Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT sourceware DOT cygnus DOT com Delivered-To: mailing list cygwin AT sourceware DOT cygnus DOT com Message-ID: <3947E709.9446033B@vinschen.de> Date: Wed, 14 Jun 2000 22:11:53 +0200 From: Corinna Vinschen Reply-To: cygwin X-Mailer: Mozilla 4.73 [en] (X11; I; Linux 2.2.14 i686) X-Accept-Language: de, en MIME-Version: 1.0 To: Alexander Vorobiev CC: cygwin Subject: Re: OpenSSH and RSA authentication problem References: <640eFmwJo0579M04 AT www DOT netaddress DOT com> <657eFNRZm1003M29 AT www DOT netaddress DOT com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit There's no hint for a specific problem in sshd but it seems as if you didn't cat your identity.pub file to authorized_keys. At least the message is identical. If it would be a permission problem, eg. your authorized_keys file isn't readable by you, the debug output of ssh -v would contain: debug: Remote: Could not open /home/corinna/.ssh/authorized_keys for reading. debug: Remote: If your home is on an NFS volume, it may need to be world-readable Note that the below output is exactly(!) the same if your authorized_keys file doesn't exist. Corinna Alexander Vorobiev wrote: > > Corinna Vinschen writes: > > Anyway. Please send the output of sshd -d and ssh -V in > > case of RSA authentication. Maybe that there is some > > interesting info. > > avorobiev$ /usr/local/sbin/sshd.exe -d > debug: sshd version OpenSSH-1.2.2 > debug: Bind to port 22 on 0.0.0.0. > Server listening on 0.0.0.0 port 22. > Generating 768 bit RSA key. > RSA key generation complete. > debug: Server will not fork when running in debugging mode. > Connection from 127.0.0.1 port 4085 > debug: Client protocol version 1.5; client software version OpenSSH-1.2.2 > debug: Sent 768 bit public key and 1024 bit host key. > debug: Encryption type: 3des > debug: Received session key; encryption turned on. > debug: Installing crc compensation attack detector. > debug: Attempting authentication for administrator. > debug: seteuid 500: Not owner > debug: seteuid 500: Not owner > Failed rsa for administrator from 127.0.0.1 port 4085 > Connection closed by 127.0.0.1 > debug: Calling cleanup 0x411ebc(0x0) > avorobiev$ > > and here is what client displays (the same machine): > > avorobiev$ slogin -v localhost > SSH Version OpenSSH-1.2.2, protocol version 1.5. > Compiled with SSL. > debug: Reading configuration data /usr/local/etc/ssh_config > debug: Applying options for * > debug: seteuid 500: Not owner > debug: ssh_connect: getuid 500 geteuid 500 anon 1 > debug: Connecting to localhost [127.0.0.1] port 22. > debug: seteuid 500: Not owner > debug: seteuid 500: Not owner > debug: seteuid 500: Not owner > debug: seteuid 500: Not owner > debug: Connection established. > debug: setuid 500: Not owner > debug: Remote protocol version 1.5, remote software version OpenSSH-1.2.2 > debug: Waiting for server public key. > debug: Received server public key (768 bits) and host key (1024 bits). > debug: Forcing accepting of host key for loopback/localhost. > debug: Encryption type: 3des > debug: Sent encrypted session key. > debug: Installing crc compensation attack detector. > debug: Received encrypted confirmation. > debug: Trying RSA authentication with key 'administrator AT NTBOX' > debug: Server refused our key. > Permission denied. > debug: Calling cleanup 0x40bb1c(0x0) > avorobiev$ > > and here is what client displays when I try to connect from unix box > (real ip addresses and machine names changed): > > slogin xx.xx.xx.xx -l administrator -v > SSH Version 1.2.27 [hppa1.1-hp-hpux10.20], protocol version 1.5. > Standard version. Does not use RSAREF. > unixbox: Reading configuration data /homedirs/avorobiev/.ssh/config > unixbox: Applying options for * > unixbox: ssh_connect: getuid 1799 geteuid 1799 anon 1 > unixbox: Connecting to xx.xx.xx.xx port 22. > unixbox: Connection established. > unixbox: Remote protocol version 1.5, remote software version OpenSSH-1.2.2 > unixbox: Waiting for server public key. > unixbox: Received server public key (768 bits) and host key (1024 bits). > unixbox: Host 'xx.xx.xx.xx' is known and matches the host key. > unixbox: Initializing random; seed file /homedirs/avorobiev/.ssh/random_seed > unixbox: IDEA not supported, using 3des instead. > unixbox: Encryption type: 3des > unixbox: Sent encrypted session key. > unixbox: Installing crc compensation attack detector. > unixbox: Received encrypted confirmation. > unixbox: No agent. > unixbox: Trying RSA authentication with key 'avorobiev AT UNIXBOX' > unixbox: Server refused our key. > Permission denied. > > in the latter case sshd -d outputs exactly the same messages as in the > former case (connection from localhost) but with different ip > addresses of course > > all RSA-related files (identity, authorized_hosts etc) seem to be > ok. It all looks like some permission problem... > > Alexander > > -- > Narrowness of experience leads to narrowness of imagination > -- Rob Pike > > -- > Want to unsubscribe from this list? > Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com -- Corinna Vinschen Cygwin Developer Cygnus Solutions, a Red Hat company -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com