AD user cannot be authenticated by Key when sshd server is running by system(Password works), but key auth is working for user if user starts openssh by himeself with .\sshd.exe -d #1543
Comments
|
Tried from issue case workarounds #1053
|
|
I do have same issue. when I run sshd with debug mode , it works. Waiting for resolution on this issue. thanks. |
|
Having the same issue. It works fine with username and password. |
|
I am having (almost) the same problem using the 64bit version though I do not get the error in the logs. I start a process that calls a database and that database is set to windows authentication. SSH'ing into the server using key fails process, but it works using the password. It also works (with pubkey) when starting the service with sshd.exe -d, as others have stated. Can the install script be amended to start the service using -d? This has been working fine for us for quite some time so I guess something got changed on the LDAP server, I am waiting for a response from the LDAP server guys. |
|
@dekiesel - Don't modify the install script to start service using -d. When sshd is running as SYSTEM, for key based authentication we use LsaLogonUser() API to get the user token. Look at the error message when sshd is running as SYSTEM. It should give some clue. |
|
I can't find any errors in the log, unfortunately. This is the part that names LsaLogonUser:
Running the process from this session (a ETL tool that connects to SQL Server) fails. Using password it works. If I can help debug this please let me know |
|
Please share the full sshd.log with DEBUG3 enabeld. Once we get user token, the code path is same for key-based and password based authentication. In both cases we spawn the child processes in the user context. |
|
Please find the log attached:
|
|
Hey @bagajjal I'm hitting a similar issue, but my output looks like: Are there any updates? |
|
@hecerinc - Are you logging in with your AAD (Azure Active Directory) credentials to a non-domain joined machine? If yes, this is not supported yet. 17392 2020-08-25 19:27:39.649 error: lookup_principal_name: User principal name lookup failed for user 'xxxxx\myuser' (explicit: 5, implicit: 5) error code 0xC0000062 - The name provided is not a properly formed account name |
|
It's the other way around, from a non-domain-joined, to a domain-joined machine (with my AAD credentials). The thing is, when I run the server from cmd, I can access it no problem, any pointers? |
|
There is some issue with your domain joined machine where sshd service is running. Can you try the ssh using key based authentication on the same domain joined machine and then compare the logs. |
|
Sorry, I should've said I'm using key authentication, not passwords (although the key I'm using does have a password, not sure if that would impact anything) |
|
I got that.. I want you to try ssh key authentication on your domain joined machine where sshd service is running i.e., both ssh client, ssh server on the same machine.. |
|
Oh yeah, that's right got the same thing: |
|
@hecerinc - This issue is specific to your environment. You need to debug why 'xxxxx\myuser' is recognized as not properly formed. just to be clear, you are not logging with AAD (Azure action directory) credentials? |
|
It's my REDMOND\ user, but via key authentication... not sure why |
|
Was there a resolution to this in the end? I am experiencing the same problems: ssh from non domain client (linux GalliumOS) -> OpenSsh server 8.1.0.0 to a domain user account. XXX/USERNAME@HOSTNAME Using public key auth. Password auth working in all cases. Public key auth accepted in all cases. Symptoms are: sshd running as a service (SYSTEM): -ssh to administrator account - FAILS with: -ssh to non-administrator account - FAILS with: sshd run by user: -ssh to administrator account - WORKING -ssh to non-administrator account - FAILS with: Seems that this type of error has come up in quite a few versions and I have identical behavior when using sshd 7.7p1. I guess the username lookup is different when sshd is run as a service? Can confirm that none of the workarounds above are solving the issue. |
|
I'm hitting this as well. Of note, I can't get anything to work unless I spell out the fully-qualified name of the account domain, which in my case is |
|
Update: I managed to get this working with the following workaround:
This workaround is limited to password authentication; publickey authentication actually works so far as login goes, but hits a secondary failure due to the same issue when trying to spawn the shell process. @bagajjal when can we expect a more comprehensive solution that works with publickey? |
|
It's not a bug from Win32 OpenSSH. |
|
The workaround is limited to password authentication. It will be a blocker if your scenario is non-interactive (or) if you don't like typing your password every time. The solution is to use SSH_ASKPASS.
