Mail Archives: cygwin/2003/11/05/10:32:07
Hi,
I've been scouring the internet for a resolution to this problem and
have yet to find how this was solved. I've been working on this for a
week, and I'm not any closer to solving it. Thanks in advance for taking
your time to help solve my problem.
I have setup a password less ssh connection to a Windows 2003 Server
using the SYSTEM account with privilege separation.
Here is an output from ssh -v localhost:
mdonovan AT EVO-LAPTOP ~
$ ssh -vvv redpig
OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to redpig [16.11.8.64] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /home/mdonovan/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/mdonovan/.ssh/id_dsa type 2
debug3: Not a RSA1 key file /home/mdonovan/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/mdonovan/.ssh/id_rsa type 1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.7.1p2
debug1: match: OpenSSH_3.7.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-gro
up1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,
aes256-c
tr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,
aes256-c
tr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-gro
up1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,
aes256-c
tr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,
aes256-c
tr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 124/256
debug2: bits set: 1577/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/mdonovan/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /home/mdonovan/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'redpig' is known and matches the RSA host key.
debug1: Found key in /home/mdonovan/.ssh/known_hosts:1
debug2: bits set: 1560/3191
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/mdonovan/.ssh/id_dsa (0x100ff100)
debug2: key: /home/mdonovan/.ssh/id_rsa (0x100f9948)
debug1: Authentications that can continue:
publickey,keyboard-interactive
debug3: start over, passed a different list
publickey,keyboard-interactive
debug3: preferred hostbased,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/mdonovan/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue:
publickey,keyboard-interactive
debug1: Offering public key: /home/mdonovan/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 149
debug2: input_userauth_pk_ok: fp
a7:8e:22:1d:54:fa:d6:25:9e:a8:0d:8e:bd:03:4f:41
debug3: sign_and_send_pubkey
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug3: clear hostkey 1
debug3: clear hostkey 2
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: ssh_session2_setup: id 0
debug2: channel 0: request pty-req
debug3: tty_make_modes: ospeed 38400
debug3: tty_make_modes: ispeed 38400
debug3: tty_make_modes: 1 3
debug3: tty_make_modes: 2 28
debug3: tty_make_modes: 3 127
debug3: tty_make_modes: 4 21
debug3: tty_make_modes: 5 4
debug3: tty_make_modes: 6 0
debug3: tty_make_modes: 7 0
debug3: tty_make_modes: 8 17
debug3: tty_make_modes: 9 19
debug3: tty_make_modes: 10 26
debug3: tty_make_modes: 12 18
debug3: tty_make_modes: 13 23
debug3: tty_make_modes: 14 22
debug3: tty_make_modes: 18 15
debug3: tty_make_modes: 30 0
debug3: tty_make_modes: 31 0
debug3: tty_make_modes: 32 0
debug3: tty_make_modes: 33 0
debug3: tty_make_modes: 34 0
debug3: tty_make_modes: 35 0
debug3: tty_make_modes: 36 1
debug3: tty_make_modes: 37 0
debug3: tty_make_modes: 38 1
debug3: tty_make_modes: 39 0
debug3: tty_make_modes: 40 0
debug3: tty_make_modes: 41 0
debug3: tty_make_modes: 50 1
debug3: tty_make_modes: 51 1
debug3: tty_make_modes: 53 1
debug3: tty_make_modes: 54 0
debug3: tty_make_modes: 55 0
debug3: tty_make_modes: 56 0
debug3: tty_make_modes: 57 0
debug3: tty_make_modes: 58 0
debug3: tty_make_modes: 59 1
debug3: tty_make_modes: 60 0
debug3: tty_make_modes: 61 0
debug3: tty_make_modes: 70 1
debug3: tty_make_modes: 71 0
debug3: tty_make_modes: 72 1
debug3: tty_make_modes: 73 0
debug3: tty_make_modes: 74 0
debug3: tty_make_modes: 75 0
debug3: tty_make_modes: 90 1
debug3: tty_make_modes: 91 1
debug3: tty_make_modes: 92 0
debug3: tty_make_modes: 93 0
debug2: channel 0: request shell
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 131072
Last login: Wed Nov 5 09:18:37 2003 from volatile-100-217.crl.dec.com
Fanfare!!!
You are successfully logged in to this server!!!
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1)
debug3: channel 0: close_fds r -1 w -1 e 6
Connection to redpig closed.
debug1: Transferred: stdin 0, stdout 0, stderr 30 bytes in 0.8 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 37.4
debug1: Exit status 255
Here is what my /etc/passwd looks like...
