X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:in-reply-to
	:references:mime-version:content-type:content-transfer-encoding;
	q=dns; s=default; b=lj6rY+omgp9+eFMJ928pnCKtiafaC8K7eE9jrumVsBY
	boZqwtGk+TsK/TzrBnlSCfOJx9ZxDk1l1esVP7AD1IfTcnR/Fn4LkrxZ2uq2CbTN
	1UzUc6k0afMg/MrRe8nEsBpvD/65UGsZ9xeQDGn1gCi8TgIisFAyUvDFJzmF7Mlw
	=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:in-reply-to
	:references:mime-version:content-type:content-transfer-encoding;
	s=default; bh=PpDnzY/mf8uFZUv/39gLJwzvkcs=; b=tb2zs+HDjJpD8J3c8
	9EzjZ9/3tchOHwqY0Lca7RcwZat2AdMZVZ7Dgetj6hPdOIFgRXIAIWLZBgiMIeeV
	/JdmtoJN6GTE6wNlSz/886qO8XWbyes1JoG31iHbzo07aZrJjTHr+7SxRmGc1LBV
	v4SrgSdH8ieoeR47fLApH7Kg1o=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-0.6 required=5.0 tests=AWL,BAYES_20,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=username, AUTHORITY, byron, Byron
X-HELO:	mail-io0-f178.google.com
X-Received:	by 10.107.169.29 with SMTP id s29mr6086694ioe.190.1450457204359; Fri, 18 Dec 2015 08:46:44 -0800 (PST)
Date:	Fri, 18 Dec 2015 11:46:37 -0500
From:	Byron <anondaymia AT gmail DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: With nsswitch db_home of /cygdrive/c/%U ssh can't seem to use .ssh folder
Message-ID:	<20151218114637.79fb7651@byron-fed23.brc.local>
In-Reply-To:	<20151218161255.GM3507@calimero.vinschen.de>
References:	<20151218100208 DOT 68ac88d4 AT byron-fed23 DOT brc DOT local> <20151218161255 DOT GM3507 AT calimero DOT vinschen DOT de>
MIME-Version:	1.0
X-IsSubscribed:	yes

On Fri, 18 Dec 2015 17:12:55 +0100
Corinna Vinschen wrote:

> On Dec 18 10:02, Byron wrote:
> > Every time I use ssh to a machine I get the fingerprint warnings
> > like it's the first time I've ssh-ed to that machine. I've narrowed
> > it down to have something to do with my `db_home` being set to
> > `/cygdrive/c/%U` in `nsswitch.conf`. I have it set to this value
> > because I want my Cygwin home folder to be the home folder of my
> > computer. Since I'm on an Active Directory network if I set
> > `db_home` to `windows` then my home folder is on a network file
> > server rather than my desktop.
> > 
> Also, usually your Windows home folder is not /cygdrive/c/$USERNAME
> but /cygdrive/c/Users/$USERNAME.  Are you sure that's not the problem
> here?

That was indeed the problem! I missed the `Users/` part of the path
when I defined `db_home`.

> > Permissions of my `/cygdrive/c/bkboulton/.ssh` folder ar
> > `drwx------+`.
> 
> The '+' is suspicious.  What does icacls print for .ssh?

I have no idea what any of this means, but here you go.

```
$ icacls .ssh
.ssh XXX\myusername:(F)
     XXX\Domain Users:(Rc,S,RA)
     Everyone:(Rc,S,RA)
     NT AUTHORITY\SYSTEM:(Rc,S,RA)
     CREATOR OWNER:(OI)(CI)(IO)(F)
     CREATOR GROUP:(OI)(CI)(IO)(Rc,S,RA)
     Everyone:(OI)(CI)(IO)(Rc,S,RA)

Successfully processed 1 files; Failed processing 0 files
```

> 
> > Permissions on all file in that folder are `-rw-r--r--`.
> 
> All files?  Even the private keys?  The permissions for private
> keys should be 0600.

That's weird, I wonder how the private key permissions got to be 0644?
Fixed.

Thanks for spotting my problem with the `db_home` setting.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -