Hello all,
I'm trying to install a service to keep some SSH tunnels alive using
the following script:
$ cat ssh_tunnel.exe
#!/usr/bin/bash
while :
do
/cygdrive/c/WINDOWS/system32/netstat -an | grep 192\.168\.0\.1:139 \
| grep LISTENING > /dev/null
if (( $? )); then
/usr/bin/ssh -v -v -v -x -i/home/user/.ssh/id_rsa -2 \
-L 192.168.0.1:139:127.0.0.1:139 -N remote_u...@remote.host 2>&1 &
fi
/cygdrive/c/WINDOWS/system32/netstat -an | grep 192\.168\.0\.1:3306 \
| grep LISTENING > /dev/null
if (( $? )); then
/usr/bin/ssh -v -v -v -x -i/home/user/.ssh/id_rsa -2 \
-L 192.168.0.1:3306:127.0.0.1:3306 -N remote_u...@remote.host 2>&1 &
fi
sleep 300
done
The script works fine at the command line, but fails when running as a
service. My vain attempt to gather info (-v -v -v) only yields:
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-with-mic,password).
in the service log (all three lines for each instance of an ssh command).
SYSTEM should have access to id_rsa:
$ getfacl id_rsa
# file: id_rsa
# owner: user
# group: Domain Users
user::rw-
group::---
group:SYSTEM:r--
mask:rwx
other:---
$ ls -l id_rsa
-rw-------+ 1 user Domain Users 1679 Dec 13 13:40 id_rsa
But, id_rsa was generated as "user", not as "SYSTEM," so I'm wondering
if SYSTEM needs it's own private RSA key, and how one would go about
generating one, since I don't seem to be able to su to the SYSTEM
user.
I appreciate any help anyone can offer.
-Matt
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
