Mail Archives: cygwin/2002/01/17/09:50:01
Hi,
Not knowing anything about SSH I didn't realise openssh-3.0.2p1-4 (and
former) versions shouldn't have been asking for a password with the
correct keys at either end. I assumed I'd got something in a mess. It
appears not.
In the end I compiled openssh so I could get a bit more information on
the failure.
<snippet auth.c>
int
secure_filename(FILE *f, const char *file, struct passwd *pw,
char *err, size_t errlen)
{
uid_t uid = pw->pw_uid;
char buf[MAXPATHLEN], homedir[MAXPATHLEN];
char *cp;
struct stat st;
int zzz;
if (realpath(file, buf) == NULL) {
snprintf(err, errlen, "realpath %s failed: %s", file,
strerror(errno));
return -1;
}
if (realpath(pw->pw_dir, homedir) == NULL) {
snprintf(err, errlen, "realpath %s failed: %s",
pw->pw_dir,
strerror(errno));
return -1;
}
log("realpath=[%s][%s]",buf,homedir);
/* check the open file to avoid races */
zzz = fstat(fileno(f), &st);
log("st_uid=[%d] pw_uid=[%d]",st.st_uid,uid);
if ((zzz < 0) ||
(st.st_uid != 0 && st.st_uid != uid) ||
(st.st_mode & 022) != 0) {
snprintf(err, errlen, "bad ownership or modes for file
%s",
buf);
return -1;
}
<snippet /auth.c>
When run as a service sshd is emitting...
The description for Event ID ( 0 ) in Source ( /usr/sbin/sshd.exe )
could not be found. It contains the following insertion string(s):
/usr/sbin/sshd.exe : Win32 Process Id = 0x1B0 : Cygwin Process Id =
0x1B0 : debug1: temporarily_use_uid: 500/513 (e=18).
The description for Event ID ( 0 ) in Source ( /usr/sbin/sshd.exe )
could not be found. It contains the following insertion string(s):
/usr/sbin/sshd.exe : Win32 Process Id = 0x1B0 : Cygwin Process Id =
0x1B0 :
realpath=[/home/Administrator/.ssh/authorized_keys][/home/Administrator].
The description for Event ID ( 0 ) in Source ( /usr/sbin/sshd.exe )
could not be found. It contains the following insertion string(s):
/usr/sbin/sshd.exe : Win32 Process Id = 0x1B0 : Cygwin Process Id =
0x1B0 : st_uid=[18] pw_uid=[500].
The description for Event ID ( 0 ) in Source ( /usr/sbin/sshd.exe )
could not be found. It contains the following insertion string(s):
/usr/sbin/sshd.exe : Win32 Process Id = 0x1B0 : Cygwin Process Id =
0x1B0 : Authentication refused: bad ownership or modes for file
/home/Administrator/.ssh/authorized_keys.
Seems to think authorized_keys is owned by SYSTEM:18 but it isn't.
Stopping sshd as a service and running from within bash "sshd -d" works
fine and emits...
debug1: temporarily_use_uid: 500/513 (e=500)
debug1: trying public RSA key file
/home/Administrator/.ssh/authorized_keys
realpath=[/home/Administrator/.ssh/authorized_keys][/home/Administrator]
st_uid=[500] pw_uid=[500]
debug1: restore_uid
Accepted rsa for Administrator from 192.168.0.1 port 2446
...which isn't the end of it. I fired up a bash shell, launched from a
service with SYSTEM authority expecting a failure...
debug1: temporarily_use_uid: 500/513 (e=18)
debug1: trying public key file /home/Administrator/.ssh/authorized_keys
realpath=[/home/Administrator/.ssh/authorized_keys][/home/Administrator]
st_uid=[500] pw_uid=[500]
...but it worked, both as "sshd -d" and as a straight "sshd" (so it
forked in case that was it).
fstat will only fail when sshd is running as a service as SYSTEM. The
only viable approach I can think of at this point is to attach gdb to
the process forked by sshd and I can't for the life of me figure out how
to do that. I hope this info is useful to you folks with more intimate
knowledge 'cos I'm stuck! :-|
--
swamp-dog AT ntlworld DOT com
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -