From: vherva AT niksula DOT hut DOT fi (Ville Herva) Subject: Re: sshd 1.2.25 problems 20 Jun 1998 12:14:47 -0700 Message-ID: <19980620111539.C22499.cygnus.gnu-win32@niksula.cs.hut.fi> References: <199806190936 DOT LAA26522 AT chekov DOT Belgium DOT eu DOT net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii To: gnu-win32 AT cygnus DOT com Cc: Roel Hofkens On Fri, Jun 19, 1998 at 10:40:14AM -0100, you [Roel Hofkens] claimed: > Hi, > > I'm trying to setup a working sshd 1.2.25 on NT (with RSA authentication). > I scanned through the mailing archive, found a lot of useful info but still > I'm in trouble. > > A description of the situation: > > -rw-r--r-- 1 roel everyone 376 Jun 19 11:13 WS_FTP.LOG > -rw-r--r-- 1 roel everyone 333 Jun 19 11:15 authorized_keys > -rw-r--r-- 1 roel everyone 529 Jun 19 11:13 identity > -rw-r--r-- 1 roel everyone 333 Jun 19 11:13 identity.pub > debug: RhostsRSA authentication failed for 'roel', remote 'roel', host > 'merchant > .eunet.be'. > debug: RSA authentication for roel failed. > debug: Password authentication for roel failed. > merchant: Trying RSA authentication with key 'roel AT merchant' > merchant: Server refused our key. > Permission denied. > > > Anybody who has an idea what I'm doing wrong (why does the server refuse > the key)? The original sshd is picky about the permissions of the files in ~/.ssh. It is clear that if identity is world readable as in your case, there is no security. So, if Sergey has not made a kludge that overcomes this, my guess is that this is the reason the RSAAuth does not work. I'm not sure whether you typed the right password, but if that was the case, you may be lacking the necessary rights for the account running sshd (see the archive, I just asked this, and got a good answer.) Although I'm fairly satisfied now accessing my NT box from my Linux box, I still wonder what's wrong with ssh's x-forwarding. It just says X11-forwarding denied by server, may be xauth could not be ran. As fa as I can tell, xauth should be runnable by sshd. Any clues what I might be doing wrong? As it was pointed out here in discussion about telnetd, you need to force the shell interactive (bash -i). This is the thing I did not know, and made the terminal appear somewehat mangled. -- v -- v AT iki DOT fi - For help on using this list (especially unsubscribing), send a message to "gnu-win32-request AT cygnus DOT com" with one line of text: "help".