$env:DISPLAY=1
|
|
@bagajjal The issue is not only for Azure AD auth or aad-joined Windows PC's. We experience just the same issue on normal passwordless-ssh from linux -> Windows server 2016 ad-joined running openssh/sshd. 8856 2021-02-26 11:01:26.837 debug3: checking match for 'Group administrators' user contoso\johndoe host addr laddr lport 22 |
|
@bagajjal Are you sure you want to save your password as an environment variable? 🤔 Any updates from Windows auth team? |
|
@qianyueyou - Windows auth team planned to work on it next semester (June 2021). |
|
Confirming the issue:
My temporary solution is to (1) disable OpenSSH service and (2) run |
|
@bagajjal If it can help. I have found this line in samba logs: |
|
@remipaeta could you grab Wireshark traces that show the interactions between the Windows server and the Samba DC? That should help figure out how the S4U2Self transaction is failing. |
|
@nmingotti , @remipaeta - Please work with @ThatWileyGuy from Windows Auth team. |
|
Hi @ThatWileyGuy . The issue I have is with passwordless authentication. I suggest to ignore the Kerberos case for starting and focus on public key auth. Also I recommend we all use the same release of the OpenSSH software: the latest build. V.8.0.0p1 32 bit. To be found here. Install instructions here. For other people who want to join the discussion. Please be aware of how to trobuleshoot see here , and the way to fix the nasty configurations here. |
This scenario uses Kerberos S4U2Self authentication, which is neither password-based nor public key-based.
@bagajjal has already described precisely where the failure is occurring, which appears to be a LsaLogonUser call to do a Kerberos S4U logon against a Samba Domain Controller. The same scenario works against a Windows Domain Controller. I'm asking for network traces showing the failing interaction because it's much quicker to gather them from an existing environment. From what's described, we could probably also reproduce the same failure with Powershell rather than OpenSSH, as S4U is a fairly general mechanism. |
|
-1. I am using two computers. [deb4] is a Linux debian stable outsided the Windows domain. [domus] is Windows 10, in Samba/Windows Domain. [deb4] and [domus] are in the same LAN. The users are "p" in [deb4] and "nicola" in [domus]. Both are non administrators. The windows domain name is WINDOM.
and make sure all keys are commented in C:\Users\nicola.ssh\authorized_keys
|
|
.. Hi @ThatWileyGuy . The issue I have is with passwordless authentication. I suggest to ignore the I'm asking for network traces showing the failing interaction because it's much quicker to gather them from an existing environment. ... @ThatWileyGuy ook, tell me precisely what you need I will try to get it. |
|
@ThatWileyGuy ... something like this may be useful to you? |
|
[kerberos-RP.zip](https://github.com/PowerShell/Win32-OpenSSH/files/6304439/kerberos-RP.zip)
Please find attached a wireshark capture file.
I captured Kerberos packets exclusively.
------ Message d'origine ------
De: "Andrew Wiley" ***@***.***>
À: "PowerShell/Win32-OpenSSH" ***@***.***>
Cc : "Rémi PAETA" ***@***.***>; "Mention"
***@***.***>
Envoyé : 12/04/2021 23:13:06
Objet : Re: [PowerShell/Win32-OpenSSH] AD user cannot be authenticated
by Key when sshd server is running by system(Password works), but key
auth is working for user if user starts openssh by himeself with
.\sshd.exe -d (#1543)
***@***.*** <https://github.com/remipaeta> could you grab Wireshark
…traces that show the interactions between the Windows server and the
Samba DC? That should help figure out how the S4U2Self transaction is
failing.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1543 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AID4QFUSPR5B6UB2PWIMHNTTINO6FANCNFSM4KKFZX4A>.
