From: pfay AT acl DOT lanl DOT gov (Patrick J. Fay) Subject: Re: ssh/sshd and /dev/tty 5 Jan 1998 14:05:50 -0800 Message-ID: References: <34B14F6D DOT 1C86F715 AT biddersedge DOT com> Reply-To: "Patrick J. Fay" Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII To: Derek Young Cc: chuck AT ethereal DOT ru, gnu-win32 AT cygnus DOT com Hello Derek, No I'm not using x stuff. Let's try this all on your PC. Try: 1st window ../sshd -d 2nd window env|grep HOST (for bash) export CYGWIN_TITLE=1 export CYGWIN_TTY=1 export DISPLAY='yourhost:0.0' export TERM=linux #this may not be necessary ../ssh -v yourhost This should work. I do have DISPLAY set but I didn't know it mattered. Let me know. I'm not at my PC right now so I can't test this out myself. Pat On Mon, 5 Jan 1998, Derek Young wrote: > I followed all your instructions and everything seems to be set up OK. > > I was able to fix the problem where the server said "bad modes for /derek". > StrictModes was turned on in the /etc/ssh_config file. I turned this off > temporarily. > > I am still getting the "You have no controlling tty and no DISPLAY. Cannot > read passphrase" error message. I've traced this down to readpass.c. It's > trying to open /dev/tty. > > if (from_stdin) > f = stdin; > else > { > /* Read the passphrase from /dev/tty to make it possible to ask it even > when stdin has been redirected. */ > f = fopen("/dev/tty", "r"); > if (!f) > { > if (getenv("DISPLAY")) > { > // read via display > // .... [ommitted] ... > } > > /* No controlling terminal and no DISPLAY. Nowhere to read. */ > fprintf(stderr, "You have no controlling tty and no DISPLAY. Cannot > read passphrase.\n"); > exit(1); > } > } > > The code is trying to open /dev/tty, which fails. If I have DISPLAY set to > something, ssh tries running ssh-askpass to prompt for the password on an X > display. This program complains about X11.dll (or something like that) not > being found (I'm not running X). > > I read in a previous message you could do "mount con /dev/tty" to simulate a > tty, but this didn't work for me. > > I'm guess that you might be running X and that's why this works for you? Have > any ideas on a workaround for getting /dev/tty to work? I suppose I could > apply the patches to ssh and recompile it, but if there's an easier work > around I'd rather not. > > Thanks again for your help. > > -- Derek Young > > Patrick J. Fay wrote: > > > Hello Derek, > > Do on the pc: > > mkdir /derek/.ssh > > ssh-keygen > > tell it to put the file in /derek/.ssh/identity > > give it a passphrase. > > ftp (or somehow get) your new identity* files to the other > > host in your otherhost:~derek/.ssh/identity* > > copy the ~/.ssh/identity.pub file to ~/.ssh/authorized_keys > > Note that each system that you want to ssh to will need a copy > > of your identity.pub in it's authorized_keys. > > That is how it 'knows' who to let in. > > Try that and let me know what happens. You should get further anyway. > > Pat > > > > On your pc (or on a host with ssh-keygen) you need to run ssh-keygen > > On Mon, 5 Jan 1998, Derek Young wrote: > > > > > Hello, I have just installed the ssh/sshd software made available from > > > http://gnu-win32.paranoia.ru/ , but I have not been able to get it to > > > work. I changed my mounts to binary, set up the sshd config files, and > > > started sshd. I have Sergey's coolview DLL installed. I would like to > > > get this working so I can use it with CVS. > > > > > > When I run ssh, I get the message "You have no controlling tty and no > > > DISPLAY. Cannot read passphrase." Do I need some special environment > > > variables set to run this? I've also tried starting with the -t > > > command, but this has the same effect. > > > > > > > > > I am running ssh from a regular command prompt (not bash or tcsh). Even > > > if I run under bash I get the same error message. I have run ssh-keygen > > > to create my key in my .ssh directory. > > > > > > I started sshd with the -d command to get debugging info. After sshd > > > starts up with this... > > > > > > debug: sshd version 1.2.21 [] > > > debug: Initializing random number generator; seed file > > > /etc/ssh_random_seed > > > log: Server listening on port 22. > > > log: Generating 768 bit RSA key. > > > Generating p: ..........++ (distance 168) > > > Generating q: ................++ (distance 184) > > > Computing the keys... > > > Testing the keys... > > > Key generation complete. > > > log: RSA key generation complete. > > > > > > ... and I run ssh I get this output from sshd... > > > > > > debug: Server will not fork when running in debugging mode. > > > log: Connection from 24.128.36.106 port 3539 > > > debug: Client protocol version 1.5; client software version 1.2.21 > > > debug: Sent 768 bit public key and 1024 bit host key. > > > debug: Encryption type: idea > > > debug: Received session key; encryption turned on. > > > debug: Attempting authentication for dyoung. > > > log: Rsa authentication refused for dyoung: bad modes for /derek > > > debug: RSA authentication for dyoung failed. > > > fatal: Connection closed by remote host. > > > debug: Calling cleanup 0x40e9e4(0x0) > > > > > > > > > I don't know what "bad modes for /derek" means (/derek is my home > > > directory). Do I need some special permissions on this directory? This > > > directory is listed in my /etc/passwd file as well. sshd and ssh were > > > started as the same user, and I'm also trying to login with this user > > > name. > > > > > > Have I missed something? > > > > > > thanks for any help, > > > > > > -- Derek Young > > > > > > > > > > > > > > > > Patrick Fay, Ph.D., Intel Corp. email: pfay AT co DOT intel DOT com > > Los Alamos National Lab wk: (505) 665-9141 > > CTI M.S. B296 fax: (505) 667-5921 > > Los Alamos NM 87545 ASCI-RED http://www.acl.lanl.gov/~pfay/teraflop > > > > Patrick Fay, Ph.D., Intel Corp. email: pfay AT co DOT intel DOT com Los Alamos National Lab wk: (505) 665-9141 CTI M.S. B296 fax: (505) 667-5921 Los Alamos NM 87545 ASCI-RED http://www.acl.lanl.gov/~pfay/teraflop - For help on using this list (especially unsubscribing), send a message to "gnu-win32-request AT cygnus DOT com" with one line of text: "help".