Bill C. Riemers wrote:
You might also want to check the ownership of your home directory
and .ssh directory, as that is the only thing I can think of that
would cause the touch error in your previous message. If ownership
or permissions are wrong, then sshd defaults to require a password
rather than trusting that nobody else has changed the key files.
Herein I believe my difficulties lie. That an not understanding
Windows permissions vs Unix permissions and how such things are
mapped. Here's what I do know:
$ cd ~/.ssh
$ ls -l
total 6
-rw-r--r-- 1 adefaria Domain U 227 May 22 17:10 authorized_keys
-rw-r--r-- 1 adefaria Domain U 227 May 22 15:25 authorizedkeys
-rw-r--r-- 1 adefaria Domain U 887 May 22 15:22 id_rsa
-rw-r--r-- 1 adefaria Domain U 227 May 22 15:22 id_rsa.pub
-rw-r--r-- 1 adefaria Domain U 1624 May 22 15:19 known_hosts
$ chmod 600 id_rsa*
$ ls -l
total 6
-rw-r--r-- 1 adefaria Domain U 227 May 22 17:10 authorized_keys
-rw-r--r-- 1 adefaria Domain U 227 May 22 15:25 authorizedkeys
-rw-r--r-- 1 adefaria Domain U 887 May 22 15:22 id_rsa
-rw-r--r-- 1 adefaria Domain U 227 May 22 15:22 id_rsa.pub
-rw-r--r-- 1 adefaria Domain U 1624 May 22 15:19 known_hosts
Nothing. So I go into Windows Explorer and look at the Security
setting on the Properties dialog. I attempt to remove the users in
the Security section and it tells me that I have to stop inheriting
permissions. So I go to stop inheriting permissions and tell it to
remove everything. Now nobody's listed in the Securities section.
Windows warns me that only the create of the file will be able to
access it. I look in Cygwin with ls -l and the mode bits are the
same. I try the chmod again and there is no change! So I add my user
back to having full control. My user is the only user listed now but
the mode bits are still 644.
When I try to ssh $(hostname) cmd I get:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/us/adefaria/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by
others.
This private key will be ignored.
bad permissions: ignore key: /us/adefaria/.ssh/id_rsa
Now what?!?
(It would be nice if somebody who really knew the algorithm could
explain Windows permissions and how they are mapped to Unix mode bits).