Server sent command exit status 128

Advertisement

mystic
Guest

Server sent command exit status 128

My issue seems related to the credentials provided by the client. Members of the Administrators group have no problem logging into the server via SFTP or SCP. However, members of the Users group can only log into the server via SCP mode. If a member of the Users group logs into the server via SFTP, even with the SCP fall back option, upon "starting session" WinSCP errors out to: NOTE (the above mentioned groups pertain to server side)
Connection has been unexpectedly closed. Server sent command exit status 128.
I am sure this is indeed a server side rights issue, but I have been unable to find any information regarding "server side" credentials requirements. The server side environment is:
- MS Windows 2k3 SP1 (NON DC)
- Cygwin as SSH/SFTP server
- root dir Administrators, full access
- root dir Users, Create Files/Folders, Write Attributes + Ext.
- Creator Group, full access
Also, client user has no issues when using Cygwin to SSH/SFTP to server

The following is the logs, debugging level 2
The following are snips of the logs where the failer durring (1) takes place.
(1) = member of Users group attempting connection via SFTP w/SCP fallback (FAILS)
(2) = member of Users group attempting connection via SCP (WORKS)
(3) = member of Administrators attempting connection via SFTP (WORKS)

(1)
. 2006-07-31 08:35:13.661 Opened channel for session
. 2006-07-31 08:35:13.661 Waiting for the server to continue with the initialisation
. 2006-07-31 08:35:13.677 Looking for incoming data
. 2006-07-31 08:35:13.739 Select result is 1
. 2006-07-31 08:35:13.739 Started a shell/command
. 2006-07-31 08:35:13.755 --------------------------------------------------------------------------
. 2006-07-31 08:35:13.771 Using SFTP protocol.
. 2006-07-31 08:35:13.786 Doing startup conversation with host.
> 2006-07-31 08:35:13.802 Type: SSH_FXP_INIT, Size: 5, Number: -1
> 2006-07-31 08:35:13.833 01,00,00,00,05,
. 2006-07-31 08:35:13.849 Sent 9 bytes
. 2006-07-31 08:35:13.864 There are 0 bytes remaining in the send buffer
. 2006-07-31 08:35:13.880 Waiting for another 4 bytes
. 2006-07-31 08:35:13.896 Looking for incoming data
. 2006-07-31 08:35:13.943 Select result is 1
. 2006-07-31 08:35:13.958 Server sent command exit status 128
. 2006-07-31 08:35:13.974 Waiting for another 4 bytes
. 2006-07-31 08:35:13.989 Looking for incoming data
. 2006-07-31 08:35:14.193 Select result is 1
. 2006-07-31 08:35:14.208 All channels closed. Disconnecting
. 2006-07-31 08:35:14.224 Server closed network connection
. 2006-07-31 08:35:14.239 Waiting for another 4 bytes
. 2006-07-31 08:35:14.239 Looking for incoming data
* 2006-07-31 08:35:14.271 (ESshFatal) Cannot initialize SFTP protocol. Is the host running a SFTP server?
* 2006-07-31 08:35:14.271 Connection has been unexpectedly closed. Server sent command exit status 128....
(2)
. 2006-07-31 08:58:20.826 Opened channel for session
. 2006-07-31 08:58:20.842 Waiting for the server to continue with the initialisation
. 2006-07-31 08:58:20.857 Looking for incoming data
. 2006-07-31 08:58:20.904 Select result is 1
. 2006-07-31 08:58:20.920 Started a shell/command
. 2006-07-31 08:58:20.935 --------------------------------------------------------------------------
. 2006-07-31 08:58:20.982 Using SCP protocol.
. 2006-07-31 08:58:20.982 Doing startup conversation with host.
. 2006-07-31 08:58:20.998 Skipping host startup message (if any).
. 2006-07-31 08:58:21.014 Sent 36 bytes
. 2006-07-31 08:58:21.029 There are 0 bytes remaining in the send buffer
. 2006-07-31 08:58:21.045 Sent 1 bytes
. 2006-07-31 08:58:21.060 There are 0 bytes remaining in the send buffer
> 2006-07-31 08:58:21.076 echo "WinSCP: this is end-of-file:0"
. 2006-07-31 08:58:21.076 Waiting for another 1 bytes
. 2006-07-31 08:58:21.092 Looking for incoming data
. 2006-07-31 08:58:21.201 Select result is 1
. 2006-07-31 08:58:21.217 Received 1 bytes
. 2006-07-31 08:58:21.232 Received 29 bytes
< 2006-07-31 08:58:21.248 WinSCP: this is end-of-file:0
. 2006-07-31 08:58:21.264 Detecting variable containing return code of last command.
...
(3)
. 2006-07-31 08:54:41.502 Opened channel for session
. 2006-07-31 08:54:41.518 Waiting for the server to continue with the initialisation
. 2006-07-31 08:54:41.534 Looking for incoming data
. 2006-07-31 08:54:41.659 Select result is 1
. 2006-07-31 08:54:41.674 Started a shell/command
. 2006-07-31 08:54:41.690 --------------------------------------------------------------------------
. 2006-07-31 08:54:41.690 Using SFTP protocol.
. 2006-07-31 08:54:41.706 Doing startup conversation with host.
> 2006-07-31 08:54:41.721 Type: SSH_FXP_INIT, Size: 5, Number: -1
> 2006-07-31 08:54:41.737 01,00,00,00,05,
. 2006-07-31 08:54:41.752 Sent 9 bytes
. 2006-07-31 08:54:41.768 There are 0 bytes remaining in the send buffer
. 2006-07-31 08:54:41.784 Waiting for another 4 bytes
. 2006-07-31 08:54:41.799 Looking for incoming data
. 2006-07-31 08:54:41.893 Select result is 1
. 2006-07-31 08:54:41.909 Received 4 bytes
. 2006-07-31 08:54:41.924 Received 5 bytes
< 2006-07-31 08:54:41.940 Type: SSH_FXP_VERSION, Size: 5, Number: -1
< 2006-07-31 08:54:41.956 02,00,00,00,03,
. 2006-07-31 08:54:41.956 SFTP version 3 negotiated.
. 2006-07-31 08:54:41.971 We believe the server has signed timestamps bug
. 2006-07-31 08:54:41.987 We will use UTF-8 strings for status messages only
. 2006-07-31 08:54:42.002 Limiting packet size to OpenSSH limit of 262148 bytes
. 2006-07-31 08:54:42.018 Getting current directory name.
. 2006-07-31 08:54:42.034 Getting real path for '.'
...

Reply with quote

Advertisement

mystic
Guest

Re: Server sent command exit status 128

Thanks for the prompt response,

I have determined that the issue is indeed server side and is probably some type of credential / policy problem. I determined this via the STFP command using a limited user account and was disconnected immediately after authentication. I just submitted my notes on Cygwin's site regarding this issue.

https://sourceware.org/legacy-ml/cygwin/2006-08/msg00007.html

Reply with quote

mystic
Guest

Re: Same problem

Sorry, I was never able to get this resolved under the described environment.

However, I did upgrade to Enterprise Ed R2 and the problem did not return. Please note that ALL permissions were set to default after upgrade.

I am currently testing with FreeSSHD as a replacement to cygwin. FreeSSHD appears to have a more user friendly GUI for services such as privilege separation and share isolation.

Reply with quote

Advertisement

mattsull
Guest

solution of sorts

I just hit the same issue. Short Answer: try copying all DLL files from cygwin\bin into cygwin\usr\sbin.

Long Answer: What helped me figure it out was to "run as..." sftp-server.exe on the console with the user while not in local admin group. That action yielded an informational event in the Windows System event log:
Application popup: sftp-server.exe - Unable To Locate Component : This application has failed to start because cygwin1.dll was not found. Re-installing the application may fix this problem.
Changing the path didn't help even after net stop/start sshd so I then copied the DLLs from cygwin/bin into usr/sbin and from there, magic happened, no more escalated privileges to workaround.

Very frustrating how long it took to isolate this, oh well... hope this post 2.5 years after the question, helps someone.

Reply with quote

wznoinski
Guest

Re: solution of sorts

Hi All,
i've faced the same problem today, non from fixes found on the internet could help me, then I found that my /usr/sbin/sshd longs to see some libraries (but they're missing).

1. Previously running ldd /usr/sbin/sshd was showing me only:
ntdll.dll => /cygdrive/c/WINDOWS/system32/ntdll.dll (0x7c800000)
kernel32.dll => /cygdrive/c/WINDOWS/system32/kernel32.dll (0x77e40000)
and some errors here

2. Now it's showing the correct full list and no errors:
ntdll.dll => /cygdrive/c/WINDOWS/system32/ntdll.dll (0x7c800000)
kernel32.dll => /cygdrive/c/WINDOWS/system32/kernel32.dll (0x77e40000)
cygcrypt-0.dll => /usr/bin/cygcrypt-0.dll (0x10000000)
cygwin1.dll => /usr/bin/cygwin1.dll (0x61000000)
ADVAPI32.DLL => /cygdrive/c/WINDOWS/system32/ADVAPI32.DLL (0x7d1e0000)
RPCRT4.dll => /cygdrive/c/WINDOWS/system32/RPCRT4.dll (0x77c50000)
Secur32.dll => /cygdrive/c/WINDOWS/system32/Secur32.dll (0x76f50000)
cygcrypto-0.9.8.dll => /usr/bin/cygcrypto-0.9.8.dll (0x6ba40000)
cyggcc_s-1.dll => /usr/bin/cyggcc_s-1.dll (0x67f00000)
cygwrap-0.dll => /usr/bin/cygwrap-0.dll (0x67300000)
cygz.dll => /usr/bin/cygz.dll (0x692c0000)
cygssp-0.dll => /usr/bin/cygssp-0.dll (0x67280000)
I've installed crypt cygwin package.
Hope this will help you even posted a year

Reply with quote

Calesta
Guest

Since I ran across exactly this problem, and this thread was high on Google, I'll post my particular solution here.

Logging in via a normal shell caused an error message that said the normal (non-root) user could not navigate to their home directory. This was caused by the /home permissions being 700, since I had meant to 'trap' users in their home directory and symlinks I had put in there. Unfortunately, this appeared to backfire, not allowing them to log in at all!

I changed the permissions of /home back to 755, and the problem was solved. Try and see if your /home directory has incorrect permission if you have this problem!

Reply with quote

Advertisement

You can post new topics in this forum