$ more passwd
SYSTEM:*:18:544:,S-1-5-18::
Users:S-1-5-32-545:545
Administrators:*:544:544:,S-1-5-32-544::
Administrator:unused_by_nt/2000/xp:500:513:U-REDPIG\Administrator,S-1-5-
21-33542
76650-2169606517-437829774-500:/home/Administrator:/bin/bash
ASPNET:unused_by_nt/2000/xp:1008:513:ASP.NET Machine
Account,U-REDPIG\ASPNET,S-1
-5-21-3354276650-2169606517-437829774-1008:/home/ASPNET:/bin/bash
Guest:unused_by_nt/2000/xp:501:513:U-REDPIG\Guest,S-1-5-21-3354276650-21
69606517
-437829774-501:/home/Guest:/bin/bash
IUSR_REDPIG:unused_by_nt/2000/xp:1005:513:Internet Guest
Account,U-REDPIG\IUSR_R
EDPIG,S-1-5-21-3354276650-2169606517-437829774-1005:/home/IUSR_REDPIG:/b
in/bash
IWAM_REDPIG:unused_by_nt/2000/xp:1006:513:Launch IIS Process
Account,U-REDPIG\IW
AM_REDPIG,S-1-5-21-3354276650-2169606517-437829774-1006:/home/IWAM_REDPI
G:/bin/b
ash
SUPPORT_388945a0:unused_by_nt/2000/xp:1001:513:CN=Microsoft
Corporation,L=Redmon
d,S=Washington,C=US,U-REDPIG\SUPPORT_388945a0,S-1-5-21-3354276650-216960
6517-437
829774-1001:/home/SUPPORT_388945a0:/bin/bash
sshd:unused_by_nt/2000/xp:1009:513:sshd
privsep,U-REDPIG\sshd,S-1-5-21-335427665
0-2169606517-437829774-1009:/var/empty:/bin/false
mdonovan:unused_by_nt/2000/xp:1003:513:mdonovan,U-REDPIG\mdonovan,S-1-5-
21-33542
76650-2169606517-437829774-1003:/home/mdonovan:/bin/bash
..and /etc/group...
$ more /etc/group
SYSTEM:S-1-5-18:18:
None:S-1-5-21-3354276650-2169606517-437829774-513:513:
Administrators:S-1-5-32-544:544:
Backup Operators:S-1-5-32-551:551:
Guests:S-1-5-32-546:546:
Network Configuration Operators:S-1-5-32-556:556:
Performance Log Users:S-1-5-32-559:559:
Performance Monitor Users:S-1-5-32-558:558:
Power Users:S-1-5-32-547:547:
Print Operators:S-1-5-32-550:550:
Remote Desktop Users:S-1-5-32-555:555:
Replicator:S-1-5-32-552:552:
Users:S-1-5-32-545:545:
HelpServicesGroup:S-1-5-21-3354276650-2169606517-437829774-1000:1000:
IIS_WPG:S-1-5-21-3354276650-2169606517-437829774-1007:1007:
REDBOTWEBCRL2003:S-1-5-21-3354276650-2169606517-437829774-1004:1004:
TelnetClients:S-1-5-21-3354276650-2169606517-437829774-1002:1002:
..my /etc/host keys*....
2 -rwx------+ 1 mdonovan None 1096 Nov 3 13:41 ssh_config
2 -rwx------+ 1 mdonovan None 1095 Oct 30 13:18 ssh_config.MD
1 -rw------- 1 Administ SYSTEM 668 Oct 28 16:50
ssh_host_dsa_key
1 -rw-r--r-- 1 Administ SYSTEM 610 Oct 28 16:50
ssh_host_dsa_key.pub
1 -rw------- 1 Administ SYSTEM 535 Oct 28 16:50 ssh_host_key
1 -rw-r--r-- 1 Administ SYSTEM 339 Oct 28 16:50
ssh_host_key.pub
1 -rwx------+ 1 mdonovan None 339 Oct 30 15:12
ssh_host_key.pub.md
4 -rw-r--r-- 1 Administ SYSTEM 3964 Oct 31 09:06
ssh_host_keys.pub
1 -rw------- 1 Administ SYSTEM 887 Oct 28 16:50
ssh_host_rsa_key
1 -rw-r--r-- 1 Administ SYSTEM 230 Oct 28 16:50
ssh_host_rsa_key.pub
3 -rwx------+ 1 mdonovan None 2161 Nov 3 20:47 sshd_config
..and my keys on localhost...
mdonovan AT redpig ~/.ssh
$ ls -lsa
total 6
0 drwxrwxrwx+ 4 mdonovan Administ 0 Nov 3 10:46 .
0 drwxrwxrwx+ 3 mdonovan Administ 0 Oct 30 08:39 ..
1 -rw------- 1 SYSTEM SYSTEM 225 Nov 3 10:17
authorized_keys
1 -rw------- 1 SYSTEM SYSTEM 605 Nov 3 10:18
authorized_keys2
1 -rw-------+ 1 mdonovan None 672 Nov 3 10:46 id_dsa
1 -rw-r--r-- 1 mdonovan None 605 Nov 3 10:13 id_dsa.pub
1 -rw-------+ 1 mdonovan None 887 Nov 3 10:46 id_rsa
1 -rw-r--r-- 1 mdonovan None 225 Nov 3 10:13 id_rsa.pub
0 drwxr-xr-x+ 2 mdonovan None 0 Nov 3 10:47 newkeys
0 drwxr-xr-x+ 2 mdonovan None 0 Nov 3 09:26 old
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -