I got cygwin and sshd working fine. And there are no issues at all when using putty. It responds as expected even for multiple commands. But when using phpseclib , A response is received only for the first command. Subsequent commands are giving a blank reply. This is the script i am trying to execute -
<?php
include('Net/SSH2.php');
define('NET_SSH2_LOGGING', NET_SSH2_LOG_COMPLEX);
$host = "XXXX";
$username = "XXXX";
$password = "XXXX";
$ssh = new Net_SSH2($host);
if (!$ssh->login($username, $password)) {
exit('Login Failed');
}
echo $ssh->exec('nproc');
echo $ssh->exec('nproc');
echo $ssh->getLog();
?>Creating a new ssh object does however give a response. But, I am not able to use the same object for a second exec request. This is working fine when the target is a centos machine.
And this is the log output of phpseclib- http://pastebin.com/ff3sfux7
I found the solution - The cause of the issue is that, In windows based systems, setuid is called before executing a new command. For the first command its set initially so there are no issues. Subsequent calls however result in trying to reassign it and a failure and openssh will not able able to do it. This is already explained during the ssh-host-config script-
*** Info: You appear to be running Windows XP 64bit, Windows 2003 Server,
*** Info: or later. On these systems, it's not possible to use the LocalSystem
*** Info: account for services that can change the user id without an
*** Info: explicit password (such as passwordless logins [e.g. public key
*** Info: authentication] via sshd).
*** Info: If you want to enable that functionality, it's required to create
*** Info: a new account with special privileges (unless a similar account
*** Info: already exists). This account is then used to run these special
*** Info: servers.
In order to solve it, you need to create the privileged user account that the script tries to make and make sure that at the end of script it says -
*** Info: The sshd service has been installed under the 'cyg_server'
*** Info: account. To start the service now, call `net start sshd' or
*** Info: `cygrunsrv -S sshd'. Otherwise, it will start automatically
*** Info: after the next reboot.
Any message indicating that the account was not found and that it is defaulting to the "SYSTEM" account will result in the issue. In that case make sure the passwd file is up to date and includes the new user.
And when you launch Windows Services manager and check the properties of CYGWIN sshd service, under log on tab it needs to say that it is using the newly created privileged account instead of local account.
Also verify that under group policy editor -> Security Settings -> Local Policies -> User Rights Assignment , the new user account needs to have the privileges to create token objects and act as part of the operating system.