This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Potential bug in sshd


Thanks Rob,

Ah yes, this explains the "zombie" processes as I cannot make actual
client connections.

Something is very bizarre with my cygwin setup here. I've noticed
other symptoms too: on reinstalling cygwin the info-update and cygwing
post-install scripts hang. In fact, after the cygwin install
supposedly finished, on logging out windows complained that 'cygwin
post-install scripts' were still up and it couldn't kill them.

So it seems that on attempting to connect the sshd thread hangs too
"unexpectedly closing the connection" or sometimes just hanging the
client.

To answer your question Rob, no I have not experienced any other
network problems, or unusually high traffic (this is my desktop
machine). Plus, I'm trying to do this from/to localhost.

! One thing I did notice as I was looking for logs to send in to the
list is that the System Events log is that recently I've had a barrage
of attempted break-ins via ssh (failed logins as root, admin, etc.). I
trust that OpenSSH is pretty solid, have experienced this before, and
don't make too much of it... but could this have melted my system?!

Finding useful info was easy enough (/var/log/ssh), here is an
excerpt. Speculation: this does seem to support the symptoms I'm
having (dropped connections from "worker" threads, no response, etc.).
I don't "read" Win32 logs but I have a hunch someone can ID this
problem on the spot.

 4864 [main] sshd 8156 C:\cygwin\usr\sbin\sshd.exe: *** fatal error
- C:\cygwin\usr\sbin\sshd.exe: *** recreate_mmaps_after_fork_failed
    2 [main] sshd 8144 child_info::sync: wait failed, pid 8156, Win32 error 0
   59 [main] sshd 4368 child_copy: linked dll data write copy
failed, 0x3EC000..0x3EC040, done 0, windows pid 2276036, Win32 error
487
3757715 [main] sshd 4368 child_copy: linked dll data write copy
failed, 0x3EC000..0x3EC040, done 0, windows pid 2276036, Win32 error
487
24253452 [main] sshd 4368 child_copy: linked dll data write copy
failed, 0x3EC000..0x3EC040, done 0, windows pid 2276036, Win32 error
487


HAS MY SYSTEM BEEN COMPROMISED?!


Mike

On 9/12/06, Rob Bosch <robbosch@msn.com> wrote:
Sshd will spawn processes that deal with individual connections so even
though you stop the service there may still be sshd processes running.  The
way to tell if your sshd daemon is stopped is to run a netstat -a | find
"ssh" | find "LISTEN".  This will only find sshd processes that are
listening for new connections and not the ones that are established to deal
with existing ssh connections.

I've experienced connection problems from time to time with sshd on cygwin.
Almost always this is either due to high load on the receiving server and it
just can't handle it, or a problem with the network connection.

Are your connections all on the LAN or WAN?





-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]