This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sshd: server refused our key


Harig, Mark A. wrote:

You might try reading a recent thread of messages
in the mailing list archive with the subject line:
"Is RSA authentication on SSH still broken?"
It started back on 5 November 2002.

Thanks to mention this thread, but this can't fix the problem of windows shared home directories:

i.e.:

You have your home directory on a SGI UNIX host called anyhost.
You set permissions of your home directory to 700, you set permissions of your .ssh directory to 700
you hide all files of .ssh (600).

Your entry in passwd might be:

the_king::1:1:Elvis Presley,U-STILLHERE\elvis,S-1-5-21-1234-5678-9012-1000:://anyhost/the_king:/bin/bash

Now you are a windows shared user and permissions of all your shared files and folders give read permission to anyone:

permissions of your .ssh on UNIX host anyhost:
-rw------- 1 mk group 545 Nov 20 08:48 authorized_keys
-rw------- 1 mk group 546 Nov 20 08:48 authorized_keys2
-rw------- 1 mk group 887 Nov 19 13:44 id_rsa
-rw------- 1 mk group 218 Nov 19 13:44 id_rsa.pub
-rw------- 1 mk group 523 Nov 19 13:44 identity
-rw------- 1 mk group 327 Nov 19 13:44 identity.pub
-rw------- 1 mk group 1442 Nov 20 11:50 known_hosts
-rw------- 1 mk group 512 Nov 20 11:50 random_seed

permissions of your .ssh inside ssh session on Windows host:
-rw-r--r-- 1 mk Domain U 545 Nov 20 08:48 authorized_keys
-rw-r--r-- 1 mk Domain U 546 Nov 20 08:48 authorized_keys2
-rw-r--r-- 1 mk Domain U 887 Nov 19 13:44 id_rsa
-rw-r--r-- 1 mk Domain U 218 Nov 19 13:44 id_rsa.pub
-rw-r--r-- 1 mk Domain U 523 Nov 19 13:44 identity
-rw-r--r-- 1 mk Domain U 327 Nov 19 13:44 identity.pub
-rw-r--r-- 1 mk Domain U 1442 Nov 20 11:50 known_hosts
-rw-r--r-- 1 mk Domain U 512 Nov 20 11:52 random_seed


Thus ssh demon must reject your identity file because it is readable by anyone!

I would like to setup CYGWIN to hide all user files all others but to have access to all local files and folders of Windows host according to security settings of the files.

Doe's anyone knows?



-----Original Message-----
From: Manfred Köhler [mailto:manfredwkoehler@web.de]
Sent: Wednesday, November 20, 2002 11:34 AM
To: Harig, Mark A.
Cc: cygwin@cygwin.com
Subject: Re: sshd: server refused our key


Mark,

I think we can't solve the problem, because my home is a windows share.
Every windows share is mounted with permission 755! Therefore sshd rejects the files ins ~/.ssh which should be private.
So I'm prompted for password.

Please refer http://sources.redhat.com/ml/cygwin/2001-10/msg01011.html

Manfred

Harig, Mark A. wrote:


Please keep all replies on the cygwin mailing
list. This helps you because more people are
able to diagnose your problem. It helps
others because they are able to search the
mailing list archives for useful information.

1. In your reply below, you list the following
for your home directory:




drwxr-xr-x 138 mk group 24576 Nov 20 11:48 .


Try:
chmod 750 ~
chgrp SYSTEM ~

2. And for your ~/.ssh directory:




drwxr-xr-x 2 mk group 4096 Nov 19 13:44 .ssh


Try:
chmod 700 ~/.ssh

Please change both ~ and ~/.ssh. It is not enough to only
change one.

If these changes do not fix your problem, then please
include the output of the 'mount' command in your
reply.




-----Original Message-----
From: Manfred Köhler [mailto:manfredwkoehler@web.de]
Sent: Wednesday, November 20, 2002 5:58 AM
To: Harig, Mark A.
Subject: Re: RE: sshd: server refused our key


"Harig, Mark A." <maharig@idirect.net> schrieb am 19.11.02 17:11:23:


As requested at http://cygwin.com/bugs.html:

o Please describe how to reproduce the problem,
including a test case, if possible.

In your case, please list the commands that you ran
to set up sshd on your Cygwin machine.


ssh-host-config -y
...set cygwin to defaults
chmod 755 /var/empty
mkgroup -l -d domain>/etc/group
mkpasswd -l -d domain>/etc/passwd


o Please include at least the version number of the
Cygwin release you are using along with the operating system name and its version number,
for example, "cygwin v1.3.13 under NT 4.0".


Please refer attached file.


o Most of the information about your Cygwin environment
is listed by running 'cygcheck -s -v -r > cygcheck.txt'.
Please include cygcheck.txt *AS AN ATTACHMENT* to your
report. It is important that you include it as an
attachment so that searches of the mailing-list archives
give fewer false matches.


Please refer attached file


Some things to check (that is, email back to this mailing list):

The permissions and ownership of:
- your home directory


drwxr-xr-x 138 mk group 24576 Nov 20 11:48 .


- your home/.ssh directory


drwxr-xr-x 2 mk group 4096 Nov 19 13:44 .ssh


- your home/.ssh files


seen on UNIX:
-rw-r--r-- 1 mk group 545 Nov 20 08:48 authorized_keys
-rw-r--r-- 1 mk group 546 Nov 20 08:48 authorized_keys2
-rw------- 1 mk group 887 Nov 19 13:44 id_rsa
-rw-r--r-- 1 mk group 218 Nov 19 13:44 id_rsa.pub
-rw------- 1 mk group 523 Nov 19 13:44 identity
-rw-r--r-- 1 mk group 327 Nov 19 13:44 identity.pub
-rw-r--r-- 1 mk group 1442 Nov 20 11:50 known_hosts
-rw------- 1 mk group 512 Nov 20 11:50 random_seed
seen inside ssh session:
-rw-r--r-- 1 mk Domain U 545 Nov 20 08:48 authorized_keys
-rw-r--r-- 1 mk Domain U 546 Nov 20 08:48 authorized_keys2
-rw-r--r-- 1 mk Domain U 887 Nov 19 13:44 id_rsa
-rw-r--r-- 1 mk Domain U 218 Nov 19 13:44 id_rsa.pub
-rw-r--r-- 1 mk Domain U 523 Nov 19 13:44 identity
-rw-r--r-- 1 mk Domain U 327 Nov 19 13:44 identity.pub
-rw-r--r-- 1 mk Domain U 1442 Nov 20 11:50 known_hosts
-rw-r--r-- 1 mk Domain U 512 Nov 20 11:52 random_seed

I do not know why private files become readable for everyone. There is also a samba server
running to mount files on Windows.

Hopefully these informations will help you to solve the problem.



-------------------------------------------------------------

-----------

Cygwin Win95/NT Configuration Diagnostics
Current System Time: Tue Nov 05 17:34:00 2002

Windows 2000 Professional Ver 5.0 Build 2195 Service Pack 3

Path: C:\cygwin\usr\local\bin
C:\cygwin\bin
C:\cygwin\bin
c:\WINNT\system32
c:\WINNT
c:\WINNT\System32\Wbem
c:\WINNT\system32\nls
c:\WINNT\system32\nls\English
c:\Programme\Gemeinsame Dateien\Adaptec Shared\System
c:\Programme\Rational\ClearCase\bin
c:\Programme\TclTk\bin
Z
.
Y
.
X
.
C:\cygwin\usr\X11R6\bin

SysDir: C:\WINNT\System32
WinDir: C:\WINNT

HOME = `C:\cygwin\home\weberr'
MAKE_MODE = `unix'
PWD = `/home/weberr'
USER = `weberr'

ALLUSERSPROFILE = `C:\Dokumente und Einstellungen\All Users'
APPDATA = `C:\Dokumente und Einstellungen\weberr\Anwendungsdaten'
CLEARCASE_PRIMARY_GROUP = `pars'
COMMONPROGRAMFILES = `C:\Programme\Gemeinsame Dateien'
COMPUTERNAME = `XTERM1192'
COMSPEC = `C:\WINNT\system32\cmd.exe'
HOMEDRIVE = `C:'
HOMEPATH = `\'
LOGONSERVER = `\\XTERM1192'
MANPATH = `:/usr/ssl/man'
NUMBER_OF_PROCESSORS = `1'
NWLANGUAGE = `DEUTSCH'
NWUSERNAME = `weberr'
OLDPWD = `/usr/bin'
OS2LIBPATH = `C:\WINNT\system32\os2\dll;'
OS = `Windows_NT'
PATHEXT = `%PATHEXT%;.tcl'
PROCESSOR_ARCHITECTURE = `x86'
PROCESSOR_IDENTIFIER = `x86 Family 15 Model 2 Stepping 4,
GenuineIntel'

PROCESSOR_LEVEL = `15'
PROCESSOR_REVISION = `0204'
PROGRAMFILES = `C:\Programme'
PROMPT = `$P$G'
PS1 = `\[\033]0;\w\007
\033[32m\]\u@\h \[\033[33m\w\033[0m\]
$ '
SHLVL = `1'
SYSTEMDRIVE = `C:'
SYSTEMROOT = `C:\WINNT'
TEMP = `c:\DOKUME~1\weberr\LOKALE~1\Temp'
TERM = `cygwin'
TMP = `c:\DOKUME~1\weberr\LOKALE~1\Temp'
USERDOMAIN = `XTERM1192'
USERNAME = `weberr'
USERPROFILE = `C:\Dokumente und Einstellungen\weberr'
WINDIR = `C:\WINNT'
WINDOWS_LOGIN = `0'
_ = `/usr/bin/cygcheck'

HKEY_CURRENT_USER\Software\Cygnus Solutions
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\mounts v2
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\Program Options
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2
(default) = `/cygdrive'
cygdrive flags = 0x00000022
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/
(default) = `C:\cygwin'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts
v2\/usr/bin

(default) = `C:\cygwin/bin'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts
v2\/usr/lib

(default) = `C:\cygwin/lib'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts
v2\/usr/X11R6/lib/X11/fonts

(default) = `C:\cygwin\usr\X11R6\lib\X11\fonts'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\Program Options

a: fd N/A N/A c: hd NTFS 76316Mb 4% CP CS UN PA FC XTERM1192
d: cd N/A N/A e: cd N/A N/A f: hd NTFS 76316Mb 1% CP CS UN PA FC Datenträger
g: net MVFS 1000Mb 50% CP CS CCase
i: net NWFS 43373Mb 97% CP VOL2
k: net NWFS 800Mb 74% CP SYS
l: net NWFS 15477Mb 99% CP VOL1
m: net MVFS 1000Mb 50% CP CS CCase
p: net NWFS 33809Mb 97% CP VOL1
r: net NWFS 208352Mb 95% CP VOL1
u: net NWFS 43373Mb 97% CP VOL2
x: net NWFS 43373Mb 97% CP VOL2
y: net NWFS 800Mb 74% CP SYS
z: net NWFS 15477Mb 99% CP VOL1

C:\cygwin /
system binmode

C:\cygwin/bin /usr/bin
system binmode

C:\cygwin/lib /usr/lib
system binmode

C:\cygwin\usr\X11R6\lib\X11\fonts /usr/X11R6/lib/X11/fonts
system binmode

. /cygdrive
user binmode,cygdrive

Found: C:\cygwin\bin\bash.exe
Found: C:\cygwin\bin\cat.exe
Found: \bin\cat.exe
Warning: C:\cygwin\bin\cat.exe hides \bin\cat.exe
Not Found: cpp (good!)
Found: C:\cygwin\bin\find.exe
Not Found: gcc
Not Found: gdb
Not Found: ld
Found: C:\cygwin\bin\ls.exe
Not Found: make
Found: C:\cygwin\bin\sh.exe

58k 2002/05/07 C:\cygwin\bin\cygbz2-1.dll - os=4.0 img=1.0 sys=4.0
"cygbz2-1.dll" v0.0 ts=2002/5/7 8:33
625k 2002/08/09 C:\cygwin\bin\cygcrypto.dll - os=4.0
img=1.0 sys=4.0

"cygcrypto.dll" v0.0 ts=2002/8/9 22:20
45k 2001/04/25 C:\cygwin\bin\cygform5.dll - os=4.0 img=1.0 sys=4.0
"cygform5.dll" v0.0 ts=2001/4/25 7:28
35k 2002/01/09 C:\cygwin\bin\cygform6.dll - os=4.0 img=1.0 sys=4.0
"cygform6.dll" v0.0 ts=2002/1/9 7:03
19k 2002/02/20 C:\cygwin\bin\cyggdbm.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm.dll" v0.0 ts=2002/2/20 4:05
17k 2001/06/28 C:\cygwin\bin\cyghistory4.dll - os=4.0
img=1.0 sys=4.0

"cyghistory4.dll" v0.0 ts=2001/1/7 5:34
20k 2002/10/10 C:\cygwin\bin\cyghistory5.dll - os=4.0
img=1.0 sys=4.0

"cyghistory5.dll" v0.0 ts=2002/10/10 19:28
929k 2002/06/24 C:\cygwin\bin\cygiconv-2.dll - os=4.0
img=1.0 sys=4.0

"cygiconv-2.dll" v0.0 ts=2002/6/24 20:24
22k 2001/12/13 C:\cygwin\bin\cygintl-1.dll - os=4.0
img=1.0 sys=4.0

"cygintl-1.dll" v0.0 ts=2001/12/13 10:28
28k 2002/09/20 C:\cygwin\bin\cygintl-2.dll - os=4.0
img=1.0 sys=4.0

"cygintl-2.dll" v0.0 ts=2002/9/20 5:13
21k 2001/06/20 C:\cygwin\bin\cygintl.dll - os=4.0 img=1.0 sys=4.0
"cygintl.dll" v0.0 ts=2001/6/20 19:09
81k 2000/12/05 C:\cygwin\bin\cygitcl30.dll - os=4.0
img=1.0 sys=4.0

"cygitcl30.dll" v0.0 ts=2000/11/26 2:43
35k 2000/12/05 C:\cygwin\bin\cygitk30.dll - os=4.0 img=1.0 sys=4.0
"cygitk30.dll" v0.0 ts=2000/11/26 2:43
119k 2002/02/09 C:\cygwin\bin\cygjpeg6b.dll - os=4.0
img=1.0 sys=4.0

"cygjpeg6b.dll" v0.0 ts=2002/2/9 6:19
26k 2001/04/25 C:\cygwin\bin\cygmenu5.dll - os=4.0 img=1.0 sys=4.0
"cygmenu5.dll" v0.0 ts=2001/4/25 7:27
20k 2002/01/09 C:\cygwin\bin\cygmenu6.dll - os=4.0 img=1.0 sys=4.0
"cygmenu6.dll" v0.0 ts=2002/1/9 7:03
156k 2001/04/25 C:\cygwin\bin\cygncurses++5.dll - os=4.0
img=1.0 sys=4.0

"cygncurses++5.dll" v0.0 ts=2001/4/25 7:29
175k 2002/01/09 C:\cygwin\bin\cygncurses++6.dll - os=4.0
img=1.0 sys=4.0

"cygncurses++6.dll" v0.0 ts=2002/1/9 7:03
226k 2001/04/25 C:\cygwin\bin\cygncurses5.dll - os=4.0
img=1.0 sys=4.0

"cygncurses5.dll" v0.0 ts=2001/4/25 7:17
202k 2002/01/09 C:\cygwin\bin\cygncurses6.dll - os=4.0
img=1.0 sys=4.0

"cygncurses6.dll" v0.0 ts=2002/1/9 7:03
15k 2001/04/25 C:\cygwin\bin\cygpanel5.dll - os=4.0
img=1.0 sys=4.0

"cygpanel5.dll" v0.0 ts=2001/4/25 7:27
12k 2002/01/09 C:\cygwin\bin\cygpanel6.dll - os=4.0
img=1.0 sys=4.0

"cygpanel6.dll" v0.0 ts=2002/1/9 7:03
40k 2001/11/21 C:\cygwin\bin\cygpcre.dll - os=4.0 img=1.0 sys=4.0
"cygpcre.dll" v0.0 ts=2001/11/21 23:15
39k 2001/11/21 C:\cygwin\bin\cygpcreposix.dll - os=4.0
img=1.0 sys=4.0

"cygpcreposix.dll" v0.0 ts=2001/11/21 23:15
175k 2002/07/22 C:\cygwin\bin\cygpng10.dll - os=4.0 img=1.0 sys=4.0
"cygpng10.dll" v0.0 ts=2002/7/22 17:51
22k 2002/06/09 C:\cygwin\bin\cygpopt-0.dll - os=4.0
img=1.0 sys=4.0

"cygpopt-0.dll" v0.0 ts=2002/6/9 7:45
108k 2001/06/28 C:\cygwin\bin\cygreadline4.dll - os=4.0
img=1.0 sys=4.0

"cygreadline4.dll" v0.0 ts=2001/1/7 5:34
127k 2002/10/10 C:\cygwin\bin\cygreadline5.dll - os=4.0
img=1.0 sys=4.0

"cygreadline5.dll" v0.0 ts=2002/10/10 19:28
159k 2002/08/09 C:\cygwin\bin\cygssl.dll - os=4.0 img=1.0 sys=4.0
"cygssl.dll" v0.0 ts=2002/8/9 22:20
390k 2000/12/05 C:\cygwin\bin\cygtcl80.dll - os=4.0 img=1.0 sys=4.0
"cygtcl80.dll" v0.0 ts=2000/11/26 2:39
5k 2000/12/05 C:\cygwin\bin\cygtclpip80.dll - os=4.0
img=1.0 sys=4.0

10k 2000/12/05 C:\cygwin\bin\cygtclreg80.dll - os=4.0
img=1.0 sys=4.0

"cygtclreg80.dll" v0.0 ts=2000/11/26 2:39
253k 2002/02/10 C:\cygwin\bin\cygtiff3.dll - os=4.0 img=1.0 sys=4.0
"cygtiff3.dll" v0.0 ts=2002/2/10 9:34
623k 2000/12/05 C:\cygwin\bin\cygtk80.dll - os=4.0 img=1.0 sys=4.0
"cygtk80.dll" v0.0 ts=2000/11/26 2:43
50k 2002/03/12 C:\cygwin\bin\cygz.dll - os=4.0 img=1.0 sys=4.0
"cygz.dll" v0.0 ts=2002/3/12 5:38
905k 2002/10/24 C:\cygwin\bin\cygwin1.dll - os=4.0 img=1.0 sys=4.0
"cygwin1.dll" v0.0 ts=2002/10/24 16:48
Cygwin DLL version info:
DLL version: 1.3.14
DLL epoch: 19
DLL bad signal mask: 19005
DLL old termios: 5
DLL malloc env: 28
API major: 0
API minor: 62
Shared data: 3
DLL identifier: cygwin1
Mount registry: 2
Cygnus registry name: Cygnus Solutions
Cygwin registry name: Cygwin
Program options name: Program Options
Cygwin mount registry name: mounts v2
Cygdrive flags: cygdrive flags
Cygdrive prefix: cygdrive prefix
Cygdrive default prefix: Build date: Thu Oct 24 10:48:11 EDT 2002
Shared id: cygwin1S3

41k 2002/05/14 C:\cygwin\usr\X11R6\bin\cygPropList-0.dll
- os=4.0 img=1.0 sys=4.0

"cygPropList-0.dll" v0.0 ts=2002/5/14 5:13

Cygwin Package Information
Last downloaded files to: C:\Dokumente und
Einstellungen\weberr\Eigene Dateien\CygWin

Last downloaded files from:
http://ftp-stud.fht-esslingen.de/pub/Mirrors/sources.redhat.com/cygwin

Package Version WindowMaker 0.80.0-2 XFree86-base 4.2.0-1 XFree86-bin 4.2.0-2 XFree86-doc 4.2.0-1 XFree86-etc 4.2.0-1 XFree86-f100 4.2.0-2 XFree86-fcyr 4.2.0-2 XFree86-fenc 4.2.0-2 XFree86-fnts 4.2.0-2 XFree86-fscl 4.2.0-2 XFree86-fsrv 4.2.0-1 XFree86-html 4.2.0-1 XFree86-jdoc 4.2.0-1 XFree86-lib 4.2.0-3 XFree86-man 4.2.0-1 XFree86-nest 4.2.0-1 XFree86-prog 4.2.0-1 XFree86-prt 4.2.0-1 XFree86-ps 4.2.0-1 XFree86-startup-scripts4.2.0-3 XFree86-vfb 4.2.0-1 XFree86-xserv 4.2.0-15 Xaw3d 1.5-1 _update-info-dir 00078-1 ash 20020731-1 base-files 1.0-1 base-passwd 1.0-1 bash 2.05b-5 bzip2 1.0.2-2 cgoban 1.9.12-1 clear 1.0-1 crypt 1.0-1 cygrunsrv 0.95-1 cygutils 1.1.2-1 cygwin 1.3.14-1 cygwin-doc 1.2-1 diff 1.0-1 diffutils 2.8.1-1 file 3.37-1 fileutils 4.1-1 findutils 4.1.7-4 fvwm 2.4.7-2 gawk 3.1.1-5 gdbm 1.8.0-4 gettext 0.11.5-1 gnugo 3.2-1 grep 2.5-1 groff 1.17.2-1 gzip 1.3.3-4 inetutils 1.3.2-19 jpeg 6b-7 less 374-1 lesstif 0.93.18-3 libPropList 0.10.1-3 libbz2_1 1.0.2-2 libiconv2 1.8-2 libintl 0.10.38-3 libintl1 0.10.40-1 libintl2 0.11.5-1 libncurses5 5.2-1 libncurses6 5.2-8 libpng10 1.0.14-2 libpopt0 1.6.4-4 libreadline4 4.1-2 libreadline5 4.3-2 login 1.4-4 man 1.5g-2 ncurses 5.2-8 newlib-man 20020801 openbox 0.99.1-3 openssh 3.4p1-5 openssl 0.9.6g-1 patch 2.5-3 pcre 3.7-1 readline 4.3-2 sed 3.02-1 sh-utils 2.0-2 tar 1.13.25-1 tcltk 20001125-1 termcap 20020930-1 terminfo 5.2-3 texinfo 4.2-4 textutils 2.0.21-1 tiff 3.5.7-1 time 1.7-1 units 1.77-1 vim 6.1-2 wget 1.8.2-1 which 1.5-1 x2x 1.27-2 zlib 1.1.4-1
Use -h to see help about each section







--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]