Mail Archives: cygwin/2000/12/14/17:35:32

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2000/12/14/17:35:32

Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>

List-Archive: <http://sources.redhat.com/ml/cygwin/>

List-Post: <mailto:cygwin AT sources DOT redhat DOT com>

List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>

Sender: cygwin-owner AT sources DOT redhat DOT com

Delivered-To: mailing list cygwin AT sources DOT redhat DOT com

Date: Thu, 14 Dec 2000 16:34:56 -0600

From: Rob_Hannah AT deluxe DOT com

Subject: Re: Problem with sshd on WindMill

To: cygwin AT cygwin DOT com

Message-id: <OF419CE423.CDD53CCF-ON862569B5.0078EEC1@deluxe.com>

MIME-version: 1.0

X-MIMETrack: Serialize by Router on LN610109/Deluxe Corporation(Release 5.0.5

|September 22, 2000) at 12/14/2000 04:34:57 PM,

Itemize by SMTP Server on LNDLXHUB1/Deluxe Corporation(Release 5.0.5

|September 22, 2000) at 12/14/2000 04:34:57 PM,

Serialize by Router on LNDLXHUB1/Deluxe Corporation(Release 5.0.5 |September

22, 2000) at 12/14/2000 04:34:58 PM, Serialize complete at 12/14/2000 04:34:58

PM

One note to an earlier response when I didn't have the user specified in
the /etc/passwd file (something like 'Sounds like a security hole').  How
is it a security hole?  In order to get access to the sshd box, I have to
send my public key file to that box and have the owner (in this case me)
add it to the ~/.ssh/authorized_keys file.  Another difference is in
password lengths.  Std Unix is 8 bytes.  I use a 24-byte passphrase for my
RSA and DSA keys...

Also, under Windows Millenium (i.e., any non-NT+), how are users obtained
by mkpasswd in the generation of the /etc/passwd file?  If it just uses the
current user, then I lose my changes every time I run the Cygwin setup.exe
as it auto-executes mkpasswd whenever I run it.

Note: below is reposted as I think I sent it to the wrong address
earlier...

As requested, here is the full output of both "ssh -v" and "sshd -d".  In
order to simplify, I'm only including the output of running via Protocol 1
when no entry exists on the WindMill passwd file for the given user (which
worked in the prior OpenSSH).

ssh -v:
  SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0.
  Compiled with SSL (0x0090581f).
  debug: Reading configuration data /etc/ssh_config
  debug: Applying options for *
  debug: Applying options for 168.135.21.101
  debug: Seeding random number generator
  debug: ssh_connect: getuid 1003 geteuid 1003 anon 1
  debug: Connecting to 168.135.21.101 [168.135.21.101] port 80.
  debug: Connection established.
  debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0p1
  debug: no match: OpenSSH_2.3.0p1
  debug: Local version string SSH-1.5-OpenSSH_2.3.0p1
  debug: Waiting for server public key.
  debug: Received server public key (768 bits) and host key (1024 bits).
  debug: Host '168.135.21.101' is known and matches the RSA host key.
  debug: Seeding random number generator
  debug: Encryption type: 3des
  debug: Sent encrypted session key.
  debug: Installing crc compensation attack detector.
  debug: Received encrypted confirmation.
  Permission denied.
  debug: Calling cleanup 0x414cf0(0x0)

sshd -d:
  debug1: sshd version OpenSSH_2.3.0p1
  debug1: Seeding random number generator
  debug1: read DSA private key done
  debug1: Seeding random number generator
  debug1: Bind to port 80 on 0.0.0.0.
  Server listening on 0.0.0.0 port 80.
  Generating 768 bit RSA key.
  debug1: Seeding random number generator
  debug1: Seeding random number generator
  RSA key generation complete.
  debug1: Server will not fork when running in debugging mode.
  Connection from 168.135.22.40 port 3635
  debug1: Client protocol version 1.5; client software version OpenSSH_2.3.0p1
  debug1: no match: OpenSSH_2.3.0p1
  debug1: Local version string SSH-1.99-OpenSSH_2.3.0p1
  debug1: Sent 768 bit public key and 1024 bit host key.
  debug1: Encryption type: 3des
  debug1: Received session key; encryption turned on.
  debug1: Installing crc compensation attack detector.
  debug1: Attempting authentication for illegal user k02189.
  Connection closed by 168.135.22.40
  debug1: Calling cleanup 0x4149e4(0x0)


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT sources DOT redhat DOT com>
List-Help:	<mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT sources DOT redhat DOT com
Delivered-To:	mailing list cygwin AT sources DOT redhat DOT com
Date:	Thu, 14 Dec 2000 16:34:56 -0600
From:	Rob_Hannah AT deluxe DOT com
Subject:	Re: Problem with sshd on WindMill
To:	cygwin AT cygwin DOT com
Message-id:	<OF419CE423.CDD53CCF-ON862569B5.0078EEC1@deluxe.com>
MIME-version:	1.0
X-MIMETrack:	Serialize by Router on LN610109/Deluxe Corporation(Release 5.0.5
	\|September 22, 2000) at 12/14/2000 04:34:57 PM,
	Itemize by SMTP Server on LNDLXHUB1/Deluxe Corporation(Release 5.0.5
	\|September 22, 2000) at 12/14/2000 04:34:57 PM,
	Serialize by Router on LNDLXHUB1/Deluxe Corporation(Release 5.0.5 \|September
	22, 2000) at 12/14/2000 04:34:58 PM, Serialize complete at 12/14/2000 04:34:58
	PM