Re: McAfee and CygWin SSH

18/08/2006, 10h28

On 2006-08-17, Nico Kadel-Garcia <nkadel@comcast.net> wrote:
> Darren Tucker wrote:
>> This is the point where sshd re-execs itself to handle the new
>> connection. I suspect that this is failing for because of some change
>> that occurred when you installed the software (PATH, maybe?)
>>
>> You can prevent the re-exec by adding "-r" to sshd's command line.
>
> OK, that worked. So it looks like's definitely happening at the re-exec,
> darn it. I'm not familiar enough Windows internals to get into this, and my
> raw SSH coding is pretty rusty. Any ideas other than "run it from inetd"?

You can run sshd as a daemon with -r too.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

20/08/2006, 14h47

Darren Tucker wrote:
> On 2006-08-18, Nico Kadel-Garcia <nkadel@comcast.net> wrote:
>> Darren Tucker wrote:
> [...]
>>> You can run sshd as a daemon with -r too.
>>
>> It seemed to exit after a single connection. I'm wondering if I
>> should try running out of inetd.
>>
>> (Dig, dig, dig.)
>>
>> Ahh, that only happened if I used the "-d" option as well. It seems
>> to be operating now by using the flags "-D -r" instead of just -D,
>> which is what CygWin's ssh-host-config sets it up for.
>>
>> Hmm. Is this a change that should be pushed through CygWin's setup
>> tools?
>
> No. It doesn't work because there's something funky with your system
> but normally it should work fine.

It's a fairly common funkiness: there are a stack of reports of McAfee SSHD
failures on the web and in the McAfee and CygWin forums or mailing lists,
with various workarounds of disabling the "Buffer Overflow Protection" of
McAfee version 8.0 or 8.1. That configuration switch isn't available in
their current "McAfee Security Center" software, or I'd have tried it. But
it does give a software hint about what is going on.

>> And to the manpage for sshd?
>
> Maybe.

Please, yes. The "-r" option isn't even mentioned in the 4.3p1 or 4.3p2 man
pages that I'm reading right now. Having secret command line options is one
of the banes of my software existence.

18/08/2006, 10h28	#1
Darren Tucker Messages: n/a Hébergeur:	Re: McAfee and CygWin SSH On 2006-08-17, Nico Kadel-Garcia <nkadel@comcast.net> wrote: > Darren Tucker wrote: >> This is the point where sshd re-execs itself to handle the new >> connection. I suspect that this is failing for because of some change >> that occurred when you installed the software (PATH, maybe?) >> >> You can prevent the re-exec by adding "-r" to sshd's command line. > > OK, that worked. So it looks like's definitely happening at the re-exec, > darn it. I'm not familiar enough Windows internals to get into this, and my > raw SSH coding is pretty rusty. Any ideas other than "run it from inetd"? You can run sshd as a daemon with -r too. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.

20/08/2006, 14h47	#2
Nico Kadel-Garcia Messages: n/a Hébergeur:	Re: McAfee and CygWin SSH Darren Tucker wrote: > On 2006-08-18, Nico Kadel-Garcia <nkadel@comcast.net> wrote: >> Darren Tucker wrote: > [...] >>> You can run sshd as a daemon with -r too. >> >> It seemed to exit after a single connection. I'm wondering if I >> should try running out of inetd. >> >> (Dig, dig, dig.) >> >> Ahh, that only happened if I used the "-d" option as well. It seems >> to be operating now by using the flags "-D -r" instead of just -D, >> which is what CygWin's ssh-host-config sets it up for. >> >> Hmm. Is this a change that should be pushed through CygWin's setup >> tools? > > No. It doesn't work because there's something funky with your system > but normally it should work fine. It's a fairly common funkiness: there are a stack of reports of McAfee SSHD failures on the web and in the McAfee and CygWin forums or mailing lists, with various workarounds of disabling the "Buffer Overflow Protection" of McAfee version 8.0 or 8.1. That configuration switch isn't available in their current "McAfee Security Center" software, or I'd have tried it. But it does give a software hint about what is going on. >> And to the manpage for sshd? > > Maybe. Please, yes. The "-r" option isn't even mentioned in the 4.3p1 or 4.3p2 man pages that I'm reading right now. Having secret command line options is one of the banes of my software existence.

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email