I forgot to mention you should be logged in as root whenever making any Cygwin sshd configuration changes. This includes running the updatecygwin.vbs script. There may be workarounds but I have never been able to get sshd configured while logged in as another user. Try this:

-log in as root at console or via RDP
-Open shell: C:\cygwin\cygwin.bat
-net stop sshd (if it's already running)
-rm -f /etc/ssh*
-ssh-host-config -y
 (Correct any errors that appear. It should tell you what to do. You may have
 to change permissions on /var/empty, /etc/passwd, /etc/group, and others.)
-net start sshd
 (If you get a credentials error, make sure root account password and sshd
  service password match)
-run cscript.exe updatecygwin.vbs
 (This is just a test. It will redo some of the things ssh-host-config did.)

A way to specify public/private IP addresses needs to be designed out. There are other places where you might have trouble if using 10.* for public addresses. Take a look at postconfig.vbs. This may be a cause some of the problems you're seeing. This script has some hard-coded IP address patterns.


Melba Lopez wrote:
Thanks Andy.

Initially running the script did not work.  It continued to give me a
permissions denied error.  Turns out, that the "group" for all the files
were set to "none".  Doing a *chown root:administrators * *I thought did the
trick.  After redeploying the new image, we still encountered the same
problem where the scripts would not run because of permissions.
After we mucked around with the priviledges some, we think it may have
something to do with the encryption that is set at the beginning.   We found
a post online from someone who was trying to back out of encryption, after
sysprepping killed the sid.

"This is directly from MS and it explains how and why you are out of luck.
The problem that comes into play is that the user's SID is involved in the
formulation of the encryption key and after a rebuild that original data no
longer exists, unless you have a recovery key. "

Perhaps this is the permissions problem we've been having and have not been
able to get around??  Not sure if you've encountered issues with encryption.

I decided to start fresh without encryption and increased the sleep cycle
for ssh from 5 secs to 15 in esx.pm so it wouldn't fail before cygwin was

SSH worked this time, however, we we're having issues with our public ip
address being in the 10. network like in linux.  We commented out the
following line in utils.pm code so that it wouldn't error out when it saw a
10. address for public.

@sshcmd = run_ssh_command($node, $identity, "ipconfig", "root");
for my $l (@{$sshcmd[1]}) {
# skip class a,b,c private addresses
next if ($l !~ /IP.*Address[\s\.:]*([\d\.]*)/);
my $ip_address = $1;
#next if ($ip_address =~ /^10\./);   <----commented out
next if ($ip_address =~ /^127\./);
next if ($ip_address =~ /^172\./);

On Mon, Apr 13, 2009 at 10:23 AM, Andy Kurth <andy_ku...@ncsu.edu> wrote:

Cygwin sshd does indeed break during the imaging process.  The
updatecygwin.vbs script runs after an image is loaded and should fix the
sshd service.  It recreates the group and passwd files and also regenerates
the computer's SSH host keys because they are no longer valid.

Try running this command to see if it fixes sshd:
cscript.exe "C:\Documents and Settings\root\Application

If this fixes sshd, you'll need to troubleshoot why the script didn't run
automatically after the image was loaded.  The sequence should be:
-image loaded
-root automatically logs in
-VCLprepare.cmd runs
-updatecygwin.vbs is called from VCLprepare.cmd

If this doesn't fix sshd, there is something wrong with the sshd setup in
the image:
-Log in as root
-start the Cygwin shell (C:\cygwin\Cygwin.bat)
-try running cygrunsrv.exe -S sshd

This may display an error message telling you why it couldn't be started.
 If this doesn't help, try running ssh-host-config.  It also may tell you
what needs to be corrected.


Melba Lopez wrote:

PS.  It seems as though cygwin sshd stops working after sysprep.  I tried
ssh'ing a few times after the auto_create_image.vbs scripts (from VCL to
VM) and it seemed to worked fine.  Perhaps sysprep or one of the vcl
that are run after deployment changes something?

On Fri, Apr 10, 2009 at 3:21 PM, Melba Lopez <milo...@gmail.com> wrote:

 During our Windows XP windows creation we had no problems configuring
sshd.  I was able to ssh back and forth from VCL to the VM.
However, after deployment of the VM, cygwin sshd never starts up.  I'm
to login to the VM and ssh into VCL.  However, VCL cannot SSH into the
windows vm and the vm cannot ssh into itself.  I get the following error:

 "ssh: Connect to host <ip> port 22: Connection Refused".

I verified that the port is open on the Windows VM.

I tried starting the cygwin sshd service, but I get the following

"The CYGWIN sshd service on Local Computer started and then stopped.

services stop automatically if they have no work to do, for example, the
Performance Logs and Alerts service"

As I mentioned before, sshd did work during the creation of the VM.  I
followed all the steps on the wiki and went further to create the VM from
scratch all over again, but same thing happens. Is there something I'm

Melba Lopez

Andy Kurth
Virtual Computing Lab
Office of Information Technology
North Carolina State University

Andy Kurth
Virtual Computing Lab
Office of Information Technology
North Carolina State University

Reply via email to