AD user cannot be authenticated by Key when sshd server is running by system(Password works), but key auth is working for user if user starts openssh by himeself with .\sshd.exe -d

[TadasJuska]

"OpenSSH for Windows" version
((Get-Item (Get-Command sshd).Source).VersionInfo.FileVersion)
PS C:\Program Files\OpenSSH> ((Get-Item (Get-Command ./sshd).Source).VersionInfo.FileVersion)
8.1.0.0

Server OperatingSystem
((Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows nt\CurrentVersion\" -Name ProductName).ProductName)
Windows Server 2016 Standard

Client OperatingSystem
Linux/Windows - same issue

What is failing
Public key authentication/unable to get security token for AD user (local user, working fine)
Similar issue #1053

Expected output
Successful logon

Actual output
Client output from Linux
~/.ssh$ ssh -vvv -o "IdentitiesOnly=yes" -i ./test_key p986_bfr228384_t@10.39.14.133
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug2: resolving "10.39.14.133" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 10.39.14.133 [10.39.14.133] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file ./test_key type -1
debug1: key_load_public: No such file or directory
debug1: identity file ./test_key-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_for_Windows_8.1
debug1: match: OpenSSH_for_Windows_8.1 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.39.14.133:22 as 'p986_bfr228384_t'
debug3: hostkeys_foreach: reading file "/home/user/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/user/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 10.39.14.133
debug3: hostkeys_foreach: reading file "/etc/ssh/ssh_known_hosts"
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: curve25519-sha256 need=64 dh_need=64
debug1: kex: curve25519-sha256 need=64 dh_need=64
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:vDYx8dsScX3udfisVBrsouI4rXY+aeIFR1rGDJQXSYs
debug3: hostkeys_foreach: reading file "/home/user/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/user/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 10.39.14.133
debug3: hostkeys_foreach: reading file "/etc/ssh/ssh_known_hosts"
debug1: Host '10.39.14.133' is known and matches the ECDSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: ./test_key ((nil)), explicit
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: ./test_key
debug3: sign_and_send_pubkey: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to 10.39.14.133 ([10.39.14.133]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions@openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: send packet: type 1
packet_write_wait: Connection to 10.39.14.133 port 22: Broken pipe

Sshd log in windows server:

8836 2020-01-22 14:09:28.750 debug2: fd 3 setting O_NONBLOCK
8836 2020-01-22 14:09:28.750 debug1: Bind to port 22 on 0.0.0.0.
8836 2020-01-22 14:09:28.750 Server listening on 0.0.0.0 port 22.
8836 2020-01-22 14:09:34.280 debug3: fd 4 is not O_NONBLOCK
8836 2020-01-22 14:09:34.283 debug3: spawning "C:\Program Files\OpenSSH\sshd.exe" -R
8836 2020-01-22 14:09:34.292 debug3: send_rexec_state: entering fd = 7 config len 274
8836 2020-01-22 14:09:34.293 debug3: ssh_msg_send: type 0
8836 2020-01-22 14:09:34.293 debug3: send_rexec_state: done
9112 2020-01-22 14:09:34.331 debug1: inetd sockets after dupping: 4, 4
9112 2020-01-22 14:09:34.332 Connection from 10.39.34.155 port 33824 on 10.39.14.133 port 22
9112 2020-01-22 14:09:34.332 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
9112 2020-01-22 14:09:34.332 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
9112 2020-01-22 14:09:34.332 debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
9112 2020-01-22 14:09:34.332 debug2: fd 4 setting O_NONBLOCK
9112 2020-01-22 14:09:34.357 debug3: spawning "C:\Program Files\OpenSSH\sshd.exe" -y
9112 2020-01-22 14:09:34.367 debug2: Network child is on pid 4524
9112 2020-01-22 14:09:34.367 debug3: send_rexec_state: entering fd = 6 config len 274
9112 2020-01-22 14:09:34.367 debug3: ssh_msg_send: type 0
9112 2020-01-22 14:09:34.367 debug3: send_rexec_state: done
9112 2020-01-22 14:09:34.367 debug3: ssh_msg_send: type 0
9112 2020-01-22 14:09:34.367 debug3: ssh_msg_send: type 0
9112 2020-01-22 14:09:34.367 debug3: preauth child monitor started
9112 2020-01-22 14:09:34.406 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
9112 2020-01-22 14:09:34.406 debug3: send packet: type 20 [preauth]
9112 2020-01-22 14:09:34.406 debug1: SSH2_MSG_KEXINIT sent [preauth]
9112 2020-01-22 14:09:34.406 debug3: receive packet: type 20 [preauth]
9112 2020-01-22 14:09:34.406 debug1: SSH2_MSG_KEXINIT received [preauth]
9112 2020-01-22 14:09:34.406 debug2: local server KEXINIT proposal [preauth]
9112 2020-01-22 14:09:34.406 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth]
9112 2020-01-22 14:09:34.406 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
9112 2020-01-22 14:09:34.406 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
9112 2020-01-22 14:09:34.406 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
9112 2020-01-22 14:09:34.406 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
9112 2020-01-22 14:09:34.406 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
9112 2020-01-22 14:09:34.406 debug2: compression ctos: none,zlib@openssh.com [preauth]
9112 2020-01-22 14:09:34.406 debug2: compression stoc: none,zlib@openssh.com [preauth]
9112 2020-01-22 14:09:34.406 debug2: languages ctos: [preauth]
9112 2020-01-22 14:09:34.406 debug2: languages stoc: [preauth]
9112 2020-01-22 14:09:34.406 debug2: first_kex_follows 0 [preauth]
9112 2020-01-22 14:09:34.406 debug2: reserved 0 [preauth]
9112 2020-01-22 14:09:34.406 debug2: peer client KEXINIT proposal [preauth]
9112 2020-01-22 14:09:34.406 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c [preauth]
9112 2020-01-22 14:09:34.406 debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss [preauth]
9112 2020-01-22 14:09:34.406 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc [preauth]
9112 2020-01-22 14:09:34.407 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc [preauth]
9112 2020-01-22 14:09:34.407 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
9112 2020-01-22 14:09:34.407 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
9112 2020-01-22 14:09:34.407 debug2: compression ctos: none,zlib@openssh.com,zlib [preauth]
9112 2020-01-22 14:09:34.407 debug2: compression stoc: none,zlib@openssh.com,zlib [preauth]
9112 2020-01-22 14:09:34.407 debug2: languages ctos: [preauth]
9112 2020-01-22 14:09:34.407 debug2: languages stoc: [preauth]
9112 2020-01-22 14:09:34.407 debug2: first_kex_follows 0 [preauth]
9112 2020-01-22 14:09:34.407 debug2: reserved 0 [preauth]
9112 2020-01-22 14:09:34.407 debug1: kex: algorithm: curve25519-sha256 [preauth]
9112 2020-01-22 14:09:34.407 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
9112 2020-01-22 14:09:34.407 debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
9112 2020-01-22 14:09:34.407 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
9112 2020-01-22 14:09:34.407 debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
9112 2020-01-22 14:09:34.409 debug3: receive packet: type 30 [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_sshkey_sign entering [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_request_send entering: type 6 [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_request_receive_expect entering: type 7 [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_request_receive entering [preauth]
9112 2020-01-22 14:09:34.412 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.412 debug3: monitor_read: checking request 6
9112 2020-01-22 14:09:34.412 debug3: mm_answer_sign
9112 2020-01-22 14:09:34.414 debug3: mm_answer_sign: KEX signature 000002059233A450(100)
9112 2020-01-22 14:09:34.414 debug3: mm_request_send entering: type 7
9112 2020-01-22 14:09:34.414 debug2: monitor_read: 6 used once, disabling now
9112 2020-01-22 14:09:34.415 debug3: send packet: type 31 [preauth]
9112 2020-01-22 14:09:34.415 debug3: send packet: type 21 [preauth]
9112 2020-01-22 14:09:34.415 debug2: set_newkeys: mode 1 [preauth]
9112 2020-01-22 14:09:34.415 debug1: rekey out after 134217728 blocks [preauth]
9112 2020-01-22 14:09:34.415 debug1: SSH2_MSG_NEWKEYS sent [preauth]
9112 2020-01-22 14:09:34.415 debug1: Sending SSH2_MSG_EXT_INFO [preauth]
9112 2020-01-22 14:09:34.415 debug3: send packet: type 7 [preauth]
9112 2020-01-22 14:09:34.415 debug1: expecting SSH2_MSG_NEWKEYS [preauth]
9112 2020-01-22 14:09:34.418 debug3: receive packet: type 21 [preauth]
9112 2020-01-22 14:09:34.418 debug1: SSH2_MSG_NEWKEYS received [preauth]
9112 2020-01-22 14:09:34.418 debug2: set_newkeys: mode 0 [preauth]
9112 2020-01-22 14:09:34.418 debug1: rekey in after 134217728 blocks [preauth]
9112 2020-01-22 14:09:34.418 debug1: KEX done [preauth]
9112 2020-01-22 14:09:34.469 debug3: receive packet: type 5 [preauth]
9112 2020-01-22 14:09:34.469 debug3: send packet: type 6 [preauth]
9112 2020-01-22 14:09:34.470 debug3: receive packet: type 50 [preauth]
9112 2020-01-22 14:09:34.470 debug1: userauth-request for user p986_bfr228384_t service ssh-connection method none [preauth]
9112 2020-01-22 14:09:34.470 debug1: attempt 0 failures 0 [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_getpwnamallow entering [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_request_send entering: type 8 [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_request_receive_expect entering: type 9 [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_request_receive entering [preauth]
9112 2020-01-22 14:09:34.470 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.470 debug3: monitor_read: checking request 8
9112 2020-01-22 14:09:34.470 debug3: mm_answer_pwnamallow
9112 2020-01-22 14:09:34.471 debug2: parse_server_config: config reprocess config len 274
9112 2020-01-22 14:09:34.472 debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
9112 2020-01-22 14:09:34.472 debug3: mm_request_send entering: type 9
9112 2020-01-22 14:09:34.472 debug2: monitor_read: 8 used once, disabling now
9112 2020-01-22 14:09:34.473 debug2: input_userauth_request: setting up authctxt for p986_bfr228384_t [preauth]
9112 2020-01-22 14:09:34.473 debug3: mm_inform_authserv entering [preauth]
9112 2020-01-22 14:09:34.473 debug3: mm_request_send entering: type 4 [preauth]
9112 2020-01-22 14:09:34.473 debug2: input_userauth_request: try method none [preauth]
9112 2020-01-22 14:09:34.473 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.473 debug3: monitor_read: checking request 4
9112 2020-01-22 14:09:34.473 debug3: mm_answer_authserv: service=ssh-connection, style=
9112 2020-01-22 14:09:34.473 debug2: monitor_read: 4 used once, disabling now
9112 2020-01-22 14:09:34.473 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
9112 2020-01-22 14:09:34.473 debug3: ensure_minimum_time_since: elapsed 2.994ms, delaying 5.730ms (requested 8.724ms) [preauth]
9112 2020-01-22 14:09:34.479 debug3: userauth_finish: failure partial=0 next methods="publickey,keyboard-interactive" [preauth]
9112 2020-01-22 14:09:34.479 debug3: send packet: type 51 [preauth]
9112 2020-01-22 14:09:34.483 debug3: receive packet: type 50 [preauth]
9112 2020-01-22 14:09:34.483 debug1: userauth-request for user p986_bfr228384_t service ssh-connection method publickey [preauth]
9112 2020-01-22 14:09:34.483 debug1: attempt 1 failures 0 [preauth]
9112 2020-01-22 14:09:34.483 debug2: input_userauth_request: try method publickey [preauth]
9112 2020-01-22 14:09:34.483 debug2: userauth_pubkey: valid user p986_bfr228384_t attempting public key rsa-sha2-512 AAAAB3NzaC1yc2EAAAADAQABAAABgQDNvi2KZKqBzzKPeOj/tId5gtEancCFISa2LUYvEiF7AiPUX670WfEY1CjwNfacbDmF8YqlmUoEhOIkAo6rOnkQb3427KcW3uInnNG1KR3UH3Hy2vppcU23YyCmfoQT4yZwjzc4lZHR8t5u6jSxm51BTWbli2qXI65VFg+I/i5guiwGa8jBBrqfMjTOolEU2yxccb0gliavcg/yE6fa+ZYhBke3rwo6Y/I3Ao8H8WdMn23u0hXTJWw7mKRnUtKQGd4e0+g5PIS10w9l7ZHnq1txEKjBcwlcHWMJUxUVrxoPrjbbXoT2B22SbR7ijpYW5VvgXiS8pIvy2pbytGP4e1acElDiTTJF72veDdwFkD12MFiUkFZvDR7ifLHE2BWh0AhKyy2uY6lCl+qOFTRmzJxWpsQqk0G8mk9ocq9hP2IebXaRQEsKedrvnMe5gwOiknID91naL87tl71ELEfp+zNnQ28iEQLRqgf9PtGH3Wc4U9zuIO/+bhZiIPuOFdJda8U= [preauth]
9112 2020-01-22 14:09:34.483 debug3: userauth_pubkey: have rsa-sha2-512 signature for RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_key_allowed entering [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_request_send entering: type 22 [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_request_receive_expect entering: type 23 [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_request_receive entering [preauth]
9112 2020-01-22 14:09:34.483 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.483 debug3: monitor_read: checking request 22
9112 2020-01-22 14:09:34.483 debug3: mm_answer_keyallowed entering
9112 2020-01-22 14:09:34.483 debug3: mm_answer_keyallowed: key_from_blob: 00000205922B7E10
9112 2020-01-22 14:09:34.483 debug1: trying public key file C:\Users\p986_bfr228384_t\.ssh/authorized_keys
9112 2020-01-22 14:09:34.485 debug1: C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1: matching key found: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
9112 2020-01-22 14:09:34.485 debug1: C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
9112 2020-01-22 14:09:34.485 Accepted key RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw found at C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1
9112 2020-01-22 14:09:34.485 debug3: mm_answer_keyallowed: publickey authentication: RSA key is allowed
9112 2020-01-22 14:09:34.485 debug3: mm_request_send entering: type 23
9112 2020-01-22 14:09:34.485 debug3: mm_sshkey_verify entering [preauth]
9112 2020-01-22 14:09:34.485 debug3: mm_request_send entering: type 24 [preauth]
9112 2020-01-22 14:09:34.485 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.485 debug3: monitor_read: checking request 24
9112 2020-01-22 14:09:34.485 debug3: mm_answer_keyverify: publickey 0000020592325720 signature verified
9112 2020-01-22 14:09:34.485 debug1: auth_activate_options: setting new authentication options
9112 2020-01-22 14:09:34.485 debug3: mm_request_send entering: type 25
9112 2020-01-22 14:09:34.486 Accepted publickey for p986_bfr228384_t from 10.39.34.155 port 33824 ssh2: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
9112 2020-01-22 14:09:34.486 debug1: monitor_child_preauth: p986_bfr228384_t has been authenticated by privileged process
9112 2020-01-22 14:09:34.486 debug3: mm_get_keystate: Waiting for new keys
9112 2020-01-22 14:09:34.486 debug3: mm_request_receive_expect entering: type 26
9112 2020-01-22 14:09:34.486 debug3: mm_request_receive entering
9112 2020-01-22 14:09:34.492 debug3: mm_get_keystate: GOT new keys
9112 2020-01-22 14:09:34.492 debug3: mm_sshkey_verify: waiting for MONITOR_ANS_KEYVERIF [preauth]
9112 2020-01-22 14:09:34.492 debug3: mm_request_receive_expect entering: type 25 [preauth]
9112 2020-01-22 14:09:34.492 debug3: mm_request_receive entering [preauth]
9112 2020-01-22 14:09:34.492 debug1: auth_activate_options: setting new authentication options [preauth]
9112 2020-01-22 14:09:34.492 debug2: userauth_pubkey: authenticated 1 pkalg rsa-sha2-512 [preauth]
9112 2020-01-22 14:09:34.492 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
9112 2020-01-22 14:09:34.492 debug3: ensure_minimum_time_since: elapsed 2.994ms, delaying 5.730ms (requested 8.724ms) [preauth]
9112 2020-01-22 14:09:34.492 debug3: send packet: type 52 [preauth]
9112 2020-01-22 14:09:34.492 debug3: mm_request_send entering: type 26 [preauth]
9112 2020-01-22 14:09:34.492 debug3: mm_send_keystate: Finished sending state [preauth]
9112 2020-01-22 14:09:34.495 debug1: monitor_read_log: child log fd closed
9112 2020-01-22 14:09:34.577 debug3: lookup_principal_name: Successfully discovered explicit principal name: 'domain\p986_bfr228384_t'=>'p986_bfr228384_t@domain'
9112 2020-01-22 14:09:34.595 debug1: generate_s4u_user_token: LsaLogonUser() failed. User 'domain\p986_bfr228384_t' Status: 0xC000006D SubStatus 0.
9112 2020-01-22 14:09:34.595 debug3: get_user_token - unable to generate token for user domain\p986_bfr228384_t
9112 2020-01-22 14:09:39.135 debug3: lookup_principal_name: Successfully discovered explicit principal name: 'domain\p986_bfr228384_t'=>'p986_bfr228384_t@domain'
9112 2020-01-22 14:09:39.145 debug1: generate_s4u_user_token: LsaLogonUser() failed. User 'domain\p986_bfr228384_t' Status: 0xC000006D SubStatus 0.
9112 2020-01-22 14:09:39.145 error: get_user_token - unable to generate token on 2nd attempt for user domain\p986_bfr228384_t
9112 2020-01-22 14:09:39.145 error: unable to get security token for user domain\p986_bfr228384_t
9112 2020-01-22 14:09:39.145 fatal: fork of unprivileged child failed
9112 2020-01-22 14:09:39.145 debug1: do_cleanup

