I’ve been having a hard time getting sshd to accept logins on a Windows 7 x64 box. The problems ranged from the error mentioned in the subject line (“/bin/bash: permission denied” appearing during logins) to silent failures during password authentication, during which the ssh
connection would simply be closed by the instance of Cygwin sshd running on my machine.
As it turns out, all my problems were caused by the fact that the sshd_server user being created by the ssh-host-config script was not being given all the required privileges. I’m not sure why, but I found an online description of the rights required by sshd_server and used the
“editrights” utility to grant them. I then deleted my ~/.ssh directory (definitively to erase the known_hosts file), restarted sshd, and everything began to work perfectly.
Unfortunately, I neglected to record which privileges had been granted to the sshd_server user on my system before I started granting additional ones, but as far as I remember sshd_server only had 2 or so of the 8 privileges granted.
In case the information helps anyone else, here is a list of the privileges that the sshd_server user appears to need:
To determine which privileges sshd_server has on your system, use this
editrights -u sshd_server -l
And here are the commands necessary to grant the above privileges to
editrights -a SeTcbPrivilege -u sshd_server
editrights -a SeAssignPrimaryTokenPrivilege -u sshd_server
editrights -a SeCreateTokenPrivilege -u sshd_server
editrights -a SeDenyInteractiveLogonRight -u sshd_server
editrights -a SeDenyNetworkLogonRight -u sshd_server
editrights -a SeDenyRemoteInteractiveLogonRight -u sshd_server
editrights -a SeIncreaseQuotaPrivilege -u sshd_server
editrights -a SeServiceLogonRight -u sshd_server