Oct 24

Cygwin’s sshd mysteriously stops working; “operation not permitted”

Category: JHUAPL,Work

This is a technical post just for reference, and hopefully to help out any others who have had this problem.

Several months ago, many PCs on which I have Cygwin’s SSHD installed refused to let me in.  The symptom: when logging in, either remotely or from localhost, my password would be accepted and I’d see the MOTD, but then without ceremony, I’d be logged out without ever seeing a command prompt or an error.  On the server’s windows event log, I saw “operation not permitted.”

After thrashing about for a really long time (months!) I finally hit upon the solution.

First, the problem: it’s something the IT people at work did to my systems.  Every PC presenting this problem had previously worked just fine until some IT department update, after which they all stopped working.  The IT help desk was of no help whatsoever; a problem has to be incredibly obvious before they notice it.  On every PC without the security package, sshd continued to work fine.  I used the same installer for every single PC, so my setup and config was the same – it was something my IT people did that broke it.

Fortunately, there is a way to modify the system to allow it to work again.  I don’t know if it will work in every instance, but in my case, the default owner of a specific directory was at fault, but I couldn’t see this because of the rather cryptic way that cygwin sshd messages are logged by default.

The solution: Change the owner of the directory, and also put sshd log messages in a unix-y place where you can read them from the command line. Here’s the proceedure:

  1. Setup cygwin’s sshd normally by invoking: ssh-host-config -y (If you have been thrashing about trying to solve this problem and have changed permissions and config files, just run the script again to ensure that your setup is reasonable)
  2. DON’T START sshd.
  3. Issue “chown SYSTEM /var/empty”
  4. Uninstall the default sshd service by invoking: cygrunsrv –remove sshd
  5. Reinstall the service and make the sshd output go to /var/log/sshd.log by invoking: cygrunsrv -I sshd -d “Cygwin sshd” -p /usr/sbin/sshd -a ‘-D -e’

I hope this works for you. If not, try storing your password locally using “passwd -R” which encrypts the password in the registry. This is necessary on many enterprise-managed systems which continually change and restore windows policy settings.


6 Comments so far

  1. Matt April 18th, 2014 7:50 AM

    This was just what I needed! I searched and searched. Changed permissions here and there and all sorts of craziness. I’m running my Cygwin on a Win7/64 box under a domain, just so others reading might have a reference.

    Thanks to your expertise, my search was shortened from months to only about an hour or so!

    Good job!

  2. Dan Greenspan April 19th, 2014 2:22 PM

    I’m so glad this helped! I should follow up with my own experience: in some circumstances, this fix didn’t “take.” I never got to the bottom of it.

  3. Listbox October 11th, 2014 11:59 AM

    Noobs may want to know that your post above has fancy quotes that are not compatible with cygwin bash. Also IMHO, long option names are nice when explaining things. So try:

    cygrunsrv –install sshd –disp “Cygwin sshd” –path /usr/sbin/sshd –args “-D -e”

  4. Ape June 26th, 2015 6:21 AM

    There it is! The solution i searched for nearly 5 hours.

  5. Dan Greenspan June 26th, 2015 10:48 AM

    Glad it helped!

  6. Final yone August 8th, 2016 6:05 AM

    Thx from Jap engineer !
    Have Fun !

Leave a comment