Log when running with user .\sshd.exe -d
debug1: sshd version OpenSSH_for_Windows_8.1, LibreSSL 2.9.2
debug1: get_passwd: LookupAccountName() failed: 1332.
debug1: private host key #0: ssh-rsa SHA256:jHHFr8IYn3RXO6cfngtaQLKmm0Sf6gDZzM4dVbp6LHQ
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:vDYx8dsScX3udfisVBrsouI4rXY+aeIFR1rGDJQXSYs
debug1: private host key #2: ssh-ed25519 SHA256:nP1DtEduD42OqXY+6drE3bsv9yrWmlo96hPIx2kI4eQ
debug1: rexec_argv[0]='C:\Program Files\OpenSSH\sshd.exe'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 10.39.34.155 port 34412 on 10.39.14.133 port 22
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: algorithm: curve25519-sha256 [preauth]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: rekey out after 134217728 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: Sending SSH2_MSG_EXT_INFO [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: rekey in after 134217728 blocks [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user p986_bfr228384_t service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: userauth-request for user p986_bfr228384_t service ssh-connection method publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: trying public key file C:\Users\p986_bfr228384_t\.ssh/authorized_keys
debug1: C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1: matching key found: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
debug1: C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
Accepted key RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw found at C:\Users\p986_bfr228384_t\.ssh/authorized_keys:1
debug1: auth_activate_options: setting new authentication options
Accepted publickey for p986_bfr228384_t from 10.39.34.155 port 34412 ssh2: RSA SHA256:6P8yS+E6ak3VE1X+em/tc9lFCFgsvxrwHLNzzcvvWhw
debug1: monitor_child_preauth: p986_bfr228384_t has been authenticated by privileged process
debug1: auth_activate_options: setting new authentication options [preauth]
debug1: monitor_read_log: child log fd closed
debug1: Not running as SYSTEM: skipping loading user profile
User child is on pid 12444

[TadasJuska]

Tried from issue case workarounds #1053

• To add user to "Access this computer from the network" but it was before for everyone. Not working.
• Connect with domain name in ssh command "ssh -vvv -o "IdentitiesOnly=yes" -i ./test_key 'Domain\p986_bfr228384_t'@10.39.14.133" Not working.
• Service is running by SYSTEM

[PrabhuMuthiah]

I do have same issue. when I run sshd with debug mode , it works. Waiting for resolution on this issue. thanks.

[vominhi]

Having the same issue. It works fine with username and password.

[dekiesel]

I am having (almost) the same problem using the 64bit version though I do not get the error in the logs.

I start a process that calls a database and that database is set to windows authentication.

SSH'ing into the server using key fails process, but it works using the password. It also works (with pubkey) when starting the service with sshd.exe -d, as others have stated.

Can the install script be amended to start the service using -d?

This has been working fine for us for quite some time so I guess something got changed on the LDAP server, I am waiting for a response from the LDAP server guys.

[bagajjal]

@dekiesel - Don't modify the install script to start service using -d.
-d is only for debug purpose. If you try to login with a different user then it wouldn't work as sshd process running (in log in user context) can't generate the token for other users.

When sshd is running as SYSTEM, for key based authentication we use LsaLogonUser() API to get the user token. Look at the error message when sshd is running as SYSTEM. It should give some clue.

[dekiesel]

@bagajjal

I can't find any errors in the log, unfortunately. This is the part that names LsaLogonUser:

528496 2020-05-13 16:22:15.825 Accepted publickey for myuser@mydomain from 172.20.3.15 port 41566 ssh2: RSA SHA256:bhv8Df1Kb6N7OqXP/0fiORUcCPEiCIpV7Hf3RwdccjE
528496 2020-05-13 16:22:15.825 debug1: monitor_child_preauth: myuser@mydomain has been authenticated by privileged process
528496 2020-05-13 16:22:15.825 debug3: mm_get_keystate: Waiting for new keys
528496 2020-05-13 16:22:15.825 debug3: mm_request_receive_expect entering: type 26
528496 2020-05-13 16:22:15.825 debug3: mm_request_receive entering
528496 2020-05-13 16:22:15.830 debug3: mm_get_keystate: GOT new keys
528496 2020-05-13 16:22:15.830 debug1: auth_activate_options: setting new authentication options [preauth]
528496 2020-05-13 16:22:15.830 debug2: userauth_pubkey: authenticated 1 pkalg rsa-sha2-512 [preauth]
528496 2020-05-13 16:22:15.830 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
528496 2020-05-13 16:22:15.830 debug3: ensure_minimum_time_since: elapsed 2.001ms, delaying 4.842ms (requested 6.843ms) [preauth]
528496 2020-05-13 16:22:15.830 debug3: send packet: type 52 [preauth]
528496 2020-05-13 16:22:15.830 debug3: mm_request_send entering: type 26 [preauth]
528496 2020-05-13 16:22:15.830 debug3: mm_send_keystate: Finished sending state [preauth]
528496 2020-05-13 16:22:15.831 debug1: monitor_read_log: child log fd closed
528496 2020-05-13 16:22:15.863 debug3: lookup_principal_name: Successfully discovered explicit principal name: 'mydomain\myuser'=>'myuser@myldap.server'
528496 2020-05-13 16:22:15.869 debug3: LsaLogonUser Succeeded (Impersonation: 1)
528496 2020-05-13 16:22:15.872 debug3: spawning "C:\Program Files\OpenSSH\sshd.exe" -z
528496 2020-05-13 16:22:15.874 User child is on pid 482516

Running the process from this session (a ETL tool that connects to SQL Server) fails. Using password it works.

