Mail Archives: cygwin/2011/07/27/01:03:31

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2011/07/27/01:03:31

X-Recipient: archive-cygwin AT delorie DOT com

X-SWARE-Spam-Status: No, hits=3.8 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE,TW_JM,TW_RJ

X-Spam-Check-By: sourceware.org

User-Agent: Web-Based Email 5.5.13

Message-Id: <20110726220301.d52ff2515557dfa37b5fca37f5f74414.5482ed260b.wbe@email00.secureserver.net>

From: <djohnson AT qed-sys DOT com>

To: cygwin AT cygwin DOT com

Cc: "drj " <drjmgh AT gmail DOT com>

Subject: Man-in-the-middle error on only one side.

Date: Tue, 26 Jul 2011 22:03:01 -0700

Mime-Version: 1.0

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id p6R53Q3Y004223

I've tried to research this extensively but I'm hitting a wall now. 
 
I'm running a Windows 7 64 bit I7 box with 12 gbytes. I have VMware
Workstation installed and it is running VMware Studio which is a Ubuntu
virtual appliance. 
 
I've installed Cygwin OpenSSH and configured it using ssh-host-config
and ssh-user-config. Cygwin sshd is running as a service and the "Allow
service to interact with desktop" box is checked.
 
I AM able to connect via ssh and also to scp files to VMware Studio.
 
However, I am NOT ABLE to connect via ssh from VMware Studio to the
windows box. 
There are 3 data sections below that will hopefully describe the
problem:
  - The verbose output from the SSH command attempt: (VMware -> Windows)
  - The Windows event data generated by that attempt
  - The ssh-keygen data for each side of the connection
 
1. SSH COMMAND VERBOSE OUTPUT DATA
root AT VMwareStudio:~# more sshLog.txt
OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.120 [192.168.1.120] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
debug1: match: OpenSSH_5.8 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
44:92:ae:a4:32:51:06:bc:59:89:f3:be:38:53:54:52.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this
message.
Offending key in /root/.ssh/known_hosts:3
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid
man-in-the-middle attacks.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
Connection closed by 192.168.1.120
root AT VMwareStudio:~#
 
2. EVENT LOG DATA
Log Name: Application
Source: sshd
Date: 7/26/2011 8:49:46 PM
Event ID: 0
Task Category: None
Level: Error
Keywords: Classic
User: SYSTEM
Computer: drjmgh-PC
Description:
The description for Event ID 0 from source sshd cannot be found. Either
the component that raises this event is not installed on your local
computer or the installation is corrupted. You can install or repair the
component on the local computer. If the event originated on another
computer, the display information had to be saved with the event. The
following information was included with the event: 
sshd: PID 8608: fatal: seteuid 1020: Permission denied
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="sshd" />
<EventID Qualifiers="0">0</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-07-27T03:49:46.000000000Z" />
<EventRecordID>8201</EventRecordID>
<Channel>Application</Channel>
<Computer>drjmgh-PC</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data>sshd: PID 8608: fatal: seteuid 1020: Permission denied</Data>
</EventData>
</Event>
 
3. SSH-KEYGEN DATA
 a. The authorized_keys and known_hosts files on the VMware side.

   root AT VMwareStudio:~/.ssh# more authKeys.txt
     2048 44:92:ae:a4:32:51:06:bc:59:89:f3:be:38:53:54:52
authorized_keys
   root AT VMwareStudio:~/.ssh#

   root AT VMwareStudio:~/.ssh# more knownHosts.txt
     2048 44:92:ae:a4:32:51:06:bc:59:89:f3:be:38:53:54:52 known_hosts
   root AT VMwareStudio:~/.ssh#
 

 b. The Windows side. This is the /etc/ssh_host_rsa_key.pub file. I
added this key since the ssh command   
    output above indicated that this is the key that it is looking for.

  vmware_studiouser AT drjmgh-PC /etc
     $ ssh-keygen -lf ssh_host_rsa_key.pub
     2048 44:92:ae:a4:32:51:06:bc:59:89:f3:be:38:53:54:52
ssh_host_rsa_key.pub (RSA)
 
 
Thanks for any help that you can provide.
Don Johnson


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status:	No, hits=3.8 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE,TW_JM,TW_RJ
X-Spam-Check-By:	sourceware.org
User-Agent:	Web-Based Email 5.5.13
Message-Id:	<20110726220301.d52ff2515557dfa37b5fca37f5f74414.5482ed260b.wbe@email00.secureserver.net>
From:	<djohnson AT qed-sys DOT com>
To:	cygwin AT cygwin DOT com
Cc:	"drj " <drjmgh AT gmail DOT com>
Subject:	Man-in-the-middle error on only one side.
Date:	Tue, 26 Jul 2011 22:03:01 -0700
Mime-Version:	1.0
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id p6R53Q3Y004223