| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-SWARE-Spam-Status: | No, hits=-2.7 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS |
| X-Spam-Check-By: | sourceware.org |
| To: | cygwin AT cygwin DOT com |
| From: | Thorsten Kampe <thorsten AT thorstenkampe DOT de> |
| Subject: | Re: OpenSSH pubkey authentication failing after update to 5.4 |
| Date: | Wed, 10 Mar 2010 18:04:37 +0100 |
| Lines: | 45 |
| Message-ID: | <hn8jfb$ci5$2@dough.gmane.org> |
| References: | <hn8gjj$ci5$1 AT dough DOT gmane DOT org> <20100310163244 DOT GA6505 AT calimero DOT vinschen DOT de> |
| Mime-Version: | 1.0 |
| User-Agent: | MicroPlanet-Gravity/2.9.14 |
| X-IsSubscribed: | yes |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
* Corinna Vinschen (Wed, 10 Mar 2010 17:32:44 +0100) > > On Mar 10 17:15, Thorsten Kampe wrote: > > Hi, > > > > today I updated to OpenSSH 5.4 from 5.3 and I noticed on four different > > hosts that pubkey authentication was not working anymore after the > > update (while password authentication still works). > > > > I started the server with "-ddd" and this is the (in my opinion) > > critical difference: > > > > # 5.3 (old SSH) > > temporarily_use_uid: 500/513 (e=1105/513) > > trying public key file /home/admin/.ssh/authorized_keys > > fd 4 clearing O_NONBLOCK > > matching key found: file /home/admin/.ssh/authorized_keys, line 1 > > Found matching DSA key: 1b:31:25:da:6f:89:17:e8:25:46:46:60:ed:6f:a2:6c > > > > # 5.4 (new SSH) > > temporarily_use_uid: 500/513 (e=1105/513) > > trying public key file //.ssh/authorized_keys > > restore_uid: 1105/513 > > temporarily_use_uid: 500/513 (e=1105/513) > > trying public key file //.ssh/authorized_keys > > restore_uid: 1105/513 > > Failed publickey for admin from 149.44.136.129 port 2864 ssh2 > > > > > > What else can I provide to help troubleshooting this issue?! > > It works for me, regardless of running as service or in the commandline. > The path to the authorized_keys file is the entry from /etc/passwd. You > should try to find out where it's getting the / from in the path to > authorize_keys. Do you have two different entries for the Administrator > user, by any chance? Okay, I figured it out, it's a bug. The problem comes from "AuthorizedKeysFile .ssh/authorized_keys" in sshd_config (which is according to the sshd_config man page the default). It looks like the value was interpreted in OpenSSH 5.3 as a relative path (relative to the user's home directory) and in 5.4 as an absolute path. Commenting out this setting fixes the problem. Thanks, Thorsten -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |