Vshadow.exe error in Cygwin, but only over ssh with pubkey auth


I'd like to create a volume shadow copy (vshadow 2.2) from within Cygwin over ssh:

$ ./vshadow.exe -p -nw C:
- Setting the VSS context to: 0x00000019
Creating shadow set {a5e0883e-9485-4243-8276-1ac7c569ab6a} ...
- Adding volume \\?\Volume{218a908d-1e3f-11df-a215-806e6f6e6963}\ [C:\] to the shadow set...
Creating the shadow (DoSnapshotSet) ...

ERROR: COM call "m_pVssObject->DoSnapshotSet(&pAsync)" failed.
- Returned HRESULT = 0x80070005
- Error text: Access is denied.

I guess that's because the local Windows user cyg_server that Cygwin runs as does not have permission of some kind.

Things I've tried:

  1. the advanced options under the security tab when I right-click C: in My Computer, but I don't see anything that seems to be relevant
  2. It says to rerun with /tracing. I don't see much that's helpful around the failure point
  3. I went to the directory in Windows where I'm creating the exposed mount point, and gave cyg_server Full Control. No change.
  4. created the VSSAccessControl key as described here. No change.
  5. made cyg_server a member of Domain Admins. No change.
  6. vshadow without the -nw switch, and got this instead:

    $ ./vshadow.exe -p C: (...)

    • Setting the VSS context to: 0x00000009 (Gathering writer metadata...) (Waiting for the asynchronous operation to finish...) Error during the last asynchronous operation.
    • Returned HRESULT = 0x80042318

How can I make a snapshot over ssh with public key auth?

Update: I found this thread from 2007 mentioning that you can't if you use public key auth. I have verified that if I rename my id_rsa file and use a password login, it works (with or without the -nw switch.) But I need to use pubkey auth in order to make a backup script. The author doesn't mention why it was that way, but I guess it hasn't been fixed in the last six years...is there a workaround?

asked on Server Fault Jul 24, 2013 by Kev • edited Jul 25, 2013 by Kev

1 Answer


Are you able to do a normal copy/connection using your public key?

You might also want to check the thread on the backupcentral site where one use posted what he'd set up using Windows 2003 as well as the scripts he used.

Using cygwin, public key and rsync to backup windows 2003

The crux of it is using the at command to run something as NT AUTHORITY\SYSTEM because logging in with a public key instead of a password for some reason gets you running as a different user under Cygwin. Quote:

# Launches passed input via 'at' to get around $USERNAME=SYSTEM
# problem under ssh login where the shell lacks permsisions to run
# commmands like vshadow or dosdev
# from a script by Jeffrey J. Kosowsky
function at_launch ()
local h m s wait1 command
if [ $3 != "" ] ; then
command="${1} ${2} >> ${3}"
command="${1} ${2}"

set -- $(date +"%H %M %S")
h=$((10#$1)) #Note explicitly use base 10 so that 08 and 09 not interpreted as bad octal
m=$((10#$2 +1)) #Advance minutes by 1
wait1=$((60 - $s))
[ $s -gt 55 ] && let "m += 1" "wait1 += 60" # Make sure >5 seconds left
[ $m -ge 60 ] && let "m %= 60" "h += 1" #Overflow minutes
let "h %= 24"
at $h:$m $(cygpath -w $(which bash.exe)) -c "$command"
# > /dev/null

echo Running '$command' at $h:$m
return $wait1
answered on Server Fault Jul 25, 2013 by Enigman • edited Jul 25, 2013 by Kev

User contributions licensed under CC BY-SA 3.0