If I can help debug this please let me know

[bagajjal]

Please share the full sshd.log with DEBUG3 enabeld. Once we get user token, the code path is same for key-based and password based authentication. In both cases we spawn the child processes in the user context.

[dekiesel]

Please find the log attached:

748004 2020-05-15 09:34:36.384 debug2: channel 0: read<=0 rfd 13 len 0
748004 2020-05-15 09:34:36.384 debug2: channel 0: read failed
748004 2020-05-15 09:34:36.384 debug2: channel 0: chan_shutdown_read (i0 o0 sock -1 wfd 13 efd -1 [closed])
748004 2020-05-15 09:34:36.384 debug2: channel 0: input open -> drain
748004 2020-05-15 09:34:36.384 debug2: channel 0: ibuf empty
748004 2020-05-15 09:34:36.384 debug2: channel 0: send eof
748004 2020-05-15 09:34:36.384 debug3: send packet: type 96
748004 2020-05-15 09:34:36.384 debug2: channel 0: input drain -> closed
748004 2020-05-15 09:34:36.384 debug1: Received SIGCHLD.
748004 2020-05-15 09:34:36.384 debug1: session_by_pid: pid 517384
748004 2020-05-15 09:34:36.384 debug1: session_exit_message: session 0 channel 0 pid 517384
748004 2020-05-15 09:34:36.384 debug2: channel 0: request exit-status confirm 0
748004 2020-05-15 09:34:36.384 debug3: send packet: type 98
748004 2020-05-15 09:34:36.384 debug1: session_exit_message: release channel 0
748004 2020-05-15 09:34:36.384 debug2: channel 0: write failed
748004 2020-05-15 09:34:36.384 debug2: channel 0: chan_shutdown_write (i3 o0 sock -1 wfd 12 efd -1 [closed])
748004 2020-05-15 09:34:36.384 debug2: channel 0: send eow
748004 2020-05-15 09:34:36.384 debug2: channel 0: output open -> closed
748004 2020-05-15 09:34:36.384 debug2: channel 0: send close
748004 2020-05-15 09:34:36.384 debug3: send packet: type 97
748004 2020-05-15 09:34:36.384 debug3: channel 0: will not send data after close
748004 2020-05-15 09:34:36.384 debug2: notify_done: reading
748004 2020-05-15 09:34:36.384 debug3: channel 0: will not send data after close
748004 2020-05-15 09:34:36.400 debug3: receive packet: type 97
748004 2020-05-15 09:34:36.400 debug2: channel 0: rcvd close
748004 2020-05-15 09:34:36.400 debug3: channel 0: will not send data after close
748004 2020-05-15 09:34:36.400 debug2: channel 0: is dead
748004 2020-05-15 09:34:36.400 debug2: channel 0: gc: notify user
748004 2020-05-15 09:34:36.400 debug1: session_by_channel: session 0 channel 0
748004 2020-05-15 09:34:36.400 debug1: session_close_by_channel: channel 0 child 0
748004 2020-05-15 09:34:36.400 Close session: user mydomain\myuser from 172.20.3.15 port 58140 id 0
748004 2020-05-15 09:34:36.400 debug3: session_unused: session id 0 unused
748004 2020-05-15 09:34:36.400 debug2: channel 0: gc: user detached
748004 2020-05-15 09:34:36.400 debug2: channel 0: is dead
748004 2020-05-15 09:34:36.400 debug2: channel 0: garbage collecting
748004 2020-05-15 09:34:36.400 debug1: channel 0: free: server-session, nchannels 1
748004 2020-05-15 09:34:36.400 debug3: channel 0: status: The following connections are open:\r\n #0 server-session (t4 r0 i3/0 o3/0 e[closed]/0 fd -1/-1/-1 sock -1 cc -1)\r\n
748004 2020-05-15 09:34:36.400 debug3: receive packet: type 1
748004 2020-05-15 09:34:36.400 Received disconnect from 172.20.3.15 port 58140:11: disconnected by user
748004 2020-05-15 09:34:36.400 Disconnected from 172.20.3.15 port 58140
748004 2020-05-15 09:34:36.400 debug1: do_cleanup
742712 2020-05-15 09:34:36.402 debug3: mm_request_receive entering
742712 2020-05-15 09:34:36.402 debug1: do_cleanup
606184 2020-05-15 09:34:38.310 debug3: fd 5 is not O_NONBLOCK
606184 2020-05-15 09:34:38.310 debug3: spawning "C:\Program Files\OpenSSH\sshd.exe" -R
606184 2020-05-15 09:34:38.312 debug3: send_rexec_state: entering fd = 8 config len 321
606184 2020-05-15 09:34:38.312 debug3: ssh_msg_send: type 0
606184 2020-05-15 09:34:38.312 debug3: send_rexec_state: done
700548 2020-05-15 09:34:38.334 debug1: inetd sockets after dupping: 4, 4
700548 2020-05-15 09:34:38.334 Connection from 172.20.3.15 port 58766 on 172.30.35.63 port 22
700548 2020-05-15 09:34:38.334 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
700548 2020-05-15 09:34:38.334 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
700548 2020-05-15 09:34:38.334 debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
700548 2020-05-15 09:34:38.334 debug2: fd 4 setting O_NONBLOCK
700548 2020-05-15 09:34:38.362 debug3: spawning "C:\Program Files\OpenSSH\sshd.exe" -y
700548 2020-05-15 09:34:38.365 debug2: Network child is on pid 598576
700548 2020-05-15 09:34:38.366 debug3: send_rexec_state: entering fd = 6 config len 321
700548 2020-05-15 09:34:38.366 debug3: ssh_msg_send: type 0
700548 2020-05-15 09:34:38.366 debug3: send_rexec_state: done
700548 2020-05-15 09:34:38.366 debug3: ssh_msg_send: type 0
700548 2020-05-15 09:34:38.366 debug3: ssh_msg_send: type 0
700548 2020-05-15 09:34:38.366 debug3: preauth child monitor started
700548 2020-05-15 09:34:38.380 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
700548 2020-05-15 09:34:38.380 debug3: send packet: type 20 [preauth]
700548 2020-05-15 09:34:38.380 debug1: SSH2_MSG_KEXINIT sent [preauth]
700548 2020-05-15 09:34:38.380 debug3: receive packet: type 20 [preauth]
700548 2020-05-15 09:34:38.380 debug1: SSH2_MSG_KEXINIT received [preauth]
700548 2020-05-15 09:34:38.380 debug2: local server KEXINIT proposal [preauth]
700548 2020-05-15 09:34:38.380 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth]
700548 2020-05-15 09:34:38.380 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
700548 2020-05-15 09:34:38.380 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
700548 2020-05-15 09:34:38.380 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
700548 2020-05-15 09:34:38.380 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
700548 2020-05-15 09:34:38.380 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
700548 2020-05-15 09:34:38.380 debug2: compression ctos: none,zlib@openssh.com [preauth]
700548 2020-05-15 09:34:38.380 debug2: compression stoc: none,zlib@openssh.com [preauth]
700548 2020-05-15 09:34:38.380 debug2: languages ctos: [preauth]
700548 2020-05-15 09:34:38.380 debug2: languages stoc: [preauth]
700548 2020-05-15 09:34:38.380 debug2: first_kex_follows 0 [preauth]
700548 2020-05-15 09:34:38.380 debug2: reserved 0 [preauth]
700548 2020-05-15 09:34:38.380 debug2: peer client KEXINIT proposal [preauth]
700548 2020-05-15 09:34:38.380 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c [preauth]
700548 2020-05-15 09:34:38.380 debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss [preauth]
700548 2020-05-15 09:34:38.380 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc [preauth]
700548 2020-05-15 09:34:38.380 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc [preauth]
700548 2020-05-15 09:34:38.380 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
700548 2020-05-15 09:34:38.380 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
700548 2020-05-15 09:34:38.380 debug2: compression ctos: none,zlib@openssh.com,zlib [preauth]
700548 2020-05-15 09:34:38.380 debug2: compression stoc: none,zlib@openssh.com,zlib [preauth]
700548 2020-05-15 09:34:38.380 debug2: languages ctos: [preauth]
700548 2020-05-15 09:34:38.380 debug2: languages stoc: [preauth]
700548 2020-05-15 09:34:38.380 debug2: first_kex_follows 0 [preauth]
700548 2020-05-15 09:34:38.380 debug2: reserved 0 [preauth]
700548 2020-05-15 09:34:38.380 debug1: kex: algorithm: curve25519-sha256 [preauth]
