELETED

Larry, thanks for your reply.  I am using windows 7.  I've tried changing ownership of /var/empty to cyg_server, but this doesn't help.

FYI my "Fix" only worked for a day before failing again.  Now I'm back to square one.

Furthermore, I've just discovered that I _can_ log in as the cyg_server user!  From there, if i attempt to su to myself (user greendg1), I see this:

---
$ su - greendg1
su: warning: cannot change directory to //APLFS01/GREENDG1$: Not a directory
mkdir: cannot create directory `//APLFS01': Read-only file system
//APLFS01/GREENDG1$ could not be created.
Setting HOME to /tmp.
---

This utterly confuses me; I know what APLFS01 is, but not why it's part of this horrible mix... I'm guessing that I have an environment variable problem, and that depending upon how I log in and when, the environment is improperly set, which is causing bash to fail, which is why I get the "operation not permitted" error.  But this is all conjecture.  

What variable contains the value that bash uses (or ssh or su pass to bash)?

CONTENTS DELETED

CONTENTS DELETED

I feel like a terrier peeling away an onion.  Darn it, this is going to work!  

I agree with your comment about being in the weeds and started over, in the process discovering why HOME was set improperly (using the domain switch for mkpasswd instead of local). I reinstalled ssh, re-ran ssh-host-config, and now am in this situation: I can ssh in, but only using public key authentication.  Passwords do not work (and they must for this application).

When I use a password, the login process seems like it's working - I see the MOTD, but am immediately disconnected.  The server logs simply state that the client disconnected.  The client -vvv option shows this (everything before MOTD not shown):

***********************************************************
**  Here is the MOTD   **
***********************************************************

debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)

Connection to 192.168.200.98 closed.
Transferred: sent 2736, received 2532 bytes, in 0.1 seconds
Bytes per second: sent 19456.0, received 18005.3
debug1: Exit status 1

-I have tried temporarily removing my .bashrc, .profile and so on, but this does not change the issue.  
-.ssh is owned by me and is mode 700; all .ssh contents are owned by me and are mode 600
-I've issued "chmod 600 /etc/ssh*"
-I've manually examined all binaries in /bin, /usr/bin, and /usr/sbin to verify that they have reasonable modes and owners (all are owned by me (an administrative user), and all are mode 755)
-I own my directory in /home and it has mode 755
-I am not using PAM
-Passwords are not turned off in /etc/sshd_config

Attached is the output of cygcheck.
cygcheck.txt