|
|
@remipaeta I don't undertand, how is Kerberos related to public key auth ? ... anyway, whatever, i am no expert in this corner. |
|
@nmingotti because even if you use public key, your user requires a kerberos ticket to log in. |
thank you for clarification ! |
|
@ThatWileyGuy I found a difference in the TGS-REQ package. Please also find below the link to a documentation on the implementation of Kerberos in Samba |
|
@remipaeta yes, excellent! Thanks very much. Per MS-SFU (https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-sfu/aceb70de-40f0-4409-87fa-df00ca145f5a), the PA-FOR-USER structure is always checksummed with HMAC-MD5. This isn't a problem because the PA-S4U-X509-USER request supersedes it and allows the checksum type to match the session key that's needed to verify the checksum. The client is generating both PA-S4U-X509-USER and PA-FOR-USER for compatibility because Windows Server 2003 (Windows XP Server) did not support PA-S4U-X509-USER and would ignore it and use the PA-FOR-USER instead. Incidentally, Windows Server 2003 also did not support AES encryption for Kerberos, so HMAC-MD5 was the only decent checksum it understood. Newer Windows DCs use the PA-S4U-X509-USER request instead and ignore the PA-FOR-USER. Firstly, it looks like Heimdal 7.7.0 included a bugfix to make the PA-FOR-USER work as specified: https://github.com/heimdal/heimdal/releases/tag/heimdal-7.7.0 Can you confirm the Heimdal version your DC is running? Secondly, MS-SFU documents that the Windows behavior here is to prefer the PA-S4U-X509-USER request over the PA-FOR-USER request (https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-sfu/a47e0084-d6c3-40ba-8c3c-f1eeb3d85ecf#Appendix_A_4) and it seems like Samba is doing the opposite. @abartlet, is this on your radar? It's debatable whether this qualifies as a bug, but it does mean Samba is using worse crypto than it needs to for this transaction. |
|
@ThatWileyGuy I can't tell you which version I'm using for Heimdal because Heimdal's code is built into Samba. |
|
@ThatWileyGuy @abartlet I found some reported wich concern the S4U: It seems that samba 4 does not follow the Heimdal upstream releases: |
|
@ThatWileyGuy Do you think the problem could be related to fixing this flaw? |
|
@remipaeta this would make sense for my case. My DC is so it seems to be a pre-patch release. That would explain why public key auth works for Rowland (of the Samba mailing list) since he is using a newer version of Samba. |
|
@nmingotti @ThatWileyGuy |
|
@remipaeta @ThatWileyGuy I see. Unfortunately for me it is not easy to do the test with a newer release. This DC is in production in a real and busy network. As a rule of thumb I work only with Debian Stable packages on the servers. I can try to see if the package maintainer wants/can push a bit newer version of Samba as stable package ... But don't hold you breath ;) For now thank you for sharing you experience with us/me. Ciao |
|
I'm sorry to break the bad news, but Debian Stable will never ship a
current version of Samba. The nature of Debian practice and policies
means this is essentially impossible for a current Samba to enter
Debian Stable.
Sorry!