700548 2020-05-15 09:34:38.380 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
700548 2020-05-15 09:34:38.380 debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
700548 2020-05-15 09:34:38.380 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none [preauth]
700548 2020-05-15 09:34:38.380 debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
700548 2020-05-15 09:34:38.398 debug3: receive packet: type 30 [preauth]
700548 2020-05-15 09:34:38.401 debug3: mm_sshkey_sign entering [preauth]
700548 2020-05-15 09:34:38.401 debug3: mm_request_send entering: type 6 [preauth]
700548 2020-05-15 09:34:38.401 debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
700548 2020-05-15 09:34:38.401 debug3: mm_request_receive_expect entering: type 7 [preauth]
700548 2020-05-15 09:34:38.401 debug3: mm_request_receive entering [preauth]
700548 2020-05-15 09:34:38.401 debug3: mm_request_receive entering
700548 2020-05-15 09:34:38.401 debug3: monitor_read: checking request 6
700548 2020-05-15 09:34:38.401 debug3: mm_answer_sign
700548 2020-05-15 09:34:38.405 debug3: mm_answer_sign: KEX signature 00000013193D7120(100)
700548 2020-05-15 09:34:38.405 debug3: mm_request_send entering: type 7
700548 2020-05-15 09:34:38.405 debug2: monitor_read: 6 used once, disabling now
700548 2020-05-15 09:34:38.405 debug3: send packet: type 31 [preauth]
700548 2020-05-15 09:34:38.405 debug3: send packet: type 21 [preauth]
700548 2020-05-15 09:34:38.405 debug2: set_newkeys: mode 1 [preauth]
700548 2020-05-15 09:34:38.405 debug1: rekey out after 134217728 blocks [preauth]
700548 2020-05-15 09:34:38.405 debug1: SSH2_MSG_NEWKEYS sent [preauth]
700548 2020-05-15 09:34:38.405 debug1: Sending SSH2_MSG_EXT_INFO [preauth]
700548 2020-05-15 09:34:38.405 debug3: send packet: type 7 [preauth]
700548 2020-05-15 09:34:38.405 debug1: expecting SSH2_MSG_NEWKEYS [preauth]
700548 2020-05-15 09:34:38.424 debug3: receive packet: type 21 [preauth]
700548 2020-05-15 09:34:38.424 debug1: SSH2_MSG_NEWKEYS received [preauth]
700548 2020-05-15 09:34:38.424 debug2: set_newkeys: mode 0 [preauth]
700548 2020-05-15 09:34:38.424 debug1: rekey in after 134217728 blocks [preauth]
700548 2020-05-15 09:34:38.424 debug1: KEX done [preauth]
700548 2020-05-15 09:34:38.492 debug3: receive packet: type 5 [preauth]
700548 2020-05-15 09:34:38.492 debug3: send packet: type 6 [preauth]
700548 2020-05-15 09:34:38.507 debug3: receive packet: type 50 [preauth]
700548 2020-05-15 09:34:38.507 debug1: userauth-request for user myuser@mydomain service ssh-connection method none [preauth]
700548 2020-05-15 09:34:38.507 debug1: attempt 0 failures 0 [preauth]
700548 2020-05-15 09:34:38.507 debug3: mm_getpwnamallow entering [preauth]
700548 2020-05-15 09:34:38.507 debug3: mm_request_send entering: type 8 [preauth]
700548 2020-05-15 09:34:38.507 debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
700548 2020-05-15 09:34:38.507 debug3: mm_request_receive_expect entering: type 9 [preauth]
700548 2020-05-15 09:34:38.507 debug3: mm_request_receive entering [preauth]
700548 2020-05-15 09:34:38.507 debug3: mm_request_receive entering
700548 2020-05-15 09:34:38.507 debug3: monitor_read: checking request 8
700548 2020-05-15 09:34:38.507 debug3: mm_answer_pwnamallow
700548 2020-05-15 09:34:38.511 debug2: parse_server_config: config reprocess config len 321
700548 2020-05-15 09:34:38.511 reprocess config line 27: Deprecated option RSAAuthentication
700548 2020-05-15 09:34:38.511 reprocess config line 35: Deprecated option RhostsRSAAuthentication
700548 2020-05-15 09:34:38.511 debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
700548 2020-05-15 09:34:38.511 debug3: mm_request_send entering: type 9
700548 2020-05-15 09:34:38.512 debug2: monitor_read: 8 used once, disabling now
700548 2020-05-15 09:34:38.512 debug2: input_userauth_request: setting up authctxt for myuser@mydomain [preauth]
700548 2020-05-15 09:34:38.512 debug3: mm_inform_authserv entering [preauth]
700548 2020-05-15 09:34:38.512 debug3: mm_request_send entering: type 4 [preauth]
700548 2020-05-15 09:34:38.512 debug2: input_userauth_request: try method none [preauth]
700548 2020-05-15 09:34:38.512 debug3: mm_request_receive entering
700548 2020-05-15 09:34:38.512 debug3: monitor_read: checking request 4
700548 2020-05-15 09:34:38.512 debug3: mm_answer_authserv: service=ssh-connection, style=
700548 2020-05-15 09:34:38.512 debug2: monitor_read: 4 used once, disabling now
700548 2020-05-15 09:34:38.512 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
700548 2020-05-15 09:34:38.512 debug3: ensure_minimum_time_since: elapsed 5.005ms, delaying 1.838ms (requested 6.843ms) [preauth]
700548 2020-05-15 09:34:38.514 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
700548 2020-05-15 09:34:38.514 debug3: send packet: type 51 [preauth]
700548 2020-05-15 09:34:38.529 debug3: receive packet: type 50 [preauth]
700548 2020-05-15 09:34:38.529 debug1: userauth-request for user myuser@mydomain service ssh-connection method publickey [preauth]
700548 2020-05-15 09:34:38.529 debug1: attempt 1 failures 0 [preauth]
700548 2020-05-15 09:34:38.529 debug2: input_userauth_request: try method publickey [preauth]
700548 2020-05-15 09:34:38.529 debug2: userauth_pubkey: valid user myuser@mydomain querying public key rsa-sha2-512 AAAAB3NzaC1yc2EAAAABIwAAAQEA6mKmtyW4QRkbAAUVv1IxKiFXFu1k7S6xmDt+krWMfu/jOF1PI/o8vjXOJtKwusmbfLRmt6IzoKaby4s32RMbDv0w6w/HR8vVEQys6t/jq1yPz4x19J3glsRi1dn320uKzIWrWiNQEm83RbqwatfgUI5yA7V6JV18nXbINhn09K0y8S2zwJ6YS8y0zlWvniJVwwPOPSQPYLBJUYSvQKouKBlbNZ1u38UxhdChF8uaTSMjt8RvzS0Jwfs1gXNrCucQZgWGxRS4lo4XiNHUM9Rri22G1HLo2Q7t9jxNIR4yoec989oQMxwZ7Ow2Bh9Wky7ZvAlVb39in4D6/6+KVMmcXQ== [preauth]
700548 2020-05-15 09:34:38.529 debug1: userauth_pubkey: test pkalg rsa-sha2-512 pkblob RSA SHA256:bhv8Df0Kb6N7OqXP/0fiORUcXPEiCIpV7Hf3RwdccjE [preauth]
700548 2020-05-15 09:34:38.529 debug3: mm_key_allowed entering [preauth]
700548 2020-05-15 09:34:38.529 debug3: mm_request_send entering: type 22 [preauth]
700548 2020-05-15 09:34:38.529 debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
700548 2020-05-15 09:34:38.529 debug3: mm_request_receive_expect entering: type 23 [preauth]
700548 2020-05-15 09:34:38.529 debug3: mm_request_receive entering [preauth]
700548 2020-05-15 09:34:38.529 debug3: mm_request_receive entering
700548 2020-05-15 09:34:38.529 debug3: monitor_read: checking request 22
700548 2020-05-15 09:34:38.529 debug3: mm_answer_keyallowed entering
700548 2020-05-15 09:34:38.529 debug3: mm_answer_keyallowed: key_from_blob: 000000131943AB50
700548 2020-05-15 09:34:38.529 debug1: trying public key file C:\Users\myuser\.ssh/authorized_keys
700548 2020-05-15 09:34:38.530 debug1: C:\Users\myuser\.ssh/authorized_keys:1: matching key found: RSA SHA256:bhv8Df0Kb6N7OqXP/0fiORUcXPEiCIpV7Hf3RwdccjE
700548 2020-05-15 09:34:38.530 debug1: C:\Users\myuser\.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
700548 2020-05-15 09:34:38.530 Accepted key RSA SHA256:bhv8Df0Kb6N7OqXP/0fiORUcXPEiCIpV7Hf3RwdccjE found at C:\Users\myuser\.ssh/authorized_keys:1
700548 2020-05-15 09:34:38.530 debug3: mm_answer_keyallowed: publickey authentication test: RSA key is allowed
700548 2020-05-15 09:34:38.530 debug3: mm_request_send entering: type 23
700548 2020-05-15 09:34:38.530 debug3: send packet: type 60 [preauth]
700548 2020-05-15 09:34:38.530 debug2: userauth_pubkey: authenticated 0 pkalg rsa-sha2-512 [preauth]
700548 2020-05-15 09:34:38.530 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
