What is the default Jenkins password? - amazon-ec2

I'm using a EC2 server instance. Used the following to install Jenkins:
wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list'
sudo apt-get update
sudo apt-get install jenkins
but I need to install software on the Jenkins server so in my EC2 instance I did
sudo –s –H –u jenkins
to get into the jenkins server.
Then I tried to do
sudo cabal install quickcheck
but it prompted me for jenkins password.
I've been searching around the internet for 4hrs now and nothing is helping me get administrative privilege in the jenkins server.
So I'm building my project using the following command in shell:
sudo cabal clean
sudo cabal configure
sudo cabal build
sudo cabal install
This is the error I'm getting:
Started by timer
Building in workspace /var/lib/jenkins/jobs/Finance/workspace
Checkout:workspace / /var/lib/jenkins/jobs/Finance/workspace - hudson.remoting.LocalChannel#eea6dc
Using strategy: Default
Last Built Revision: Revision b638e2182dece0ef1a40232b1d75fa3ae5c01a5d (origin/master)
Fetching changes from 1 remote Git repository
Fetching upstream changes from origin
Commencing build of Revision b638e2182dece0ef1a40232b1d75fa3ae5c01a5d (origin/master)
Checking out Revision b638e2182dece0ef1a40232b1d75fa3ae5c01a5d (origin/master)
[workspace] $ /bin/sh -xe /tmp/hudson3500373817395137440.sh
+ sudo cabal clean
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: 3 incorrect password attempts
Build step 'Execute shell' marked build as failure
Sending e-mails to: ***#gmail.com
ERROR: Could not connect to SMTP host: localhost, port: 25
javax.mail.MessagingException: Could not connect to SMTP host: localhost, port: 25;
nested exception is:
java.net.ConnectException: Connection refused
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1934)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:638)
at javax.mail.Service.connect(Service.java:295)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:125)
at javax.mail.Transport.send0(Transport.java:194)
at javax.mail.Transport.send(Transport.java:124)
at hudson.tasks.MailSender.execute(MailSender.java:116)
at hudson.tasks.Mailer.perform(Mailer.java:117)
at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:19)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:814)
at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:786)
at hudson.model.Build$BuildExecution.post2(Build.java:183)
at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:733)
at hudson.model.Run.execute(Run.java:1592)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:237)
Caused by: java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391)
at java.net.Socket.connect(Socket.java:579)
at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:286)
at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:231)
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1900)
... 17 more
Finished: FAILURE

Here is how you can fix it:
Stop Jenkins
Go go edit /var/lib/jenkins/config.xml
Change <useSecurity>true</useSecurity> to false
Restart Jenkins: sudo service jenkins restart
Navigate to the Jenkins dashboard to the "Configure Security" option you likely used before. This time, setup security the same as before, BUT set it to allow anyone to do anything, and allow user signup.
Go to www.yoursite.com/securityRealm/addUser and create a user
Then go change allow anyone to do anything to whatever you actually want users to be able to do. In my case, it is allow logged in users to do anything.

If you installed using apt-get in ubuntu 14.04, you will found the default password in /var/lib/jenkins/secrets/initialAdminPassword location.

Before installing jenkins, create a user named jenkins and set password there. Then after installing jenkins you can use the password you created.

With the default Jenkins installation using Homebrew on macOS this will output the initial password for the admin user:
sudo cat /Users/Shared/Jenkins/Home/secrets/initialAdminPassword

jenkins default administrator password is logged in log file in ubuntu
log file is situated in /var/log/jenkins/jenkins.log folder
password will be placed after this,
Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation:

After Jenkins is installed just run sudo cat /var/lib/jenkins/secrets/initialAdminPassword.
In the Jenkins login page:
User: admin
Password: the output from the above command

On ubuntu 19.04, the default password are stored in the home directory:
cat ~/.jenkins/secrets/initialAdminPassword

The password is present in the log generated by docker run image as shown in the example below.
Jenkins Docker run log
Additionally you can check the directory /var/jenkins_home/secrets/
Its in the file name initialAdminPassword
You can use
cat /var/jenkins_home/secrets/initialAdminPassword

In my case I was using Jenkins Docker Image and I found the initial admin password using this command:
cat ~/secrets/initialAdminPassword

You can always disable security, then go in and re-enable it with the settings you want.