|
|
To allow others to connect the threads, I've explained why Samba 4.12
and earlier won't be patched by upstream to fix this here:
https://bugzilla.samba.org/show_bug.cgi?id=14688
https://wiki.samba.org/index.php/Samba_Release_Planning#General_information
(in short, in upstream we only support two releases at a time, being
4.13 and 4.14 currently, with 4.12 for security fixes only)
|
|
everybody knows Debian stable does not ship current. but given that ssh is the most important tool for a sysadmim after the text editor i sent the fix req to the package maintainer. if they are able to fix it patching in some way good for all of us Debian admins (and derivatives)! |
|
Closing this issue as the fix is external. |
|
Where could one follow up on the external progress regarding pure Azure AD user authentication? Context: I've just found out my company must be using pure AzureAD, since my user is Not sure if it matters but we use the My AzureAD user is included in the local administrators group, so I could install software that requires elevation. One such software was Windows' built in SSHD so that's how I ended up in this thread. Use case was to Ansible manage my Windows box from a WSL2 linux distro using SSH keys for authentication (this is what I successfully do at home on my personal laptop where no AD is involved, just plain workgroup, local admin account, and ssh keypair) I'm able to SSH in with password, although it takes 30 o 40 secs to authenticate and the Windows Event Viewer shows: sshd: error: lookup_principal_name: User principal name lookup failed for user 'domain\user' (explicit: 1355, implicit: 1355 Then I tried going passwordless and could not make it work as others in this thread already stated. The ssh key is accepted but then errors out and session is closed. |
"OpenSSH for Windows" version
((Get-Item (Get-Command sshd).Source).VersionInfo.FileVersion)PS C:\Program Files\OpenSSH> ((Get-Item (Get-Command ./sshd).Source).VersionInfo.FileVersion)
8.1.0.0
Server OperatingSystem
((Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows nt\CurrentVersion\" -Name ProductName).ProductName)Windows Server 2016 Standard
Client OperatingSystem
Linux/Windows - same issue
What is failing
Public key authentication/unable to get security token for AD user (local user, working fine)
Similar issue #1053
Expected output
Successful logon
Actual output
Client output from Linux
~/.ssh$ ssh -vvv -o "IdentitiesOnly=yes" -i ./test_key p986_bfr228384_t@10.39.14.133
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug2: resolving "10.39.14.133" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 10.39.14.133 [10.39.14.133] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file ./test_key type -1
debug1: key_load_public: No such file or directory
debug1: identity file ./test_key-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_for_Windows_8.1
debug1: match: OpenSSH_for_Windows_8.1 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.39.14.133:22 as 'p986_bfr228384_t'
debug3: hostkeys_foreach: reading file "/home/user/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/user/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 10.39.14.133
debug3: hostkeys_foreach: reading file "/etc/ssh/ssh_known_hosts"
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: curve25519-sha256 need=64 dh_need=64
debug1: kex: curve25519-sha256 need=64 dh_need=64
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:vDYx8dsScX3udfisVBrsouI4rXY+aeIFR1rGDJQXSYs
debug3: hostkeys_foreach: reading file "/home/user/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/user/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 10.39.14.133
debug3: hostkeys_foreach: reading file "/etc/ssh/ssh_known_hosts"
debug1: Host '10.39.14.133' is known and matches the ECDSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: ./test_key ((nil)), explicit
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: ./test_key
debug3: sign_and_send_pubkey: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to 10.39.14.133 ([10.39.14.133]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions@openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: send packet: type 1
