Re: cygrunsrv autossh - tunnel does not come up
> >> > I have problems running autossh via cygrunsrv on WIN2003: >> > >> > /bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-M 2 -g2CN -R >> > 20120:localhost:3389 -i /etc/key-rsa -p 20012 u...@192.168.100.12" -e >> > AUTOSSH_NTSERVICE=yes -y tcpip --type auto >> > >> > As soon as I start the service (net start autossh) it stops. So it >> looks >> > like it never came up: >> > Autossh.log: >> > 2009/01/08 23:26:25 autossh[10148]: starting ssh (count 1) >> > 2009/01/08 23:26:25 autossh[10148]: ssh child pid is 9528 >> > Host key verification failed. >> > 2009/01/08 23:26:25 autossh[10148]: ssh exited prematurely with status >> 255; >> > autossh exiting >> > >> > Running just ssh or autossh the tunnel comes up and stays: >> > ssh: ssh -v -g2CN -R 20120:localhost:3389 -i /etc/key-rsa -p 20012 >> > u...@192.168.100.12 >> > autossh: /bin/autossh -M 2 -g2CN -R 20120:localhost:3389 -i >> /etc/key-rsa >> > -p 20012 u...@192.168.100.12 >> >> There's a big difference between running it as a service like you did, >> and running it as a user. ... I have no idea to use a different user on cygwin than my windows domain root. Should I just edit the /etc/passwd and create a new user pointing to a new cygwin_home -> /home/new-user? So I keep trying it with the my dom-root account. ... > A good way to get more information about why the service fails to start > would be > to add -v or -vv to the ssh flags (within the argument of -a). okieh; I did the connection using -v with ssh and autossh. Looking to both outputs I see a big difference ssh: bash-3.2$ ssh -v -i /etc/ssh/tu_LAN2DMZ_rsa -g -2C -N -R 20120:localhost:3389 -p 20012 u...@192.168.100.12 OpenSSH_5.1p1, OpenSSL 0.9.8j 07 Jan 2009 debug1: Reading configuration data /home/root/.ssh/config debug1: Reading configuration data /etc/ssh_config debug1: Connecting to 192.168.100.12 [192.168.100.12] port 20012. debug1: Connection established. debug1: identity file /etc/ssh/tu_LAN2DMZ_rsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2 debug1: match: OpenSSH_4.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 z...@openssh.com debug1: kex: client->server aes128-cbc hmac-md5 z...@openssh.com debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '[192.168.100.12]:20012' is known and matches the RSA host key. debug1: Found key in /home/root/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /etc/ssh/tu_LAN2DMZ_rsa debug1: read PEM private key done: type RSA debug1: Enabling compression at level 6. debug1: Authentication succeeded (publickey). debug1: Remote connections from LOCALHOST:20120 forwarded to local address local host:3389 debug1: Requesting no-more-sessi...@openssh.com debug1: Entering interactive session. debug1: remote forward success for: listen 20120, connect localhost:3389 debug1: All remote forwarding requests processed autossh: bash-3.2$ /bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-v -M 2 -g2CN -R 20120:localhost:3389 -i /etc/ssh/tu_LAN2DMZ_rsa -p 20012 u...@192.168.100.12" -e AUTOSSH_NTSERVICE=yes -y tcpip --type auto 2009/01/27 22:22:35 autossh[4876]: starting ssh (count 1) 2009/01/27 22:22:35 autossh[4876]: ssh child pid is 5028 OpenSSH_5.1p1, OpenSSL 0.9.8j 07 Jan 2009 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to 192.168.100.12 [192.168.100.12] port 20012. debug1: Connection established. debug1: identity file /etc/ssh/tu_LAN2DMZ_rsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2 debug1: match: OpenSSH_4.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 z...@openssh.com debug1: kex: client->server aes128-cbc hmac-md5 z...@openssh.com debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: checking without port identifier debug1: read_passphrase: can't open /dev/tty: No such device or address debug1: permanently_drop_suid: 18 ssh_askpass: exec(/usr/sbin/ssh-askpass): No such file or directory Host key verification failed. 2009/01/27 22:22:36 autossh[4876]: ssh exited prematurely with
Re: cygrunsrv autossh - tunnel does not come up
> > Hm, I'm surprised to hear that. I haven't run autossh as a service in a > > while, > > but when I did it worked very reliably for me. Can you tell me anything > > more > > about how or why it fails to start? > > No, sorry, there's no useful information on the events or on any log; I > just start it manually when it fails. OK. Well if you feel like pursuing this, I think that adding -v or -vv into the autossh arguments in the service definition should give you some useful log information, which you could post here. Andrew. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: cygrunsrv autossh - tunnel does not come up
Andrew Schulman wrote: > Hm, I'm surprised to hear that. I haven't run autossh as a service in a > while, > but when I did it worked very reliably for me. Can you tell me anything more > about how or why it fails to start? No, sorry, there's no useful information on the events or on any log; I just start it manually when it fails. My guess is that since networking is very slow to get started on my computer, and that's a feature of my network card / driver (I can see the link go up on the switch long after boot up, after Windows starts in fact, about when the login window appears) and the service dependency doesn't help (that's a feature of Windows, it probably is starting the service before the network is really up) the first logon attempt fails and somehow autossh gives up, after bootup it behaves as it should reestablishing the connection when lost, but not on first start, that's why I guess the network is not really up and that makes the difference. -- René Berber -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: cygrunsrv autossh - tunnel does not come up
> > I have problems running autossh via cygrunsrv on WIN2003: > > > > /bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-M 2 -g2CN -R > > 20120:localhost:3389 -i /etc/key-rsa -p 20012 u...@192.168.100.12" -e > > AUTOSSH_NTSERVICE=yes -y tcpip --type auto > > > > As soon as I start the service (net start autossh) it stops. So it looks > > like it never came up: > > Autossh.log: > > 2009/01/08 23:26:25 autossh[10148]: starting ssh (count 1) > > 2009/01/08 23:26:25 autossh[10148]: ssh child pid is 9528 > > Host key verification failed. > > 2009/01/08 23:26:25 autossh[10148]: ssh exited prematurely with status 255; > > autossh exiting > > > > Running just ssh or autossh the tunnel comes up and stays: > > ssh: ssh -v -g2CN -R 20120:localhost:3389 -i /etc/key-rsa -p 20012 > > u...@192.168.100.12 > > autossh: /bin/autossh -M 2 -g2CN -R 20120:localhost:3389 -i /etc/key-rsa > > -p 20012 u...@192.168.100.12 > > There's a big difference between running it as a service like you did, > and running it as a user. Agreed. "Host key verification failed" tells me that either the permission or the ownership of /etc/key-rsa is wrong-- if you're going to run autossh as a SYSTEM service, then the key has to be owned by SYSTEM and only readable by it. Another possibility is that the key is encrypted, so SYSTEM can't read it without a password; maybe your user process is getting it from an ssh-agent. A good way to get more information about why the service fails to start would be to add -v or -vv to the ssh flags (within the argument of -a). > First thing to try: run the service as your user, i.e. add --user name> to the service installation. Yes, this is really better. I need to recommend this in the autossh README. > And don't expect too much, I use it all the time and it works but it > fails to start very often, I end up starting it manually. Hm, I'm surprised to hear that. I haven't run autossh as a service in a while, but when I did it worked very reliably for me. Can you tell me anything more about how or why it fails to start? Andrew. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: cygrunsrv autossh - tunnel does not come up
hooner wrote: > I have problems running autossh via cygrunsrv on WIN2003: > > /bin/cygrunsrv.exe -I AutoSSH -p /bin/autossh -a "-M 2 -g2CN -R > 20120:localhost:3389 -i /etc/key-rsa -p 20012 u...@192.168.100.12" -e > AUTOSSH_NTSERVICE=yes -y tcpip --type auto > > As soon as I start the service (net start autossh) it stops. So it looks > like it never came up: > Autossh.log: > 2009/01/08 23:26:25 autossh[10148]: starting ssh (count 1) > 2009/01/08 23:26:25 autossh[10148]: ssh child pid is 9528 > Host key verification failed. > 2009/01/08 23:26:25 autossh[10148]: ssh exited prematurely with status 255; > autossh exiting > > Running just ssh or autossh the tunnel comes up and stays: > ssh: ssh -v -g2CN -R 20120:localhost:3389 -i /etc/key-rsa -p 20012 > u...@192.168.100.12 > autossh: /bin/autossh -M 2 -g2CN -R 20120:localhost:3389 -i /etc/key-rsa > -p 20012 u...@192.168.100.12 There's a big difference between running it as a service like you did, and running it as a user. First thing to try: run the service as your user, i.e. add --user to the service installation. And don't expect too much, I use it all the time and it works but it fails to start very often, I end up starting it manually. -- René Berber -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/