X2Go Bug report logs - #1156
SSH daemon could not be started

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: John Cobo <john.cobo@gmail.com>

Date: Thu, 16 Mar 2017 12:40:02 UTC

Severity: normal

Tags: pending

Fixed in version 4.1.2.0

Done: X2Go Release Manager X2Go Release Manager <git-admin@x2go.org>

Bug is archived. No further changes may be made.

Full log


Message #34 received at 1156@bugs.x2go.org (full text, mbox, reply):

Received: (at 1156) by bugs.x2go.org; 5 May 2018 00:40:37 +0000
From jkl@calibersecurity.com  Sat May  5 02:40:06 2018
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=0.7 required=3.0 tests=BAYES_50,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE autolearn=ham autolearn_force=no
	version=3.4.1
Received: from localhost (localhost [127.0.0.1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 2088C5DAE9
	for <1156@bugs.x2go.org>; Sat,  5 May 2018 02:40:06 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de
Received: from ymir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id SArKPh6ceSxc for <1156@bugs.x2go.org>;
	Sat,  5 May 2018 02:39:51 +0200 (CEST)
Received: from mail-wm0-x22f.google.com (mail-wm0-x22f.google.com [IPv6:2a00:1450:400c:c09::22f])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 3CF9A5DA81
	for <1156@bugs.x2go.org>; Sat,  5 May 2018 02:39:51 +0200 (CEST)
Received: by mail-wm0-x22f.google.com with SMTP id l1-v6so7517136wmb.2
        for <1156@bugs.x2go.org>; Fri, 04 May 2018 17:39:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=calibersecurity.com; s=google;
        h=mime-version:from:date:message-id:subject:to;
        bh=0MfCo8cH1KuWN1QWtkNDv08rs7mZaKlIwWTHoOq+ZG8=;
        b=OQS0A2rAoZGP0MnMF8yAabXvbnrx7ZM6vjmwacIgZ9DKD5pbLy8p0zTOjrTc9o26xU
         uslYtNGB/mDP15yAtGh0FQHgmt6CFPFvt3wPIiUOEzUsEH8M7zxyNyccciwfgPE9ll0w
         uEmAYXFViw78BfH1+8WLsvnJwrZXevSqcX4L4BdRkMcjWJuBLt5asBFP0Rc9tkPFtEuK
         SBbX9cWdaqXOf3lZd7Wz4u1w6GZTivYeRAj17iJ+xXr/6Eqd8iDhIM/0XImPZxp7oKz9
         1Fva/jZkNit79ZkKOpAq+rrzBIoqtgzG0pig0OZwpwaE4hGyEfJpP6aANyncC99LZn/2
         lMNw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=0MfCo8cH1KuWN1QWtkNDv08rs7mZaKlIwWTHoOq+ZG8=;
        b=N/aFB2OUiIevvUc5vLkYWbhBaGuuvHZi19F9/x/IEdvDJgN7nKCJHEk5DOtx10GDez
         aXFf4xuPMjqgDx9peIKXEogxPQtIrvEZUaQlMvL6vNolCIo0ZRRz7yK93m5F74mkexOh
         eWNOGK2J2/EKBhB4oWVJYTYG9QYLHgVJOH1SdFXrFuGjfryF+AWpZN3l6Y2/CfLZRu/8
         O6pPf9MEsdBtXGzXJSoX+LGLJ0MUnH0ZHoEQqBXbS/G0nVGFvycQD+Rxbk2qIj1G3vWH
         7DCQek3RWzS6MGKa8VNHn1OlGyWFJackVrv6n4avQwp5ZH4l3wPYTA+0X0ImIIQFe+pe
         t4Ig==
X-Gm-Message-State: ALQs6tCRSzJbOCBupS/cHpnYcOG4u/5bf5cZsmSy/3BWVSA6nyv3ZUzq
	XlZxFmS2GKhYB8P4UcFV1vWNnH/AMGXO8bpCUUZqJTl3qco=
X-Google-Smtp-Source: AB8JxZoSndirb4+QXjFaVrLv87NwFo2tD6/gxPcyGFdvSq3Aehc+2YemqjSpUhJy2OnL5dmj9lAePawkhuh2i8VehpA=
X-Received: by 10.28.48.206 with SMTP id w197mr16816830wmw.22.1525480790497;
 Fri, 04 May 2018 17:39:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.104.84 with HTTP; Fri, 4 May 2018 17:39:49 -0700 (PDT)
From: Jonathan Landis <jkl@calibersecurity.com>
Date: Fri, 4 May 2018 17:39:49 -0700
Message-ID: <CAFo4EaD5bNH-HWQsZgjwFmto9W1B0P3UaPEOs8rAAhe6DNL9Bw@mail.gmail.com>
Subject: another workaround
To: 1156@bugs.x2go.org
Content-Type: multipart/alternative; boundary="001a11422d82a14bdd056b6aac80"
[Message part 1 (text/plain, inline)]
You can fix the file permissions without Cygwin, but not with File
Explorer. You need to use the industrial-strength subinacl.exe tool
available for free from Microsoft. It's often the only option for
permissions issues, so it is useful to have around.

As noted earlier in the thread, the ssh_host_rsa_key file's primary group
is the same as the user. So the group permissions are the user permissions,
and there is no possible way to satisfy the permissions requirements, even
if you delete all permissions entries except the one for the user.

So what you have to do is set the primary group to something else, and make
sure that it doesn't have access to the file. Like this:

"c:\Program Files (x86)\Windows Resource Kits\Tools\subinacl.exe" /file
ssh_host_rsa_key /setprimarygroup=Administrators

That will set the primary group to the builtin Administrators group. Make
sure that group doesn't have an access grant (which can be done in File
Explorer if desired).
[Message part 2 (text/html, inline)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Fri Mar 29 11:03:33 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.