packet_write_wait: Connection to 10.39.14.133 port 22: Broken pipe
Sshd log in windows server:
8836 2020-01-22 14:09:28.750 debug2: fd 3 setting O_NONBLOCK
8836 2020-01-22 14:09:28.750 debug1: Bind to port 22 on 0.0.0.0.
8836 2020-01-22 14:09:28.750 Server listening on 0.0.0.0 port 22.
8836 2020-01-22 14:09:34.280 debug3: fd 4 is not O_NONBLOCK
8836 2020-01-22 14:09:34.283 debug3: spawning "C:\Program Files\OpenSSH\sshd.exe" -R
8836 2020-01-22 14:09:34.292 debug3: send_rexec_state: entering fd = 7 config len 274
8836 2020-01-22 14:09:34.293 debug3: ssh_msg_send: type 0
8836 2020-01-22 14:09:34.293 debug3: send_rexec_state: done
9112 2020-01-22 14:09:34.331 debug1: inetd sockets after dupping: 4, 4
9112 2020-01-22 14:09:34.332 Connection from 10.39.34.155 port 33824 on 10.39.14.133 port 22
9112 2020-01-22 14:09:34.332 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
9112 2020-01-22 14:09:34.332 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
9112 2020-01-22 14:09:34.332 debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
9112 2020-01-22 14:09:34.332 debug2: fd 4 setting O_NONBLOCK
9112 2020-01-22 14:09:34.357 debug3: spawning "C:\Program Files\OpenSSH\sshd.exe" -y
9112 2020-01-22 14:09:34.367 debug2: Network child is on pid 4524
9112 2020-01-22 14:09:34.367 debug3: send_rexec_state: entering fd = 6 config len 274
9112 2020-01-22 14:09:34.367 debug3: ssh_msg_send: type 0
9112 2020-01-22 14:09:34.367 debug3: send_rexec_state: done
9112 2020-01-22 14:09:34.367 debug3: ssh_msg_send: type 0
9112 2020-01-22 14:09:34.367 debug3: ssh_msg_send: type 0
9112 2020-01-22 14:09:34.367 debug3: preauth child monitor started
9112 2020-01-22 14:09:34.406 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
9112 2020-01-22 14:09:34.406 debug3: send packet: type 20 [preauth]
9112 2020-01-22 14:09:34.406 debug1: SSH2_MSG_KEXINIT sent [preauth]
9112 2020-01-22 14:09:34.406 debug3: receive packet: type 20 [preauth]
9112 2020-01-22 14:09:34.406 debug1: SSH2_MSG_KEXINIT received [preauth]
9112 2020-01-22 14:09:34.406 debug2: local server KEXINIT proposal [preauth]
9112 2020-01-22 14:09:34.406 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth]
9112 2020-01-22 14:09:34.406 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
9112 2020-01-22 14:09:34.406 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
9112 2020-01-22 14:09:34.406 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
9112 2020-01-22 14:09:34.406 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
9112 2020-01-22 14:09:34.406 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
9112 2020-01-22 14:09:34.406 debug2: compression ctos: none,zlib@openssh.com [preauth]
9112 2020-01-22 14:09:34.406 debug2: compression stoc: none,zlib@openssh.com [preauth]
9112 2020-01-22 14:09:34.406 debug2: languages ctos: [preauth]
9112 2020-01-22 14:09:34.406 debug2: languages stoc: [preauth]
9112 2020-01-22 14:09:34.406 debug2: first_kex_follows 0 [preauth]
9112 2020-01-22 14:09:34.406 debug2: reserved 0 [preauth]
9112 2020-01-22 14:09:34.406 debug2: peer client KEXINIT proposal [preauth]
9112 2020-01-22 14:09:34.406 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c [preauth]
9112 2020-01-22 14:09:34.406 debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss [preauth]
9112 2020-01-22 14:09:34.406 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc [preauth]
9112 2020-01-22 14:09:34.407 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc [preauth]
9112 2020-01-22 14:09:34.407 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
9112 2020-01-22 14:09:34.407 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
9112 2020-01-22 14:09:34.407 debug2: compression ctos: none,zlib@openssh.com,zlib [preauth]
9112 2020-01-22 14:09:34.407 debug2: compression stoc: none,zlib@openssh.com,zlib [preauth]
9112 2020-01-22 14:09:34.407 debug2: languages ctos: [preauth]
9112 2020-01-22 14:09:34.407 debug2: languages stoc: [preauth]