700548 2020-05-15 09:34:38.530 debug3: ensure_minimum_time_since: elapsed 1.005ms, delaying 5.838ms (requested 6.843ms) [preauth]
700548 2020-05-15 09:34:38.536 Postponed publickey for myuser@mydomain from 172.20.3.15 port 58766 ssh2 [preauth]
700548 2020-05-15 09:34:38.547 debug3: receive packet: type 50 [preauth]
700548 2020-05-15 09:34:38.547 debug1: userauth-request for user myuser@mydomain service ssh-connection method publickey [preauth]
700548 2020-05-15 09:34:38.547 debug1: attempt 2 failures 0 [preauth]
700548 2020-05-15 09:34:38.547 debug2: input_userauth_request: try method publickey [preauth]
700548 2020-05-15 09:34:38.547 debug2: userauth_pubkey: valid user myuser@mydomain attempting public key rsa-sha2-512 AAAAB3NzaC1yc2EAAAABIwAAAQEA6mKmtyW4QRkbAAUVv1IxKiFXFu1k7S6xmDt+krWMfu/jOF1PI/o8vjXOJtKwusmbfLRmt6IzoKaby4s32RMbDv0w6w/HR8vVEQys6t/jq1yPz4x19J3glsRi1dn320uKzIWrWiNQEm83RbqwatfgUI5yA7V6JV18nXbINhn09K0y8S2zwJ6YS8y0zlWvniJVwwPOPSQPYLBJUYSvQKouKBlbNZ1u38UxhdChF8uaTSMjt8RvzS0Jwfs1gXNrCucQZgWGxRS4lo4XiNHUM9Rri22G1HLo2Q7t9jxNIR4yoec989oQMxwZ7Ow2Bh9Wky7ZvAlVb39in4D6/6+KVMmcXQ== [preauth]
700548 2020-05-15 09:34:38.547 debug3: userauth_pubkey: have rsa-sha2-512 signature for RSA SHA256:bhv8Df0Kb6N7OqXP/0fiORUcXPEiCIpV7Hf3RwdccjE [preauth]
700548 2020-05-15 09:34:38.547 debug3: mm_key_allowed entering [preauth]
700548 2020-05-15 09:34:38.547 debug3: mm_request_send entering: type 22 [preauth]
700548 2020-05-15 09:34:38.547 debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
700548 2020-05-15 09:34:38.547 debug3: mm_request_receive_expect entering: type 23 [preauth]
700548 2020-05-15 09:34:38.547 debug3: mm_request_receive entering [preauth]
700548 2020-05-15 09:34:38.547 debug3: mm_request_receive entering
700548 2020-05-15 09:34:38.547 debug3: monitor_read: checking request 22
700548 2020-05-15 09:34:38.547 debug3: mm_answer_keyallowed entering
700548 2020-05-15 09:34:38.547 debug3: mm_answer_keyallowed: key_from_blob: 000000131943A880
700548 2020-05-15 09:34:38.547 debug1: trying public key file C:\Users\myuser\.ssh/authorized_keys
700548 2020-05-15 09:34:38.548 debug1: C:\Users\myuser\.ssh/authorized_keys:1: matching key found: RSA SHA256:bhv8Df0Kb6N7OqXP/0fiORUcXPEiCIpV7Hf3RwdccjE
700548 2020-05-15 09:34:38.548 debug1: C:\Users\myuser\.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
700548 2020-05-15 09:34:38.548 Accepted key RSA SHA256:bhv8Df0Kb6N7OqXP/0fiORUcXPEiCIpV7Hf3RwdccjE found at C:\Users\myuser\.ssh/authorized_keys:1
700548 2020-05-15 09:34:38.548 debug3: mm_answer_keyallowed: publickey authentication: RSA key is allowed
700548 2020-05-15 09:34:38.548 debug3: mm_request_send entering: type 23
700548 2020-05-15 09:34:38.548 debug3: mm_sshkey_verify entering [preauth]
700548 2020-05-15 09:34:38.548 debug3: mm_request_send entering: type 24 [preauth]
700548 2020-05-15 09:34:38.548 debug3: mm_sshkey_verify: waiting for MONITOR_ANS_KEYVERIFY [preauth]
700548 2020-05-15 09:34:38.548 debug3: mm_request_receive_expect entering: type 25 [preauth]
700548 2020-05-15 09:34:38.548 debug3: mm_request_receive entering [preauth]
700548 2020-05-15 09:34:38.548 debug3: mm_request_receive entering
700548 2020-05-15 09:34:38.548 debug3: monitor_read: checking request 24
700548 2020-05-15 09:34:38.548 debug3: mm_answer_keyverify: publickey 000000131943B180 signature verified
700548 2020-05-15 09:34:38.548 debug1: auth_activate_options: setting new authentication options
700548 2020-05-15 09:34:38.548 debug3: mm_request_send entering: type 25
700548 2020-05-15 09:34:38.548 Accepted publickey for myuser@mydomain from 172.20.3.15 port 58766 ssh2: RSA SHA256:bhv8Df0Kb6N7OqXP/0fiORUcXPEiCIpV7Hf3RwdccjE
700548 2020-05-15 09:34:38.548 debug1: monitor_child_preauth: myuser@mydomain has been authenticated by privileged process
700548 2020-05-15 09:34:38.548 debug3: mm_get_keystate: Waiting for new keys
700548 2020-05-15 09:34:38.548 debug3: mm_request_receive_expect entering: type 26
700548 2020-05-15 09:34:38.548 debug3: mm_request_receive entering
700548 2020-05-15 09:34:38.554 debug3: mm_get_keystate: GOT new keys
700548 2020-05-15 09:34:38.554 debug1: auth_activate_options: setting new authentication options [preauth]
700548 2020-05-15 09:34:38.554 debug2: userauth_pubkey: authenticated 1 pkalg rsa-sha2-512 [preauth]
700548 2020-05-15 09:34:38.554 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
700548 2020-05-15 09:34:38.554 debug3: ensure_minimum_time_since: elapsed 1.008ms, delaying 5.835ms (requested 6.843ms) [preauth]
700548 2020-05-15 09:34:38.554 debug3: send packet: type 52 [preauth]
700548 2020-05-15 09:34:38.554 debug3: mm_request_send entering: type 26 [preauth]
700548 2020-05-15 09:34:38.554 debug3: mm_send_keystate: Finished sending state [preauth]
700548 2020-05-15 09:34:38.554 debug1: monitor_read_log: child log fd closed
700548 2020-05-15 09:34:38.585 debug3: lookup_principal_name: Successfully discovered explicit principal name: 'mydomain\myuser'=>'myuser@domain.server'
700548 2020-05-15 09:34:38.591 debug3: LsaLogonUser Succeeded (Impersonation: 1)
700548 2020-05-15 09:34:38.594 debug3: spawning "C:\Program Files\OpenSSH\sshd.exe" -z
700548 2020-05-15 09:34:38.595 User child is on pid 661724
700548 2020-05-15 09:34:38.595 debug3: send_rexec_state: entering fd = 5 config len 321
700548 2020-05-15 09:34:38.595 debug3: ssh_msg_send: type 0
700548 2020-05-15 09:34:38.595 debug3: send_rexec_state: done
700548 2020-05-15 09:34:38.595 debug3: ssh_msg_send: type 0
700548 2020-05-15 09:34:38.595 debug3: ssh_msg_send: type 0
700548 2020-05-15 09:34:38.595 debug3: ssh_msg_send: type 0
700548 2020-05-15 09:34:38.595 debug3: ssh_msg_send: type 0
700548 2020-05-15 09:34:38.595 debug3: ssh_msg_send: type 0
661724 2020-05-15 09:34:38.608 debug3: recv_idexch_state: entering fd = 3
661724 2020-05-15 09:34:38.608 debug3: ssh_msg_recv entering
661724 2020-05-15 09:34:38.608 debug3: recv_idexch_state: done
661724 2020-05-15 09:34:38.608 debug2: fd 4 setting O_NONBLOCK
661724 2020-05-15 09:34:38.608 debug3: recv_autxctx_state: entering fd = 3
661724 2020-05-15 09:34:38.608 debug3: ssh_msg_recv entering
661724 2020-05-15 09:34:38.608 debug3: recv_autxctx_state: done
661724 2020-05-15 09:34:38.608 debug2: parse_server_config: config reprocess config len 321
661724 2020-05-15 09:34:38.608 reprocess config line 27: Deprecated option RSAAuthentication
661724 2020-05-15 09:34:38.608 reprocess config line 35: Deprecated option RhostsRSAAuthentication
661724 2020-05-15 09:34:38.609 debug3: monitor_recv_keystate: entering
661724 2020-05-15 09:34:38.609 debug3: ssh_msg_recv entering
661724 2020-05-15 09:34:38.609 debug3: monitor_recv_keystate: done
661724 2020-05-15 09:34:38.609 debug3: monitor_apply_keystate: packet_set_state
661724 2020-05-15 09:34:38.609 debug2: set_newkeys: mode 0
661724 2020-05-15 09:34:38.609 debug1: rekey in after 134217728 blocks
661724 2020-05-15 09:34:38.609 debug2: set_newkeys: mode 1
661724 2020-05-15 09:34:38.609 debug1: rekey out after 134217728 blocks
661724 2020-05-15 09:34:38.609 debug1: ssh_packet_set_postauth: called
661724 2020-05-15 09:34:38.609 debug3: ssh_packet_set_state: done
661724 2020-05-15 09:34:38.609 debug3: monitor_recv_authopt: entering
661724 2020-05-15 09:34:38.609 debug3: ssh_msg_recv entering
661724 2020-05-15 09:34:38.609 debug3: monitor_recv_authopt: done
661724 2020-05-15 09:34:38.609 debug3: notify_hostkeys: key 0: ssh-rsa SHA256:LXvfLyXyNdeQIh27gM3o+XgMQ4axaWwkCT/h4UhpTOs