By default, Jenkins account is created without password and with the login shell as /bin/false.
jenkins:x:496:493:Jenkins Continuous Integration Server:/var/lib/jenkins:/bin/false
Change the shell to /bin/bash and you should be able to login without password by sudo su - jenkins.
Command to change the shell is:
chsh -s /bin/bash jenkin

When you install jenkins on your local machine, the default username is admin and password it gets automatically filled.

I was running Jenkins executing java -jar jenkins.war.
In my case Jenkins wrote webroot in an stdout: webroot: $user.home/.jenkins. So admin secret key was placed in a ~/.jenkins/secrets/initialAdminPassword.

I don't believe that the Jenkins user that is installed via apt has a password. If it does, I have never seen documentation. Based on the commands you entered, I am guessing you are using a Debian distro?
Is there any particular reason you must use the jenkins user to do the install instead of the user which was set up when you created your instance?

When installing Jenkins from AWS Marketplace . . .
"A default user "admin"with the instance-id as password is created to secure the Jenkins instance."
On the AWS Console for EC2, with the instance selected, choose the "Usage Instructions" tab:
"AWS Marketplace Usage Instructions
Latest Versions: 2.19.4.2
A default user "admin"with the instance-id as password is created to secure the Jenkins instance. Once the instance is started, copy the public DNS hostname of the server in the AWS Management Console and enter it in your web browser. The welcome screen allows you to request a trial license, start and evaluation, enter a license key, or connect to your instance to Operations Center. Once the license step is done, your instance is fully functional. We recommend enabling security and backups. You can connect with SSH to the server using the "ubuntu"linux user. The JENKINS_HOME is located under "/var/lib/jenkins". Jenkins listens on the following ports: * HTTP 80: through HAProxy, can be configured to use HTTPS:443 instead * Jenkins SSH 2222: primarily for the CloudBees Git Validated Merge Plugin * Jenkins JNLP 10000: communication from Jenkins agents or Jenkins CLI configured to use JNLP protocol. Not exposed by default on security groups."

Similar to the Ubuntu answer above, the Windows admin default password is stored in {jenkins install dir}\secrets\initialAdminPassword file (default install location would it in C:\Program Files (x86)\Jenkins\secrets\initialAdminPassword )

If you don't create a new user when you installed jenkins, then:
user: admin
pass: go to C:\Program Files (x86)\Jenkins\secrets and open the file initialAdminPassword

I am a Mac OS user & following credential pair worked for me:
Username: admin
Password: admin

For me the best method of retrieving admin pass is by executing cat command inside the running container.
docker exec YOUR_JENKINS_CONTAINER cat /var/jenkins_home/secrets/initialAdminPassword

On Windows it can be found in the file "C:\Windows\System32\config\systemprofile\AppData\Local\Jenkins\.jenkins\secrets\initialAdminPassword"
(I know OP specified EC2 server, but this is now the first result on google when searching Jenkins Password)

Jenkins Default username and password
username: admin
And
password available in the root directory .jenkins\secrets\initialAdminPassword just open the file and copy text and paste into password textbox.

Well,
Even I tried to log in with the admin/password which was failed.
So I created my own user like this.
Go to Jenkins home folder (C:\User.jenkins or you can find this in Jenkins server startup logs)
Go to Config file config.xml
set disableSignup to false false
if at all you want to disable login security
4.set ser security to false. true

For mac users: Just run this command
cat ~/.jenkins/secrets/initialAdminPassword

Initial Password of Jenkins is stored in the following directory
cat /var/lib/jenkins/secrets/initialAdminPassword

