This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ssh client setup


On Thu, 19 Aug 2004, Terry Branscombe wrote:

> I'm having a bit of trouble getting the ssh client setup right and hope
> someone here can help me sort it out.
> 
> When I run ssh it complains that it cannot create the directory
> '/home/TBRANSCO/.ssh' (I created that directory manually when I was
> setting up my keys and have my private and public keys stored there).
> The ssh client then goes on to ask if the host key fingerprint is OK,
> prompts for the host password, and makes the connection.  I would just
> like the host keys to be stored permanently.
> 
> The permission on the '.ssh' folder, and its parents', are as follows:
> 
> drwxrwxrwx+   3 TBRANSCO myDomain        0 May  7 12:02 home/
> drwxrw-rw-+  12 TBRANSCO myDomain     8192 Aug 19 12:11 tbransco/
      ^^^^^^
> drwxrw-rw-+   2 TBRANSCO myDomain        0 Aug  7 12:17 .ssh/
      ^^^^^^
> My (wrapped) entry in the /etc/passwd file is as follows:
> 
> TBRANSCO:unused_by_nt/2000/xp:32078:10545:Terrence Branscombe,U-IDIR\TBRANSCO,<SID>:/home/TBRANSCO:/bin/bash
> 
> I've botched it somewhere, but can't spot where.  Any suggestions on
> what to change, add, or delete?

Sure.  "chmod og+x /home/tbransco /home/tbransco/.ssh".  Also check the 
output of "getfacl /home/tbransco /home/tbransco/.ssh" -- there may be 
some weird "Deny" ACLs there (that's what the '+' after the permissions 
indicates).

Be aware that if StrictModes is "on" in /etc/sshd_config (it usually is by 
default), sshd will refuse to use the keys in a world-readable (and most 
especially world-writeable) directory.  If you only ssh *out* to other 
machines, though, I don't think it matters.
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Happiness lies in being privileged to work hard for long hours in doing
whatever you think is worth doing."  -- Dr. Jubal Harshaw

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]