9112 2020-01-22 14:09:34.407 debug2: first_kex_follows 0 [preauth]
9112 2020-01-22 14:09:34.407 debug2: reserved 0 [preauth]
9112 2020-01-22 14:09:34.407 debug1: kex: algorithm: curve25519-sha256 [preauth]
9112 2020-01-22 14:09:34.407 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
9112 2020-01-22 14:09:34.407 debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
9112 2020-01-22 14:09:34.407 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
9112 2020-01-22 14:09:34.407 debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
9112 2020-01-22 14:09:34.409 debug3: receive packet: type 30 [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_sshkey_sign entering [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_request_send entering: type 6 [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_request_receive_expect entering: type 7 [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_request_receive entering [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.412 debug3: monitor_read: checking request 6
9112 2020-01-22 14:09:34.412 debug3: mm_answer_sign
9112 2020-01-22 14:09:34.414 debug3: mm_answer_sign: KEX signature 000002059233A450(100)
9112 2020-01-22 14:09:34.414 debug3: mm_request_send entering: type 7
9112 2020-01-22 14:09:34.414 debug2: monitor_read: 6 used once, disabling now
9112 2020-01-22 14:09:34.415 debug3: send packet: type 31 [preauth]
9112 2020-01-22 14:09:34.415 debug3: send packet: type 21 [preauth]
9112 2020-01-22 14:09:34.415 debug2: set_newkeys: mode 1 [preauth]
9112 2020-01-22 14:09:34.415 debug1: rekey out after 134217728 blocks [preauth]
9112 2020-01-22 14:09:34.415 debug1: SSH2_MSG_NEWKEYS sent [preauth]
9112 2020-01-22 14:09:34.415 debug1: Sending SSH2_MSG_EXT_INFO [preauth]
9112 2020-01-22 14:09:34.415 debug3: send packet: type 7 [preauth]
9112 2020-01-22 14:09:34.415 debug1: expecting SSH2_MSG_NEWKEYS [preauth]
9112 2020-01-22 14:09:34.418 debug3: receive packet: type 21 [preauth]
9112 2020-01-22 14:09:34.418 debug1: SSH2_MSG_NEWKEYS received [preauth]
9112 2020-01-22 14:09:34.418 debug2: set_newkeys: mode 0 [preauth]
9112 2020-01-22 14:09:34.418 debug1: rekey in after 134217728 blocks [preauth]
9112 2020-01-22 14:09:34.418 debug1: KEX done [preauth]
9112 2020-01-22 14:09:34.469 debug3: receive packet: type 5 [preauth]
9112 2020-01-22 14:09:34.469 debug3: send packet: type 6 [preauth]
9112 2020-01-22 14:09:34.470 debug3: receive packet: type 50 [preauth]
9112 2020-01-22 14:09:34.470 debug1: userauth-request for user p986_bfr228384_t service ssh-connection method none [preauth]
9112 2020-01-22 14:09:34.470 debug1: attempt 0 failures 0 [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_getpwnamallow entering [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_request_send entering: type 8 [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_request_receive_expect entering: type 9 [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_request_receive entering [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.470 debug3: monitor_read: checking request 8
9112 2020-01-22 14:09:34.470 debug3: mm_answer_pwnamallow
9112 2020-01-22 14:09:34.471 debug2: parse_server_config: config reprocess config len 274
9112 2020-01-22 14:09:34.472 debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
9112 2020-01-22 14:09:34.472 debug3: mm_request_send entering: type 9
9112 2020-01-22 14:09:34.472 debug2: monitor_read: 8 used once, disabling now
9112 2020-01-22 14:09:34.473 debug2: input_userauth_request: setting up authctxt for p986_bfr228384_t [preauth]
9112 2020-01-22 14:09:34.473 debug3: mm_inform_authserv entering [preauth]
9112 2020-01-22 14:09:34.473 debug3: mm_request_send entering: type 4 [preauth]
9112 2020-01-22 14:09:34.473 debug2: input_userauth_request: try method none [preauth]
9112 2020-01-22 14:09:34.473 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.473 debug3: monitor_read: checking request 4
9112 2020-01-22 14:09:34.473 debug3: mm_answer_authserv: service=ssh-connection, style=
9112 2020-01-22 14:09:34.473 debug2: monitor_read: 4 used once, disabling now
