Mail Archives: cygwin/2015/09/06/11:46:25

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2015/09/06/11:46:25

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:reply-to:to:message-id:subject

:mime-version:content-type:content-transfer-encoding; q=dns; s=

default; b=sY/bR090OpKJUPGNe1FbTDOmI8aEcAxA4J5g5kXY9SJk/c9rzDns7

kBQg+OXNOVkzeqmaHNWYzNi3d43+u6PJfH697EXAxvDPdUwr7N+tb6hRi18PhkjW

kkqcpEZpVLNx4j88JpGfyyYZRcQUl9Z4xxE+/aFxcUO6i74bYGRaso=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:reply-to:to:message-id:subject

:mime-version:content-type:content-transfer-encoding; s=default;

bh=WjTrwlYGR5s8S/pKKIXPDm0aUnk=; b=kb2eI+xQVpsE5tY35dFTFxthm0wh

pJ61ltRYJSzR3QAOhImeFuoaGbOtqOizfVSwx0bNkXQLOzveFYzKLnEatjVtzbUK

PNMXZJr5J+vJVkKJStEnss6pRI36Wh0Yvd4oY2M4t+4kE44vusKOcLAqqmnNQTAI

Y6NbNUzVY35YPmI=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=0.5 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2

X-HELO: nm1.bullet.mail.gq1.yahoo.com

Date: Sun, 6 Sep 2015 15:46:03 +0000 (UTC)

From: Zdzislaw Meglicki <zdzisiekm AT sbcglobal DOT net>

Reply-To: Zdzislaw Meglicki <zdzisiekm AT sbcglobal DOT net>

To: "cygwin AT cygwin DOT com" <cygwin AT cygwin DOT com>

Message-ID: <1536135967.1623711.1441554363665.JavaMail.yahoo@mail.yahoo.com>

Subject: Re: Sshd behaving strangely...

MIME-Version: 1.0

   > OpenSSH 7.0 (and thus the current 7.1) deprecated a couple 
   > of old and insecure ciphers.  Probably that's the reason.

Well, what I mean is that it is strange that sshd-7.1p1-1 accepts
a connection from ssh-3.9p1, upon announcing that the "key type ssh-dss [is] not in PubkeyAcceptedKeyTypes," and lets the user in having accepted
the password, yet rejects connection from ssh-6.8p1-1 not even allowing
for the presentation of a password, and claims that "seteuid operation
[is] not permitted." 

Why was the operation permitted when the key was not in
PubkeyAcceptedKeyTypes?

This seems to me to be a security bug.

And I still wonder how to configure sshd to allow normal connections
with accepted key types, any documentation out there that would help?

Zdzislaw (Gustav) Meglicki
Indiana University

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:to:message-id:subject
	:mime-version:content-type:content-transfer-encoding; q=dns; s=
	default; b=sY/bR090OpKJUPGNe1FbTDOmI8aEcAxA4J5g5kXY9SJk/c9rzDns7
	kBQg+OXNOVkzeqmaHNWYzNi3d43+u6PJfH697EXAxvDPdUwr7N+tb6hRi18PhkjW
	kkqcpEZpVLNx4j88JpGfyyYZRcQUl9Z4xxE+/aFxcUO6i74bYGRaso=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:to:message-id:subject
	:mime-version:content-type:content-transfer-encoding; s=default;
	bh=WjTrwlYGR5s8S/pKKIXPDm0aUnk=; b=kb2eI+xQVpsE5tY35dFTFxthm0wh
	pJ61ltRYJSzR3QAOhImeFuoaGbOtqOizfVSwx0bNkXQLOzveFYzKLnEatjVtzbUK
	PNMXZJr5J+vJVkKJStEnss6pRI36Wh0Yvd4oY2M4t+4kE44vusKOcLAqqmnNQTAI
	Y6NbNUzVY35YPmI=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=0.5 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2
X-HELO:	nm1.bullet.mail.gq1.yahoo.com
Date:	Sun, 6 Sep 2015 15:46:03 +0000 (UTC)
From:	Zdzislaw Meglicki <zdzisiekm AT sbcglobal DOT net>
Reply-To:	Zdzislaw Meglicki <zdzisiekm AT sbcglobal DOT net>
To:	"cygwin AT cygwin DOT com" <cygwin AT cygwin DOT com>
Message-ID:	<1536135967.1623711.1441554363665.JavaMail.yahoo@mail.yahoo.com>
Subject:	Re: Sshd behaving strangely...
MIME-Version:	1.0