There are few steps to follow:
Go to the folder: C:\Users\Manjeet\.jenkins .(here in your case, there can be your system name or your name instead of mine)
Open config.xml file using any text editor.(recommended Notepad++)
Go to Line number seven which is like <useSecurity>true</useSecurity>.
So make it change this from true to false.
Save this file and close the window.
Open Command Prompt and start your Jenkins .
(java -jar jenkins.war --httpPort=8085).
Open browser and search for your localhost at your given port number.
(localhost:8085)
You will see it doesn't ask for username and password anymore. Now you have to delete
that existed user and Add new user for setting new username and password.
Steps to make new Admin:
1.Go to people option which present at second number at left hand side below Dashboard
Click on admin option present in a row and than click on delete.
Go to Dashboard, Click on Manage Jenkins, Click on Configure Global Security.
Check the box of Enable security option.
Check the box of Jenkins own user database option and Uncheck Allow user to sign up present just below of it.
6 . Check Logged-in user can do anything option and Uncheck Allow anonymous read access present just below of it.
Make it Save and it will give you a new form for creating new first user. Fill the details correctly and click on Create First Admin User .(it will automatically made a change on that config.xml file just save it. )

Related

unable to invoke DOCKER using JENKINS user

I am trying to run a docker command as part of a jenkins job using shell. I get a standard error stating
"Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/images/json: dial unix /var/run/docker.sock: connect: permission denied"
I will require some help on
1. how to find the path where docker is installed which can be added to JENKINS global configuration
2. workaround to fix this permission issue(running as a sudo user/any other specific user)
I have already experimented by adding the JENKINS users to admin group, staff group, made administrator. But, nothing has actually helped. I still get the standard error
Tried the below code on terminal too
sudo -u jenkins docker images
OUTPUT:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/images/json: dial unix /var/run/docker.sock: connect: permission denied
I am expecting to run this code without the error. Only then my jenkins pipeline will be complete.
To find the path where docker is installed, simply run a which docker. Usually, it'll be installed somewhere in the standard PATH already, so probably Jenkins will already have access. As you get the permission denied error message, it looks like Jenkins is already using the correct docker executable.
Depending on the distribution or operating system you are using, you will most likely need to add the jenkins user to a docker group, e.g. sudo usermod -aG docker jenkins. To find out which group you need, run:
$ ls -l /var/run/docker.sock
srw-rw---- 1 root docker 0 Apr 30 16:20 /var/run/docker.sock
In the second line, you see the group that docker.sock is owned by. Add the jenkins user to that group.

