Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT sourceware DOT cygnus DOT com Delivered-To: mailing list cygwin AT sourceware DOT cygnus DOT com From: Alexander Vorobiev To: cygwin Cc: Corinna Vinschen Subject: Re: OpenSSH and RSA authentication problem References: <640eFmwJo0579M04 AT www DOT netaddress DOT com> <657eFNRZm1003M29 AT www DOT netaddress DOT com> In-Reply-To: Corinna Vinschen's message of "Wed, 14 Jun 2000 19:26:05 0200" User-Agent: Gnus/5.0804 (Gnus v5.8.4) XEmacs/21.2 (Melpomene) Date: 14 Jun 2000 13:54:38 -0500 Message-Id: Lines: 95 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id PAA06301 Corinna Vinschen    writes: > Anyway. Please send the output of sshd -d and ssh -V in > case of RSA authentication. Maybe that there is some > interesting info. avorobiev$ /usr/local/sbin/sshd.exe -d debug: sshd version OpenSSH-1.2.2 debug: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. Generating 768 bit RSA key. RSA key generation complete. debug: Server will not fork when running in debugging mode. Connection from 127.0.0.1 port 4085 debug: Client protocol version 1.5; client software version OpenSSH-1.2.2 debug: Sent 768 bit public key and 1024 bit host key. debug: Encryption type: 3des debug: Received session key; encryption turned on. debug: Installing crc compensation attack detector. debug: Attempting authentication for administrator. debug: seteuid 500: Not owner debug: seteuid 500: Not owner Failed rsa for administrator from 127.0.0.1 port 4085 Connection closed by 127.0.0.1 debug: Calling cleanup 0x411ebc(0x0) avorobiev$ and here is what client displays (the same machine): avorobiev$ slogin -v localhost SSH Version OpenSSH-1.2.2, protocol version 1.5. Compiled with SSL. debug: Reading configuration data /usr/local/etc/ssh_config debug: Applying options for * debug: seteuid 500: Not owner debug: ssh_connect: getuid 500 geteuid 500 anon 1 debug: Connecting to localhost [127.0.0.1] port 22. debug: seteuid 500: Not owner debug: seteuid 500: Not owner debug: seteuid 500: Not owner debug: seteuid 500: Not owner debug: Connection established. debug: setuid 500: Not owner debug: Remote protocol version 1.5, remote software version OpenSSH-1.2.2 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Forcing accepting of host key for loopback/localhost. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying RSA authentication with key 'administrator AT NTBOX' debug: Server refused our key. Permission denied. debug: Calling cleanup 0x40bb1c(0x0) avorobiev$ and here is what client displays when I try to connect from unix box (real ip addresses and machine names changed): slogin xx.xx.xx.xx -l administrator -v SSH Version 1.2.27 [hppa1.1-hp-hpux10.20], protocol version 1.5. Standard version. Does not use RSAREF. unixbox: Reading configuration data /homedirs/avorobiev/.ssh/config unixbox: Applying options for * unixbox: ssh_connect: getuid 1799 geteuid 1799 anon 1 unixbox: Connecting to xx.xx.xx.xx port 22. unixbox: Connection established. unixbox: Remote protocol version 1.5, remote software version OpenSSH-1.2.2 unixbox: Waiting for server public key. unixbox: Received server public key (768 bits) and host key (1024 bits). unixbox: Host 'xx.xx.xx.xx' is known and matches the host key. unixbox: Initializing random; seed file /homedirs/avorobiev/.ssh/random_seed unixbox: IDEA not supported, using 3des instead. unixbox: Encryption type: 3des unixbox: Sent encrypted session key. unixbox: Installing crc compensation attack detector. unixbox: Received encrypted confirmation. unixbox: No agent. unixbox: Trying RSA authentication with key 'avorobiev AT UNIXBOX' unixbox: Server refused our key. Permission denied. in the latter case sshd -d outputs exactly the same messages as in the former case (connection from localhost) but with different ip addresses of course all RSA-related files (identity, authorized_hosts etc) seem to be ok. It all looks like some permission problem... Alexander -- Narrowness of experience leads to narrowness of imagination -- Rob Pike -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com