Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sourceware DOT cygnus DOT com>
List-Archive: <http://sourceware.cygnus.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sourceware DOT cygnus DOT com>
List-Help: <mailto:cygwin-help AT sourceware DOT cygnus DOT com>, <http://sourceware.cygnus.com/ml/#faqs>
Sender: cygwin-owner AT sourceware DOT cygnus DOT com
Delivered-To: mailing list cygwin AT sourceware DOT cygnus DOT com
From: Alexander Vorobiev <avorobiev AT usa DOT net>
To: cygwin <cygwin AT sourceware DOT cygnus DOT com>
Cc: Corinna Vinschen <corinna AT vinschen DOT de>
Subject: Re: OpenSSH and RSA authentication problem
References: <ym0n1kpms1u DOT fsf AT infarmis DOT abn DOT com> <640eFmwJo0579M04 AT www DOT netaddress DOT com> <ym0itvcmef6 DOT fsf AT infarmis DOT abn DOT com> <657eFNRZm1003M29 AT www DOT netaddress DOT com>
In-Reply-To: Corinna Vinschen's message of "Wed, 14 Jun 2000 19:26:05 0200"
User-Agent: Gnus/5.0804 (Gnus v5.8.4) XEmacs/21.2 (Melpomene)
Date: 14 Jun 2000 13:54:38 -0500
Message-Id: <ym0d7lkm6tt.fsf@infarmis.abn.com>
Lines: 95
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id PAA06301

Corinna Vinschen <corinna AT vinschen DOT de>    writes:
>  Anyway. Please send the output of sshd -d and ssh -V in
>  case of RSA authentication. Maybe that there is some
>  interesting info.

avorobiev$ /usr/local/sbin/sshd.exe -d
debug: sshd version OpenSSH-1.2.2
debug: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug: Server will not fork when running in debugging mode.
Connection from 127.0.0.1 port 4085
debug: Client protocol version 1.5; client software version OpenSSH-1.2.2
debug: Sent 768 bit public key and 1024 bit host key.
debug: Encryption type: 3des
debug: Received session key; encryption turned on.
debug: Installing crc compensation attack detector.
debug: Attempting authentication for administrator.
debug: seteuid 500: Not owner
debug: seteuid 500: Not owner
Failed rsa for administrator from 127.0.0.1 port 4085
Connection closed by 127.0.0.1
debug: Calling cleanup 0x411ebc(0x0)
avorobiev$

and here is what client displays (the same machine):

avorobiev$ slogin -v localhost
SSH Version OpenSSH-1.2.2, protocol version 1.5.
Compiled with SSL.
debug: Reading configuration data /usr/local/etc/ssh_config
debug: Applying options for *
debug: seteuid 500: Not owner
debug: ssh_connect: getuid 500 geteuid 500 anon 1
debug: Connecting to localhost [127.0.0.1] port 22.
debug: seteuid 500: Not owner
debug: seteuid 500: Not owner
debug: seteuid 500: Not owner
debug: seteuid 500: Not owner
debug: Connection established.
debug: setuid 500: Not owner
debug: Remote protocol version 1.5, remote software version OpenSSH-1.2.2
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
debug: Forcing accepting of host key for loopback/localhost.
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: Trying RSA authentication with key 'administrator AT NTBOX'
debug: Server refused our key.
Permission denied.
debug: Calling cleanup 0x40bb1c(0x0)
avorobiev$

and here is what client displays when I try to connect from unix box
(real ip addresses and machine names changed):

slogin xx.xx.xx.xx -l administrator -v
SSH Version 1.2.27 [hppa1.1-hp-hpux10.20], protocol version 1.5.
Standard version.  Does not use RSAREF.
unixbox: Reading configuration data /homedirs/avorobiev/.ssh/config
unixbox: Applying options for *
unixbox: ssh_connect: getuid 1799 geteuid 1799 anon 1
unixbox: Connecting to xx.xx.xx.xx port 22.
unixbox: Connection established.
unixbox: Remote protocol version 1.5, remote software version OpenSSH-1.2.2
unixbox: Waiting for server public key.
unixbox: Received server public key (768 bits) and host key (1024 bits).
unixbox: Host 'xx.xx.xx.xx' is known and matches the host key.
unixbox: Initializing random; seed file /homedirs/avorobiev/.ssh/random_seed
unixbox: IDEA not supported, using 3des instead.
unixbox: Encryption type: 3des
unixbox: Sent encrypted session key.
unixbox: Installing crc compensation attack detector.
unixbox: Received encrypted confirmation.
unixbox: No agent.
unixbox: Trying RSA authentication with key 'avorobiev AT UNIXBOX'
unixbox: Server refused our key.
Permission denied.

in the latter case sshd -d outputs exactly the same messages as in the
former case (connection from localhost) but with different ip
addresses of course

all RSA-related files (identity, authorized_hosts etc) seem to be
ok. It all looks like some permission problem...


Alexander

--
Narrowness of experience leads to narrowness of imagination
        -- Rob Pike

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com