9112 2020-01-22 14:09:34.473 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
9112 2020-01-22 14:09:34.473 debug3: ensure_minimum_time_since: elapsed 2.994ms, delaying 5.730ms (requested 8.724ms) [preauth]
9112 2020-01-22 14:09:34.479 debug3: userauth_finish: failure partial=0 next methods="publickey,keyboard-interactive" [preauth]
9112 2020-01-22 14:09:34.479 debug3: send packet: type 51 [preauth]
9112 2020-01-22 14:09:34.483 debug3: receive packet: type 50 [preauth]
9112 2020-01-22 14:09:34.483 debug1: userauth-request for user p986_bfr228384_t service ssh-connection method publickey [preauth]
9112 2020-01-22 14:09:34.483 debug1: attempt 1 failures 0 [preauth]
9112 2020-01-22 14:09:34.483 debug2: input_userauth_request: try method publickey [preauth]
9112 2020-01-22 14:09:34.483 debug2: userauth_pubkey: valid user p986_bfr228384_t attempting public key rsa-sha2-512 AAAAB3NzaC1yc2EAAAADAQABAAABgQDNvi2KZKqBzzKPeOj/tId5gtEancCFISa2LUYvEiF7AiPUX670WfEY1CjwNfacbDmF8YqlmUoEhOIkAo6rOnkQb3427KcW3uInnNG1KR3UH3Hy2vppcU23YyCmfoQT4yZwjzc4lZHR8t5u6jSxm51BTWbli2qXI65VFg+I/i5guiwGa8jBBrqfMjTOolEU2yxccb0gliavcg/yE6fa+ZYhBke3rwo6Y/I3Ao8H8WdMn23u0hXTJWw7mKRnUtKQGd4e0+g5PIS10w9l7ZHnq1txEKjBcwlcHWMJUxUVrxoPrjbbXoT2B22SbR7ijpYW5VvgXiS8pIvy2pbytGP4e1acElDiTTJF72veDdwFkD12MFiUkFZvDR7ifLHE2BWh0AhKyy2uY6lCl+qOFTRmzJxWpsQqk0G8mk9ocq9hP2IebXaRQEsKedrvnMe5gwOiknID91naL87tl71ELEfp+zNnQ28iEQLRqgf9PtGH3Wc4U9zuIO/+bhZiIPuOFdJda8U= [preauth]
9112 2020-01-22 14:09:34.483 debug3: userauth_pubkey: have rsa-sha2-512 signature for RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_key_allowed entering [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_request_send entering: type 22 [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_request_receive_expect entering: type 23 [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_request_receive entering [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.483 debug3: monitor_read: checking request 22
9112 2020-01-22 14:09:34.483 debug3: mm_answer_keyallowed entering
9112 2020-01-22 14:09:34.483 debug3: mm_answer_keyallowed: key_from_blob: 00000205922B7E10
9112 2020-01-22 14:09:34.483 debug1: trying public key file C:\Users\p986_bfr228384_t\.ssh/authorized_keys
9112 2020-01-22 14:09:34.485 debug1: C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1: matching key found: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
9112 2020-01-22 14:09:34.485 debug1: C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
9112 2020-01-22 14:09:34.485 Accepted key RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw found at C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1
9112 2020-01-22 14:09:34.485 debug3: mm_answer_keyallowed: publickey authentication: RSA key is allowed
9112 2020-01-22 14:09:34.485 debug3: mm_request_send entering: type 23
9112 2020-01-22 14:09:34.485 debug3: mm_sshkey_verify entering [preauth]
9112 2020-01-22 14:09:34.485 debug3: mm_request_send entering: type 24 [preauth]
9112 2020-01-22 14:09:34.485 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.485 debug3: monitor_read: checking request 24
9112 2020-01-22 14:09:34.485 debug3: mm_answer_keyverify: publickey 0000020592325720 signature verified
9112 2020-01-22 14:09:34.485 debug1: auth_activate_options: setting new authentication options
9112 2020-01-22 14:09:34.485 debug3: mm_request_send entering: type 25
9112 2020-01-22 14:09:34.486 Accepted publickey for p986_bfr228384_t from 10.39.34.155 port 33824 ssh2: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
9112 2020-01-22 14:09:34.486 debug1: monitor_child_preauth: p986_bfr228384_t has been authenticated by privileged process
9112 2020-01-22 14:09:34.486 debug3: mm_get_keystate: Waiting for new keys
9112 2020-01-22 14:09:34.486 debug3: mm_request_receive_expect entering: type 26
9112 2020-01-22 14:09:34.486 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.492 debug3: mm_get_keystate: GOT new keys
9112 2020-01-22 14:09:34.492 debug3: mm_sshkey_verify: waiting for MONITOR_ANS_KEYVERIF [preauth]
9112 2020-01-22 14:09:34.492 debug3: mm_request_receive_expect entering: type 25 [preauth]