Win 10 Postgresql 11 database cluster initialisation failed

i got a new laptop from Dell(XPS 15), with Windows 10 Pro.
I have always the same issue During installation of postgres "Problem running post-install step. Installation may not complete correctly. The Database cluster initialisation failed." .
i tried a lot of solutions of past threads:
Install postgres not into progam files
create a user named postgres with full access to postgress directory, explained here https://www.youtube.com/watch?v=pS_zWDDDSe0
Checked for new win-updates
Turned off Firewall and Antivirus of Windows.
Error running cscript //NoLogo "C:\develop\postgres/installer/server/initcluster.vbs" "NT AUTHORITY\NetworkService" "postgres" "****" "C:\develop\postgres" "C:\develop\postgres\data" 5432 "DEFAULT" 0: Program ended with an error exit code
Problem running post-install step. Installation may not complete correctly
The database cluster initialisation failed.
[14:03:49] Delete the temporary scripts directory...
Creating menu shortcuts...
Executing cscript //NoLogo "C:\develop\postgres\installer\server\createshortcuts_clt.vbs" "PostgreSQL 11" "C:\develop\postgres"
Script exit code: 0
EDIT ERROR LOG
Executing batch file 'radAD31B.bat'...
The program "postgres" was found by "C:/develop/postgres/bin/initdb.exe" but was not the same version as initdb.
I've just struggled with this for several hours, so I'm posting this for anyone else who winds up here.
Initially, all I could find were two bug reports on the pgsql-bugs mailing list:
BUG #15856: The program "postgres" was found by "initdb" but was not the same version as initdb.
BUG #15970: Db initialization error - initdb.exe and postgres not same version
The specific symptoms are:
The program "postgres" was found by ".../initdb.exe" but was not the same version as initdb.
and although the versions match, you get this:
C:\Program Files\PostgreSQL\11\bin>postgres -V
WARNING: 01000: could not determine encoding for locale
"<some encoding>.utf8": codeset is "CPutf8"
If these are your symptoms, the issue is that you have your region/language settings set to use UTF-8 (beta setting). This causes problems with lots of programs, and PostgreSQL is one of them. Disable this and re-install and you should be fine.
If you ever changed the command line code encoding parameter in the registry
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\Autorun
to chcp 65001, chcp 1251 or any other, then that may be the issue.
Returning the value of the command line encoding registry value to default (empty) solved the problem in my case.
Try to change your registry value to empty:
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\Autorun
Follow these steps to avoid this error
Uninstall PostgreSQL
Delete if you have postgres user
Right click on My Computer / This PC and click on Manage goto Local Users and Groups then Users New User enter Username as postgres and Password (whatever you want) and click on Create button.
Now right click on postgres user and click on properties click on Member of tab and then on Add button here click on Advanced and a new dialog box open for Groups click on Find Now and select Administrators click OK button.
Now open Command Prompt / cmd
here type runas /user:postgres cmd.exe and hit enter
cd path to downloaded Postgresql folder enter
postgresql-x.x.x-x-windows.exe enter (here x reflect release, major and minor versions).
Now repeat step 4 and remove group Administrators and add Power Users
Just had this issue with postgres 12 my method to solve it is similar to Atif's but uses the command line:
Uninstall PostgreSQL
Delete the postgres user if it still exists :
net user postgres /delete
Create the postgres user with a password you can remember:
net user /add postgres [password]
Add the postgres user to the Administrators group:
net localgroup administrators postgres /add
SKIP this as group no longer exists on win 10 and default users
should have necessary permissions - Add the postgres user to the
Power Users group
Run a command window as the postgres user: (opens up new command
window) :
runas /user:postgres cmd.exe
copy the install file to a location reachable by that user and run
it e.g.:
C:\Download\postgresql-12.4-1-windows-x64.exe
Remove the postgres user from the Administrators group:
net localgroup administrators postgres /delete
That's it.
Hope this is useful
I have looked at the available solutions but none worked for me so I simply created a new user on my Windows 10 desktop and did the installation there and it was able to complete successfully.
Uninstallation may not remove all registry entries. You may type registry in the taskbar search and open Registry Editor.
Navigate to:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE
And remove entries pertaining to postgresql.
Installing PostgreSQL on Windows with the EDB installer is begging to get bald(er) faster. You can run PostgreSQL on WSL (Windows Subsystem for Linux) and connect to it on Windows!
Open Windows Terminal/PowerShell as administrator (right click the start-icon on Windows 11 -> Windows Terminal (administrator). Type:
wsl --install
Reboot your computer. After login Ubuntu will automatically be installing, WSL2 and Ubuntu is standard on Windows 11 (check documentation on how to select a different distro, etc.) Follow the instructions to enter your desired username and password.
Update Ubuntu:
sudo apt update && sudo apt upgrade
Install PostgreSQL:
sudo apt install postgresql
Give the 'postgres' user a password:
sudo passwd postgres
Start the service and open psql shell:
sudo service postgresql start && sudo -u postgres psql
Notice that the password you created is not the DB password for postgres, so unless you create a new user you can give postgres one in the psql shell:
ALTER USER postgres PASSWORD 'mypw';
Now you can install pgAdmin or use your own program (in 'normal' Windows) to confirm that you can connect on 127.0.0.1 with port 5432 (may vary) with the user postgres and his password.
Just little addition to the answer from Anton Kudryavtsev:
Check that there is no Autoran parameter in registry: \HKEY_CURRENT_USER\SOFTWARE\Microsoft\Command Processor
Its' deletion solved the error The program "postgres" was found by "C:/Program Files/PostgreSQL/14/bin/initdb.exe" but was not the same version as initdb in my case
(checked in Windows 10 x64 and Postgress 14.5 .exe installer)
Same problem. Beta UTF-8 was not selected. However this gave me the idea.
I was trying to install using different locale than the default locale of the system I am using. Tried a couple of times.
Installed successfully using the default locale.

Using Jenkins to SSH into EC2 Ubuntu instance and run shell scripts

I have installed Jenkins on my local, I have created my own EC2 instance, I can ssh into my instance and run some shell scripts to shut down my Wildfly server installed on my instance.
This is what I do when I do it manually on my Mac.
open my mac terminal, type
ssh -i /Users/xxx/tools/xxxx.pem ubuntu#10.206.xxx.xx
It will login to my Instance, and then I type:
cd /srv/wildfly-10.1.0.Final/bin
sudo -s
source /etc/profile
./jboss-cli.sh --connect command=:shutdown
The screen will output
{"outcome" => "success"}
Now, I want to using Jenkins, when I click build button, it will ssh into that instance and run these shell scripts for me. The output is expected the same as I run it after I ssh into the instance.
My question is: what steps should I follow, after I login to my Jenkins local environment: localhost:8080
Create a New Item, which one? Is there some plugin I can use? Where to put my shell scripts, will it run successfully?
A guide would be helpful, thanks a lot!
Additon:
when I try to login: using my ssh command, I get this error:
Pseudo-terminal will not be allocated because stdin is not a terminal.
Host key verification failed.
Too many questions to answer in one post. but this should get you started.
ssh from jenkins to your ec2 should be password less, should you need to set the keys in jenkins. use the credential manager and create one, by pasting the private key
https://www.cloudbees.com/blog/using-ssh-jenkins
Refer remote command execution over ssh for the rest of the task.
you will find how to do this in tons.. but this should give you an idea. https://www.cyberciti.biz/faq/unix-linux-execute-command-using-ssh/
For the question on job type, at this point just go with the freestyle .. And later, you may plan for fancy stuff.
You need to add the PEM file details in place where it asks for Private Key

How to spin up spinnaker locally for the first time

How to spin up a local version of Spinnaker? This has been answered and addressed in detail here.
https://github.com/spinnaker/spinnaker/issues/1729
Ok, so I got it to work, but not without you valuable help! #lwander
So I'll leave the steps here for posterity.
Each line is a separate command in the command line, I've installed this on a virtual machine with a freshly installed Ubuntu 14.04 copy with nothing else than SSH. Then SSH as root, You will need to configure sshd on your console to allow root access.
https://askubuntu.com/questions/469143/how-to-enable-ssh-root-access-on-ubuntu-14-04
> curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/stable/InstallHalyard.sh
created a user account member of the adm and sudo groups (is this necessary???)
then Install Halyard:
bash InstallHalyard.sh
Verify that HAL is installed and validate its version.
hal -v
Tell Hal that the deployment type will be as a local instance (this will publish all services in localhost which will be tricky later in order to access them, but I have a turnaround so keep reading)
hal config deploy edit --type localdebian
Hal will complain that a version has not been selected, just tell HAL which version:
hal config version edit --version 1.0.0
The tell HAL which storage you are going to use, in my case and since it is local I want to use redis.
hal config storage edit --type redis
So now we need to add a cloud provider to HAL, we use AWS so we add it like this:
hal config provider aws edit --access-key-idXXXXXXXXXXXXXXXXXXXX--secret-access-key
I created a user on AWS and added access keys to the user inside IAM on the user security credentials tab. Obviously my access-key-idis not XXXXXXXXXXXXXXXXXXXX, I edited it. You do not need to enter the secret-access-key because the command will prompt for it.
Then you need to create a username relative or that will only concern you spinnaker installation however this will get related to you AWS Account-ID, so in MY spinnaker local installation I chose the username spinnakermaster you should choose yours!. And my AWS Account ID is not YYYYYYYYYYYY, I've edited too.
All the configurations and steps that you'll need to do inside AWS for this to work are really well documented here:
[https://www.spinnaker.io/setup/providers/aws/](https://www.spinnaker.io/setup/providers/aws/
)
And to tell HAL of of the above here's the command:
hal config provider aws account add spinnakermaster --account-id YYYYYYYYYYYY --assume-role role/spinnakerManaged
And after all that and if everything went according to plan we can ask HAL to deploy our brand new spinnaker installation.
hal deploy apply
It will begin a long installation downloading and configuring all the services.
Once it has finished you may do whatever you like but in my case I created a monitoring script like the one described here:
https://github.com/spinnaker/spinnaker/issues/854
Which can be launched on a recursive manner as this:
watch -n1 spinnaker-status.shor until toctrl+Cit!.
then to be able to access your local VM spinnaker copy you can either setup a reverse proxy with the proxy server of your choice to forward all the requests to localhost or you can simply ssh the SH** out of this redirecting the ports;
ssh root#ZZZ.ZZZ.ZZZ.ZZZ -L 9000:127.0.0.1:9000 -L 8084:127.0.0.1:8084 -L 8083:127.0.0.1:8083 -L 7002:127.0.0.1:7002 -L 8087:127.0.0.1:8087 -L 8080:127.0.0.1:8080 -L 8088:127.0.0.1:8088 -L 8089:127.0.0.1:8089
Where obviously theZZZ.ZZZ.ZZZ.ZZZ is not an actual IP Address.
And finally to begin having fun with this cutie you have to go to your browser of choice and type into the address bar:
http://127.0.0.0:9000
Hope this helps and saves some time to everybody!.
Cheers.
EN

