Handle leak, locked file after using ssh connection to user account

[WeleSS2]

Prerequisites

• Write a descriptive title.
• Make sure you are able to repro it on the latest version
• Search the existing issues.

Steps to reproduce

After connecting using ssh from machine A to machine B .DAT files are marked as "Open by System".

Steps:

• Download OpenSSH from Optional Feaures.
• Create a new account on machine B, do not login to this account.
• Connect from machine A to machine B using ssh.
• Close connection, remove account on machine B.
• In the users is leftover folder with .DAT files inside which are open by a system.

Comment:
Tested VM hyper-V and another physical machine.
Tried finding handle in resource monitor and using Handler.exe from sysinternal. Handle isn;t listed in any of.

Tried to duplicate handle using c++ and close binary/library reponsible for keeping it alive. Program couldn't find any binary or library which have this handle open. Regardless it's listed as open by System.

Expected behavior

.DAT files shouldn't lock removing this folder. Handles to them should be closed and i should be able to remove user folder. (C:\Users\userfolder)

Actual behavior

.DAT files are locked and removing them is impossible until restart.

Error details

No response

Environment data

Both server and client. 

Name                           Value                                                                                   
----                           -----                                                                                   
PSVersion                      5.1.22621.2506                                                                          
PSEdition                      Desktop                                                                                 
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}                                                                 
BuildVersion                   10.0.22621.2506                                                                         
CLRVersion                     4.0.30319.42000                                                                         
WSManStackVersion              3.0                                                                                     
PSRemotingProtocolVersion      2.3                                                                                     
SerializationVersion           1.1.0.1

Version

9.5

Visuals

No response

[maertendMSFT]

If you turn off the SSHD service on machine B does the issue persist?

[JakubS02]

Hi,
I'm on different account but i would like to answer now.

I disabled openssh server and ssdp protocol too. Nothing changed

[maertendMSFT]

If SSHD was the service that was locking the files, then when it is turned off, they should no longer be locked. Can you confirm that there are no other processes using the files?

[JakubS02]

If there is something else i can test it.

But i disabled everything what is on this ss, it's locked by system not sshd itself. And as i said it only happens when new account have been logged 1st time by sshd.