PuTTY error: /bin/bash Operation not permitted when connecting to Cygwin sshd

Question

When trying to connect to an SSH server using PuTTY, I get an error:

/bin/bash: Operation not permitted

And then I get a message box saying:

Connection closed by remote host

This started happening unexpectedly today and I have no idea why, the SSH connection used to work fine before that.

What is causes this error, and is there any way to fix it?

Edit: The server is a Windows box, not Linux, and it is running Cygwin's sshd. Also I found this post which I think might be relevant - https://cygwin.com/ml/cygwin/2016-03/msg00097.html

Answer 1

Here is a more direct way doing what the previous posts by Константин Брызгалов and Mun-dee say. Run a cygwin terminal as Administrator, then:

# stop the running sshd:
net stop sshd
# give the ssh user required privileges:
editrights -a SeTcbPrivilege -u cyg_server
editrights -a SeAssignPrimaryTokenPrivilege -u cyg_server
editrights -a SeCreateTokenPrivilege -u cyg_server
# restart sshd:
net start sshd

Answer 2

I spent a lot of time trying to solve the same problem. Accidentally stumbled upon a solution here:

https://cygwin.com/ml/cygwin/2015-08/msg00162.html

On cygwin server:

1. Go to Control Panel > Administrative Tools.
2. Select Local Security Policy > Local Policies > User Rights Assignment.
3. Right-click Replace a Process Level Token and select Security or Properties.
4. Click Add to add the account sshd is running on. ( cyg_server in my case )
5. gpupdate
6. Restart sshd service

Now try to connect via ssh ... I was successful

Answer 3

I had this problem and resolved it.

Initially I followed the answer from Константин Брызгалов and was able to login with a password, but could not get public key authentication working. (I had created a local cyg_server administrator account manually.)

On further investigation, I was reading this page and it said to avoid having both a domain and a local account. I checked and I did have both; apparently someone else in my organization is running a cygwin server and had already created a cyg_server on the domain, which was getting confused with my local account.

I deleted my local cyg_server account, uninstalled the sshd service, and reinstalled as described on that page, and everything worked perfectly out of the box. The trick was to say "no" to using the existing cyg_server account, and tell ssh-host-config to create a "cyg_server1" account. It created a local account and set everything up correctly. Specifically:

1. cygrunsrv --stop sshd
2. cygrunsrv --remove sshd
3. Ctrl Panel > User Accounts > Manager User Accounts > (delete local cyg_server account)
4. mkpasswd -l -d >/etc/passwd
5. mkgroup -l -d >/etc/group
6. ssh-host-config
   • overwrite = yes
   • strict = yes
   • CYGWIN = ntsec
   • user to run = cyg_server1
   • password = {...}

Checking user accounts you will see that cyg_server1 is indeed a local account but has additional setup.

Answer 4

I had forgotten that question, but in the end I solved my problem by rerunning the ssh-host-config in my Cygwin server install (fortunately I had RDP access as well).

That was all that was needed but I have no idea why it worked.

Answer 5

Thank you Константин Брызгалов for pointing me to the right direction, had the exact same problem.

A more thorough solution can ge found here: https://cygwin.com/faq.html#faq.using.sshd-in-domain There are actually 3 policy settings that need to have the cyg_server configured:

• Act as part of the operating system (SeTcbPrivilege)
• Create a token object (SeCreateTokenPrivilege)
• Replace a process level token (SeAssignPrimaryTokenPrivilege)