Unable to start cygwin sshd service

I entered ssh-host-config into the cygwin prompt (started with admin privileges), said yes to privilege separation, new local account sshd, install sshd as a service; I entered no value for CYGWIN for daemon; I entered no for using a different name; yes for creating new privilege user account.
In my services.msc I am unable to start the service:
The CYGWIN sshd service on Local Computer started and then stopped.
Some services stop automatically if they are not in use by other services
or programs.
In the cygwin prompt, net start sshd produces:
The CYGWIN sshd service could not be started.
The service did not report an error.
More help is available by typing NET HELPMSG 3534
In the cygwin prompt, cygrunsrv -S sshd produces:
cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error 1062:
The service has not been started.
My /var/log/sshd.log says the following:
Unable to initialize device PRN
I've searched the questions on SO related to this issue, as well as the general Internet, and I guess what makes my question unique has to do with the sshd.log. I can't find anyone else who has received this.
I'm doing this to install Hadoop on my Windows. I cannot run a virtual machine on this slow computer as everything just bogs down.
I followed the steps in this topic and the problem was still happening, then I checked the sshd log file and it was complaining that the privilegies of the ssh private key were to open.
I executed the follow command:
chmod 400 /etc/ssh_host_ecdsa_key
Then I run the service:
net start sshd
It finally worked (BTW: I am using Windows 8)
I had the same problem and here is the solution that worked for me.
Solution 1
Restart the machine after you set the path environment variables to point to Cygwin bin directories and then start the service.
Solution 2
First add the account that runs the Cygwin sshd demon service to administrators group (this is by default)
Go to your cygwin installation folder (mine is at c:\cygwin64 and yours may differ)
add administrators group as full control. remove the property
Remove Readonly for your cygwin installation folder so anyone can write into it
Run the cygwin terminal as administrator and remove the service by typing
cygrunsrv -R sshd
Reboot your system
Run the cygwin terminal as administrator and reinstall the service again by typing
ssh-host-config -y
Run the cygwin terminal as administrator and start the service by typing
net start sshd
Your service now be running!
I tried above solutions but nothing worked for me.
I am using Windows 8 and was able to solve it.
My sshd.log file says : "Privilege separation user sshd does not exist FAILED"
So to remove this error while starting sshd as service just following below steps:
Edit the file /etc/passwd --
add " sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin ".
Edit the file /etc/group --
add " sshd:x:74: ".
Now start service as
net start sshd
It worked for me!
Followed the steps provide by Andrea Solution 1 and solution 2 , it did not work. Event viewer did not provide any info.
So took a look at the log var/log/sshd.log first it complained that it was unable to load the dll:
/usr/sbin/sshd.exe: error while loading shared libraries: cygcrypto-1.0.0.dll
Solution:
Reinstalled the package and ensured that the dll were in lib.
Started the service again still it failed but this time it complained about missing host key.
Could not load host key: /etc/ssh_host_dsa_key
Could not load host key: /etc/ssh_host_ecdsa_key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
Solution:
go to the Cygwin Command prompt (with run as admin ) and
enter ssh-keygen -A
the missing host key were generated .
Finally I was able to start it.
I would recommend looking at the log file further if the above solution does not work.
In my case (using a Polish version of Windows 8) I had to manually modify the /etc/passwd and /etc/group files.
Some lines for Administrator, Administrators, Guest, Guests, etc. had been missing, so I merely inserted them, and copied all other fields from their non-English versions. Eg.
nano /etc/passwd
SYSTEM:*:18:544:,S-1-5-18::
LocalService:*:19:544:U-NT AUTHORITY\LocalService,S-1-5-19::
NetworkService:*:20:544:U-NT AUTHORITY\NetworkService,S-1-5-20::
Administrators:*:544:544:,S-1-5-32-544::
Administratorzy:*:544:544:,S-1-5-32-544::
TrustedInstaller:*:4294967294:4294967294:U-NT SERVICE\TrustedInstaller,S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464::
Administrator:unused:500:513:U-gordito\Administrator,S-1-5-21-580982140-4090956935-1935414389-500:/home/Administrator:/bin/bash
Guest:unused:501:513:U-gordito\Gość,S-1-5-21-580982140-4090956935-1935414389-501:/home/Gość:/bin/bash
Gość:unused:501:513:U-gordito\Gość,S-1-5-21-580982140-4090956935-1935414389-501:/home/Gość:/bin/bash
HomeGroupUser$:unused:1004:513:HomeGroupUser$,U-gordito\HomeGroupUser$,S-1-5-21-580982140-4090956935-1935414389-1004:/home/HomeGroupUser$:/bin/bash
sshd:unused:1006:513:sshd privsep,U-gordito\sshd,S-1-5-21-580982140-4090956935-1935414389-1006:/var/empty:/bin/false
cyg_server:unused:1007:513:Privileged server,U-gordito\cyg_server,S-1-5-21-580982140-4090956935-1935414389-1007:/var/empty:/bin/false
nano /etc/group
root:S-1-5-32-544:0:
SYSTEM:S-1-5-18:18:
TrustedInstaller:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464:4294967294:
Administrators:S-1-5-32-544:544:
Administratorzy:S-1-5-32-544:544:
Czytelnicy dzienników zdarzeń:S-1-5-32-573:573:
Guests:S-1-5-32-546:546:
Goście:S-1-5-32-546:546:
IIS_IUSRS:S-1-5-32-568:568:
Users:S-1-5-32-545:545:
Users DCOM:S-1-5-32-562:562:
Użytkownicy:S-1-5-32-545:545:
Użytkownicy DCOM:S-1-5-32-562:562:
Użytkownicy dzienników wydajności:S-1-5-32-559:559:
Użytkownicy monitora wydajności:S-1-5-32-558:558:
Użytkownicy zarządzania zdalnego:S-1-5-32-580:580:
HomeUsers:S-1-5-21-580982140-4090956935-1935414389-1003:1003:
TelnetClients:S-1-5-21-580982140-4090956935-1935414389-1005:1005:
WinRMRemoteWMIUsers__:S-1-5-21-580982140-4090956935-1935414389-1000:1000:
None:S-1-5-21-580982140-4090956935-1935414389-513:513:
Brak:S-1-5-21-580982140-4090956935-1935414389-513:513:
Only after this, I was finally able to chmod g-rwx all the files that offended sshd, in a way that 'ls -la' indeed confirmed the dropped permissions for group and other.
Then finally, privileged CYGWIN services installed and started (sshd, cron)

Resources