9112 2020-01-22 14:09:34.492 debug3: mm_request_receive entering [preauth]
9112 2020-01-22 14:09:34.492 debug1: auth_activate_options: setting new authentication options [preauth]
9112 2020-01-22 14:09:34.492 debug2: userauth_pubkey: authenticated 1 pkalg rsa-sha2-512 [preauth]
9112 2020-01-22 14:09:34.492 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
9112 2020-01-22 14:09:34.492 debug3: ensure_minimum_time_since: elapsed 2.994ms, delaying 5.730ms (requested 8.724ms) [preauth]
9112 2020-01-22 14:09:34.492 debug3: send packet: type 52 [preauth]
9112 2020-01-22 14:09:34.492 debug3: mm_request_send entering: type 26 [preauth]
9112 2020-01-22 14:09:34.492 debug3: mm_send_keystate: Finished sending state [preauth]
9112 2020-01-22 14:09:34.495 debug1: monitor_read_log: child log fd closed
9112 2020-01-22 14:09:34.577 debug3: lookup_principal_name: Successfully discovered explicit principal name: 'domain\p986_bfr228384_t'=>'p986_bfr228384_t@domain'
9112 2020-01-22 14:09:34.595 debug1: generate_s4u_user_token: LsaLogonUser() failed. User 'domain\p986_bfr228384_t' Status: 0xC000006D SubStatus 0.
9112 2020-01-22 14:09:34.595 debug3: get_user_token - unable to generate token for user domain\p986_bfr228384_t
9112 2020-01-22 14:09:39.135 debug3: lookup_principal_name: Successfully discovered explicit principal name: 'domain\p986_bfr228384_t'=>'p986_bfr228384_t@domain'
9112 2020-01-22 14:09:39.145 debug1: generate_s4u_user_token: LsaLogonUser() failed. User 'domain\p986_bfr228384_t' Status: 0xC000006D SubStatus 0.
9112 2020-01-22 14:09:39.145 error: get_user_token - unable to generate token on 2nd attempt for user domain\p986_bfr228384_t
9112 2020-01-22 14:09:39.145 error: unable to get security token for user domain\p986_bfr228384_t
9112 2020-01-22 14:09:39.145 fatal: fork of unprivileged child failed
9112 2020-01-22 14:09:39.145 debug1: do_cleanup
Log when running with user .\sshd.exe -d
debug1: sshd version OpenSSH_for_Windows_8.1, LibreSSL 2.9.2
debug1: get_passwd: LookupAccountName() failed: 1332.
debug1: private host key #0: ssh-rsa SHA256:jHHFr8IYn3RXO6cfngtaQLKmm0Sf6gDZzM4dVbp6LHQ
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:vDYx8dsScX3udfisVBrsouI4rXY+aeIFR1rGDJQXSYs
debug1: private host key #2: ssh-ed25519 SHA256:nP1DtEduD42OqXY+6drE3bsv9yrWmlo96hPIx2kI4eQ
debug1: rexec_argv[0]='C:\Program Files\OpenSSH\sshd.exe'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 10.39.34.155 port 34412 on 10.39.14.133 port 22
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: algorithm: curve25519-sha256 [preauth]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: rekey out after 134217728 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: Sending SSH2_MSG_EXT_INFO [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: rekey in after 134217728 blocks [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user p986_bfr228384_t service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: userauth-request for user p986_bfr228384_t service ssh-connection method publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: trying public key file C:\Users\p986_bfr228384_t\.ssh/authorized_keys
debug1: C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1: matching key found: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
debug1: C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
Accepted key RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw found at C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1
debug1: auth_activate_options: setting new authentication options
Accepted publickey for p986_bfr228384_t from 10.39.34.155 port 34412 ssh2: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
debug1: monitor_child_preauth: p986_bfr228384_t has been authenticated by privileged process
debug1: auth_activate_options: setting new authentication options [preauth]
debug1: monitor_read_log: child log fd closed
debug1: Not running as SYSTEM: skipping loading user profile
User child is on pid 12444
The text was updated successfully, but these errors were encountered: