This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sshd+ssh localhost connects, but don't reach the shell


Vilar Camara wrote:

[snip]
>> Usually sshd sends messages to the Windows Application Event log.  I'm
>> using
>> syslogd-ng so that messages go to /var/log/messages.
> 
> That's right, I had looked at it and completely forgot to mention it.
> But my Event Log doesn't add anyting to our discussion: there are only
> log entries saying:
>  `sshd' service started
>  `sshd' service stopped, exit status: 0
>  `sshd' service stopped, exit status: 255
>  sshd: PID XXXX: Server listening on 0.0.0.0 port 22
>  sshd: PID XXXX: Received signal 15; terminating

So it looks normal, as if everything is working fine.

[snip]
>> Not yet, could you show the rest of that output? or the end, to see
>> where things
>> stopped.
> 
> Well, no further output, just a line containing that and then back to
> the shell. Before that there is a lot of debugging messages (mostly
> complaining about ~/.ssh/id_rsa contents), as I've transcribed in my
> previous post.

That may be significant.  The server is waiting for the client handshake?

[snip]
> Yes, I'll try that. This will require some time because I have to
> repartition my HD, but it worths the try. By the way, should I try a
> complete cygwin installation under NTFS?

Good question, I don't know the answer.

The important clue is this:

> debug1: identity file /home/vilarnt/.ssh/identity type -1
> debug1: identity file /home/vilarnt/.ssh/id_rsa type -1
> debug1: identity file /home/vilarnt/.ssh/id_dsa type -1

on your first post.  The -1 I'm interpreting as meaning "not found" or "doesn't
exist", see below why.

Then in your second message (to me and only shown in the list as quoted in my
reply) you have:

>    debug1: identity file /home/vilarnt/.ssh/identity type 0
>    debug1: identity file /home/vilarnt/.ssh/id_rsa type 1
>    debug1: identity file /home/vilarnt/.ssh/id_dsa type 2

That is strange, an RSA key for protocol type 1 and a DSA key for protocol type
2, I'm guessing I'm not really an expert on this, I don't know what the 0 means.

Testing on my PC produces this:

> debug1: identity file /home/rberber/.ssh/identity type -1
> debug1: identity file /home/rberber/.ssh/id_rsa type -1
> debug1: identity file /home/rberber/.ssh/id_dsa type 2
> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3

I do only have a DSA key.

It could be the FAT32 file system, no file owner, no acl, I guess Cygwin can't
come up with other permissions than rwx for everybody.

Since you also have priviledge separation and sshd is very picky about
permissions, there could be a combination of factors that produce the problem.
I don't know why should it hang instead of showing an explicit error  -- perhaps
it only appears to hang, i.e. no output.

For testing you could try:

1.  Disable privilege separation.  Perhaps it doesn't work because of FAT32.

2.  What does "ls -al ~/.ssh" show for owner/group/permissions.  The same for
just your home directory, as I said sshd is very picky... I got this while
testing this morning:

> May 29 12:15:28 localhost sshd: PID 1152: Authentication refused: bad ownership
> or modes for directory /home/rberber
> May 29 12:15:45 localhost sshd: PID 1152: Accepted password for rberber from 127
> .0.0.1 port 1145 ssh2

sshd didn't like my home directory being world readable, so I did a "chmod
go-rwx ." and sshd is happy (it uses my key in authorized_keys2 now, before I
had to type my password as shown in the log).
-- 
René Berber


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]