Mail Archives: cygwin/2005/10/19/18:02:24

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2005/10/19/18:02:24

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

To: cygwin AT cygwin DOT com

From: =?ISO-8859-1?Q?Ren=E9_Berber?= <rberber AT prodigy DOT net DOT mx>

Subject: Re: sshd refuses ssh connections

Date: Wed, 19 Oct 2005 16:57:25 -0500

Lines: 90

Message-ID: <dj6fg7$mdu$1@sea.gmane.org>

References: <BAYC1-PASMTP02C22AFAD2B236E5F46775C6700 AT CEZ DOT ICE> <435684E8 DOT 4040800 AT equate DOT dyndns DOT org> <BAYC1-PASMTP052431A24A326EC049E659C6700 AT CEZ DOT ICE> <dj64jm$f53$1 AT sea DOT gmane DOT org> <BAYC1-PASMTP03D9B6BA5EA3E3ED40A0F9C6700 AT CEZ DOT ICE>

Mime-Version: 1.0

User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)

In-Reply-To: <BAYC1-PASMTP03D9B6BA5EA3E3ED40A0F9C6700@CEZ.ICE>

OpenPGP: url=ldap://keyserver.pgp.com

X-IsSubscribed: yes

Marc Jourdeuil wrote:

> If the mode of the host keys is readable by other, sshd won't start.
> /var/log/sshd.log
>=20
> chmod g+r ssh_host_dsa_key
> chmod g+r ssh_host_rsa_key
> chmod g+r ssh_host_key

Whoa there!  I never said "change them", don't touch that.

[snip]
> /usr/sbin/sshd -D -dd
> debug2: load_server_config: filename /etc/sshd_config
> debug2: load_server_config: done config len =3D 187
> debug2: parse_server_config: config /etc/sshd_config len 187
> debug1: sshd version OpenSSH_3.9p1
> debug1: private host key: #0 type 0 RSA1
> debug1: read PEM private key done: type RSA
> debug1: private host key: #1 type 1 RSA
> debug1: read PEM private key done: type DSA
> debug1: private host key: #2 type 2 DSA
> /var/empty must be owned by root and not group or world-writable.

Check /var/empty, it should be created by the script and look like:
$ ll /var/empty
total 0
drwxr-xr-x+  2 SYSTEM  None 0 May 20  2004 ./

> Like this, ssh starts.

I don't follow, like this means...

> when you run ssh-host-config, if the keys already exist, it leaves them as
> is, which is fine.
> netstat -abn -> b is not a vaild option

In Windows XP it's a valid option...
$ netstat /?

Displays protocol statistics and current TCP/IP network connections.

NETSTAT [-a] [-b] [-e] [-n] [-o] [-p proto] [-r] [-s] [-v] [interval]

  -a            Displays all connections and listening ports.
  -b            Displays the executable involved in creating each connectio=
n or
                listening port. In some cases well-known executables host
...

Anyway you can also use tcpview from www.sysinternals.com if needed.

[snip]
> sshd is running again.
> The password file is correct for W2K, according to
> /usr/share/doc/Cygwin/login.README
>=20
> p4-3000:marcj:{/etc}224 % ps -ef
>      UID     PID    PPID TTY     STIME COMMAND
...
>   SYSTEM    1156       1   ?  15:04:57 /usr/bin/cygrunsrv
>   SYSTEM    1716    1156   ?  15:04:57 /usr/sbin/sshd
...
> I have turned off the firewall.
>=20
> ssh marcj AT 127 DOT 0 DOT 0 DOT 1
> ssh_exchange_identification: Connection closed by remote host

[Rant: stop repeating the same thing]

> p4-3000:marcj:{/etc}225 % ssh -vvv localhost
> OpenSSH_3.9p1, OpenSSL 0.9.7e 25 Oct 2004
> debug1: Reading configuration data /etc/ssh_config
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to localhost [127.0.0.1] port 22.
> debug1: Connection established.
> debug1: identity file /home/marcj/.ssh/identity type -1
> debug1: identity file /home/marcj/.ssh/id_rsa type -1
> debug1: identity file /home/marcj/.ssh/id_dsa type -1
> ssh_exchange_identification: Connection closed by remote host

Your user "marcj" doesn't have keys.

Read /usr/share/doc/Cygwin/openssh.README, run ssh-user-config (additional =
info
in man ssh-keygen and ssh_config).
--=20
Ren=E9 Berber


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
To:	cygwin AT cygwin DOT com
From:	=?ISO-8859-1?Q?Ren=E9_Berber?= <rberber AT prodigy DOT net DOT mx>
Subject:	Re: sshd refuses ssh connections
Date:	Wed, 19 Oct 2005 16:57:25 -0500
Lines:	90
Message-ID:	<dj6fg7$mdu$1@sea.gmane.org>
References:	<BAYC1-PASMTP02C22AFAD2B236E5F46775C6700 AT CEZ DOT ICE> <435684E8 DOT 4040800 AT equate DOT dyndns DOT org> <BAYC1-PASMTP052431A24A326EC049E659C6700 AT CEZ DOT ICE> <dj64jm$f53$1 AT sea DOT gmane DOT org> <BAYC1-PASMTP03D9B6BA5EA3E3ED40A0F9C6700 AT CEZ DOT ICE>
Mime-Version:	1.0
User-Agent:	Mozilla Thunderbird 1.0.2 (Windows/20050317)
In-Reply-To:	<BAYC1-PASMTP03D9B6BA5EA3E3ED40A0F9C6700@CEZ.ICE>
OpenPGP:	url=ldap://keyserver.pgp.com
X-IsSubscribed:	yes