661724 2020-05-15 09:34:38.609 debug3: notify_hostkeys: key 1: ecdsa-sha2-nistp256 SHA256:HSyn62pdhsnX8NRWYQgZQM6B5r1itb/EG7GETCKdmys
661724 2020-05-15 09:34:38.609 debug3: notify_hostkeys: key 2: ssh-ed25519 SHA256:RoQlK5mBQnpP2NSHwGYEnWkSqULTMGmjB3d8YoGXZ00
661724 2020-05-15 09:34:38.609 debug3: notify_hostkeys: sent 3 hostkeys
661724 2020-05-15 09:34:38.609 debug3: send packet: type 80
661724 2020-05-15 09:34:38.609 debug1: active: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
661724 2020-05-15 09:34:38.609 debug1: Entering interactive session for SSH2.
661724 2020-05-15 09:34:38.609 debug2: fd 7 setting O_NONBLOCK
661724 2020-05-15 09:34:38.609 debug2: fd 8 setting O_NONBLOCK
661724 2020-05-15 09:34:38.609 debug1: server_init_dispatch
661724 2020-05-15 09:34:38.609 debug3: receive packet: type 90
661724 2020-05-15 09:34:38.609 debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
661724 2020-05-15 09:34:38.609 debug1: input_session_request
661724 2020-05-15 09:34:38.609 debug1: channel 0: new [server-session]
661724 2020-05-15 09:34:38.609 debug2: session_new: allocate (allocated 0 max 10)
661724 2020-05-15 09:34:38.609 debug3: session_unused: session id 0 unused
661724 2020-05-15 09:34:38.609 debug1: session_new: session 0
661724 2020-05-15 09:34:38.609 debug1: session_open: channel 0
661724 2020-05-15 09:34:38.609 debug1: session_open: session 0: link with channel 0
661724 2020-05-15 09:34:38.609 debug1: server_input_channel_open: confirm session
661724 2020-05-15 09:34:38.609 debug3: send packet: type 91
661724 2020-05-15 09:34:38.609 debug3: receive packet: type 80
661724 2020-05-15 09:34:38.609 debug1: server_input_global_request: rtype no-more-sessions@openssh.com want_reply 0
661724 2020-05-15 09:34:38.679 debug3: receive packet: type 98
661724 2020-05-15 09:34:38.680 debug1: server_input_channel_req: channel 0 request pty-req reply 1
661724 2020-05-15 09:34:38.680 debug1: session_by_channel: session 0 channel 0
661724 2020-05-15 09:34:38.680 debug1: session_input_channel_req: session 0 req pty-req
661724 2020-05-15 09:34:38.680 debug1: Allocating pty.
661724 2020-05-15 09:34:38.680 debug3: fd 9 is not O_NONBLOCK
661724 2020-05-15 09:34:38.680 debug3: fd 10 is not O_NONBLOCK
661724 2020-05-15 09:34:38.680 debug1: session_pty_req: session 0 alloc windows-pty
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 1 (0x1)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 2 (0x2)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 3 (0x3)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 4 (0x4)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 5 (0x5)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 6 (0x6)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 7 (0x7)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 8 (0x8)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 9 (0x9)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 10 (0xa)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 12 (0xc)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 13 (0xd)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 14 (0xe)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 18 (0x12)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 30 (0x1e)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 31 (0x1f)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 32 (0x20)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 33 (0x21)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 34 (0x22)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 35 (0x23)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 36 (0x24)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 37 (0x25)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 38 (0x26)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 39 (0x27)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 40 (0x28)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 41 (0x29)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 42 (0x2a)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 50 (0x32)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 51 (0x33)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 52 (0x34)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 53 (0x35)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 54 (0x36)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 55 (0x37)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 56 (0x38)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 57 (0x39)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 58 (0x3a)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 59 (0x3b)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 60 (0x3c)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 61 (0x3d)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 62 (0x3e)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 70 (0x46)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 71 (0x47)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 72 (0x48)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 73 (0x49)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 74 (0x4a)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 75 (0x4b)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 90 (0x5a)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 91 (0x5b)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 92 (0x5c)
661724 2020-05-15 09:34:38.680 debug1: Ignoring unsupported tty mode opcode 93 (0x5d)
661724 2020-05-15 09:34:38.680 debug3: send packet: type 99
661724 2020-05-15 09:34:38.680 debug3: receive packet: type 98
661724 2020-05-15 09:34:38.680 debug1: server_input_channel_req: channel 0 request env reply 0
661724 2020-05-15 09:34:38.680 debug1: session_by_channel: session 0 channel 0
661724 2020-05-15 09:34:38.680 debug1: session_input_channel_req: session 0 req env
661724 2020-05-15 09:34:38.680 debug2: Ignoring env request LANG: disallowed name
661724 2020-05-15 09:34:38.680 debug3: receive packet: type 98
661724 2020-05-15 09:34:38.680 debug1: server_input_channel_req: channel 0 request shell reply 1
661724 2020-05-15 09:34:38.680 debug1: session_by_channel: session 0 channel 0
661724 2020-05-15 09:34:38.680 debug1: session_input_channel_req: session 0 req shell
661724 2020-05-15 09:34:38.680 Starting session: shell on windows-pty for mydomain\myuser from 172.20.3.15 port 58766 id 0
661724 2020-05-15 09:34:38.680 debug2: fd 11 setting O_NONBLOCK
661724 2020-05-15 09:34:38.680 debug2: fd 12 setting O_NONBLOCK
661724 2020-05-15 09:34:38.680 debug2: fd 13 setting O_NONBLOCK
661724 2020-05-15 09:34:38.680 debug2: fd 14 setting O_NONBLOCK
661724 2020-05-15 09:34:38.680 debug2: fd 15 setting O_NONBLOCK
661724 2020-05-15 09:34:38.680 debug2: fd 16 setting O_NONBLOCK
661724 2020-05-15 09:34:38.681 debug3: shell: "c:\windows\system32\cmd.exe"
661724 2020-05-15 09:34:38.681 debug3: shell_option: /c
661724 2020-05-15 09:34:38.681 debug3: couldn't find CreatePseudoConsole() in kernel32.dll dll
661724 2020-05-15 09:34:38.681 debug3: This windows OS doesn't support conpty
661724 2020-05-15 09:34:38.681 debug3: pty commandline: "C:\Program Files\OpenSSH\ssh-shellhost.exe" ---pty "c:\windows\system32\cmd.exe"
661724 2020-05-15 09:34:38.683 debug2: fd 4 setting TCP_NODELAY
661724 2020-05-15 09:34:38.683 debug2: channel 0: rfd 13 isatty
661724 2020-05-15 09:34:38.683 debug3: fd 13 is O_NONBLOCK
661724 2020-05-15 09:34:38.683 debug3: fd 12 is O_NONBLOCK
661724 2020-05-15 09:34:38.683 debug3: send packet: type 99

[hecerinc]

Hey @bagajjal I'm hitting a similar issue, but my output looks like:

17392 2020-08-25 19:27:39.293 Accepted publickey for xxxxx\\myuser from 192.168.1.14 port 56336 ssh2: RSA SHA256:XbPjX3xm+Z6TiFrLEOmrPADlw8oxkS0xL9BOug3xQTM
17392 2020-08-25 19:27:39.294 debug1: monitor_child_preauth: xxxxx\\myuser has been authenticated by privileged process
17392 2020-08-25 19:27:39.294 debug3: mm_get_keystate: Waiting for new keys
17392 2020-08-25 19:27:39.294 debug3: mm_request_receive_expect entering: type 26
17392 2020-08-25 19:27:39.294 debug3: mm_request_receive entering
17392 2020-08-25 19:27:39.294 debug3: mm_get_keystate: GOT new keys
17392 2020-08-25 19:27:39.294 debug1: auth_activate_options: setting new authentication options [preauth]
17392 2020-08-25 19:27:39.294 debug2: userauth_pubkey: authenticated 1 pkalg rsa-sha2-512 [preauth]
17392 2020-08-25 19:27:39.294 debug3: send packet: type 52 [preauth]
17392 2020-08-25 19:27:39.294 debug3: mm_request_send entering: type 26 [preauth]
17392 2020-08-25 19:27:39.294 debug3: mm_send_keystate: Finished sending state [preauth]
17392 2020-08-25 19:27:39.298 debug1: monitor_read_log: child log fd closed
17392 2020-08-25 19:27:39.649 error: lookup_principal_name: User principal name lookup failed for user 'xxxxx\\myuser' (explicit: 5, implicit: 5)
17392 2020-08-25 19:27:39.651 debug1: generate_s4u_user_token: LsaLogonUser() failed. User 'xxxxx\\myuser' Status: 0xC0000062 SubStatus 0.
17392 2020-08-25 19:27:39.651 debug3: get_user_token - unable to generate token for user xxxxx\\myuser
17392 2020-08-25 19:27:39.987 error: lookup_principal_name: User principal name lookup failed for user 'xxxxx\\myuser' (explicit: 5, implicit: 5)
17392 2020-08-25 19:27:39.990 debug1: generate_s4u_user_token: LsaLogonUser() failed. User 'xxxxxx\\myuser' Status: 0xC0000062 SubStatus 0.
17392 2020-08-25 19:27:39.991 error: get_user_token - unable to generate token on 2nd attempt for user xxxxxx\\myuser
17392 2020-08-25 19:27:39.991 error: unable to get security token for user xxxxxx\\myuser
17392 2020-08-25 19:27:39.991 fatal: fork of unprivileged child failed
17392 2020-08-25 19:27:39.991 debug1: do_cleanup

Are there any updates?

[bagajjal]

@hecerinc - Are you logging in with your AAD (Azure Active Directory) credentials to a non-domain joined machine? If yes, this is not supported yet.

17392 2020-08-25 19:27:39.649 error: lookup_principal_name: User principal name lookup failed for user 'xxxxx\myuser' (explicit: 5, implicit: 5)

error code 0xC0000062 - The name provided is not a properly formed account name

[hecerinc]

It's the other way around, from a non-domain-joined, to a domain-joined machine (with my AAD credentials). The thing is, when I run the server from cmd, I can access it no problem, any pointers?

[bagajjal]

@hecerinc,

There is some issue with your domain joined machine where sshd service is running.
Your username ('xxxxx\myuser') is reported as not properly formed account name. Do you know why?

Can you try the ssh using key based authentication on the same domain joined machine and then compare the logs.

[hecerinc]

Sorry, I should've said I'm using key authentication, not passwords (although the key I'm using does have a password, not sure if that would impact anything)

[bagajjal]

@hecerinc ,

I got that.. I want you to try ssh key authentication on your domain joined machine where sshd service is running i.e., both ssh client, ssh server on the same machine..
In this scenario also, I expect to see the same error message (0xC0000062 - The name provided is not a properly formed account name)