2

I run an Openssh sshd service from Cygwin. When an RSA connection is established:

$ ssh Administrator@ZETA

Last login: Wed May 11 13:58:50 2016 from 10.1.1.140

-- there is no error message.

However, when I use an inline command:

$ ssh Administrator@ZETA "echo hi"

hi

-- the command works, but on ZETA the Windows Event Log now says:

sshd: PID 7068: error: get_socket_address: getnameinfo 2 failed: Unknown error

Calling this often fills the Event Log with errors.

Starting sshd on command line in debug mode:

 /usr/sbin/sshd -ddd

-- produces no error. It also runs under different user and I had to chown administrator /var/empty for it to work.

Trying to start sshd in debug mode as Windows service, as recommended in https://cygwin.com/ml/cygwin/2014-03/msg00488.html fails:

$ /usr/bin/cygrunsrv -I sshd -d "CYGWIN sshd_debug" -p /usr/sbin/sshd -a "-D -d -d -d" -y tcpip

/usr/bin/cygrunsrv: Error installing a service: OpenService: Win32 error 1073: The specified service already exists.

Muposat
  • 121
  • 9

1 Answers1

1

To resolve your cygrunsrv error while installing an sshd_debug service, you also have to change the <service_name> and not only the <service display name> in:

cygrunsrv -I <service_name> -d "<service display name>" -p <service_path>

where

  • <service_name> is the windows internal service name
  • <service display name> is the name displayed in services.msc list

OR you have to stop and remove the already defined service sshd first, before trying to define it again using debug parameters.

Note: The commands below have to be entered in a shell with admin privileges. When sshd is run in debug mode with -d, -dd or -ddd, the server will not fork and will only process one connection and then stop.

To define a second sshd_debug service:

To install a second service named sshd_debug:

/usr/bin/cygrunsrv -I sshd_debug -d "CYGWIN sshd_debug" -p /usr/sbin/sshd -a "-D -d -d -d" -y tcpip

Note that a particular <service_name> or <service display name> cannot be defined more than once, otherwise an error will thrown by cygrunsrv.

Before you start your new sshd_debug service, the normal sshd service has to be stopped:

/usr/bin/cygrunsrv -E sshd

Now start the sshd_debug service:

/usr/bin/cygrunsrv -S sshd_debug

To redefine with the existing sshd service_name:

Another example which will make the cygrunsrv command from your question work (using the service name: sshd):

# Stop the service
/usr/bin/cygrunsrv -E sshd

# Remove the service
/usr/bin/cygrunsrv -R sshd

# Install using the same service_name with debug options
/usr/bin/cygrunsrv -I sshd -d "CYGWIN sshd_debug" -p /usr/sbin/sshd -a "-D -d -d -d" -y tcpip

# Start the service
/usr/bin/cygrunsrv -S sshd

To install a service under a specific account

/usr/bin/cygrunsrv -I sshd_debug -d "CYGWIN sshd_debug" -p /usr/sbin/sshd -a "-D -d -d -d" -y tcpip -u "<account_name>" -w "<password>"

Error: get_socket_address: getnameinfo 2 failed

The function get_socket_address throwing the error message is defined in canohost.c:

static char *
get_socket_address(int sock, int remote, int flags)
{
    ...
    switch (addr.ss_family) {
    case AF_INET:
    case AF_INET6:
        /* Get the address in ascii. */
        if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
            sizeof(ntop), NULL, 0, flags)) != 0) {
            error("get_socket_address: getnameinfo %d failed: %s",
                flags, ssh_gai_strerror(r));
            return NULL;
        }
        return xstrdup(ntop);
    ...
    }
}

It calls a function getnameinfo with flag NI_NUMERICHOST, which should return a string with the human readable IP address of either the (remote) peer_ipaddr or the local_ipaddr. However, the function fails with an unknown EAI_SYSTEM error (A system error occurred).

So this does not help a lot, but it might indicate that the error has to do with DNS name resolution.

To troubleshoot you could check if the name resolution is working:

# netstat: check where sshd listens and if you have any errors
netstat -ano | grep ":22"
netstat -ao | grep ":22"


# reverse dns lookup
nslookup <remote_ip_address>
nslookup <local_ip_address>

# forward dns lookup (using the hostnames returned by the above commands)
nslookup <remote_hostname>
nslookup <local_hostname>


# or for example using dig

# reverse dns lookup
dig -x <remote_ip_address>
dig -x <local_ip_address>

# forward dns lookup (using the hostnames returned by the above commands)
dig <remote_hostname> +search
dig <local_hostname> +search
  • The reverse dns lookup should return the fqdn
  • The forward dns lookup should return the IP address
rda
  • 1,887
  • 1
  • 12
  • 20
  • Thank you. This does not work for me, however. Both second service and redefining existing service succeed, but cannot start:```$ /usr/bin/cygrunsrv -S sshd_debug1 /usr/bin/cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error 1062: The service has not been started. ```. Normal sshd service always starts. – Muposat May 17 '16 at 18:39
  • Also after "Install using the same service_name with debug options" I don't know how to restore what was installed before. – Muposat May 17 '16 at 18:43
  • On my system I had the same, it could be a bug or something else not working. I had to define the service twice using `cygrunsrv -I` (on the second attempt I had an error: `service already exists...`) but after that the start command `cygrunsrv -S` worked. Also check `netstat -ano` and the task manager (all processes) if the `sshd` process is still running, I had to kill it manually sometimes. – rda May 17 '16 at 18:44
  • To restore the original configuration, stop any running sshd service `cygrunsrv -E `, remove the sshd services `cygrunsrv -R sshd` (and optional `cygrunsrv -R sshd_debug`). Then from a privileged shell run `/usr/bin/ssh-host-config`. You can also check what the script does exactly, by running `cat /usr/bin/ssh-host-config | grep -B 2 -A 10 "cygrunsrv -I"` – rda May 17 '16 at 18:56
  • Service restored by ssh-host-config. I will try to run debug as a separate service. So far no luck though. – Muposat May 17 '16 at 19:13
  • Partial success. I went to Windows Services and found that the original sshd was using account/password. Modified sshd_debug service with the same and it started. – Muposat May 17 '16 at 19:21
  • This is the -d -d -d debug info I get on the client side now: ```...debug3: Copy environment: WINDIR=C:\\Windows get_socket_address: getnameinfo 2 failed: Unknown error ``` not as helpful as I had expected – Muposat May 17 '16 at 19:22