Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sourceware DOT cygnus DOT com>
List-Archive: <http://sourceware.cygnus.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sourceware DOT cygnus DOT com>
List-Help: <mailto:cygwin-help AT sourceware DOT cygnus DOT com>, <http://sourceware.cygnus.com/ml/#faqs>
Sender: cygwin-owner AT sourceware DOT cygnus DOT com
Delivered-To: mailing list cygwin AT sourceware DOT cygnus DOT com
From: Alexander Vorobiev <avorobiev AT usa DOT net>
To: cygwin <cygwin AT sourceware DOT cygnus DOT com>
Cc: Corinna Vinschen <corinna AT vinschen DOT de>
Subject: Re: OpenSSH and RSA authentication problem
References: <ym0n1kpms1u DOT fsf AT infarmis DOT abn DOT com> <640eFmwJo0579M04 AT www DOT netaddress DOT com> <ym0itvcmef6 DOT fsf AT infarmis DOT abn DOT com> <657eFNRZm1003M29 AT www DOT netaddress DOT com> <ym0d7lkm6tt DOT fsf AT infarmis DOT abn DOT com> <664eFNuL51143M25 AT www DOT netaddress DOT com>
Date: 14 Jun 2000 16:49:53 -0500
In-Reply-To: Corinna Vinschen's message of "Wed, 14 Jun 2000 22:11:53 0200"
Message-Id: <ym08zw8lypq.fsf@infarmis.abn.com>
Lines: 52
User-Agent: Gnus/5.0804 (Gnus v5.8.4) XEmacs/21.2 (Melpomene)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id RAA16013

You are right! Thanks

Corinna Vinschen <corinna AT vinschen DOT de>    writes:

>  Note that the below output is exactly(!) the same if
>  your authorized_keys file doesn't exist.

There was a misspelling in the file name. I corrected it but sshd
still doesn't work, it outputs the following

debug: Attempting authentication for administrator.
debug: seteuid 500: Not owner
RSA authentication refused for administrator: bad ownership or modes for '/cygdr
ive/c/avorobiev/.ssh/authorized_keys'.
debug: seteuid 500: Not owner
Failed rsa for administrator from 127.0.0.1 port 2668
Connection closed by 127.0.0.1

Well, NOW it definitely looks like a permission problem. Changing
permissions to 600 didnt help, so I decided to start from scratch and
regenerate passwd and groups files. But using mkpasswd I cant get
correct passwd record for me. Unfortunately I know little about NT
security scheme so the following is what i have now:

(I changed my real login name)
I login to the lan (NT domain and Netware tree) and my machine using
NWClient login dialog using "avorobiev" as user name. 

So _without_ passwd and groups files:

avorobiev$ id
uid=500(avorobiev) gid=544(Administrators) groups=544(Administrators)

neither mkpasswd -l nor mkpasswd -d DOMAIN generate user record with
uid=500 and gid=544 (or with username avorobiev)

mkpasswd -l gives me (among others)
Administrator::500:513:,S-1-...
mkpasswd -d DOMAIN doesn't generate a record with uid=500 at all

mkgroup -l gives me (among others)
None:S-...:513:
Administrators:S-...:544:

mkgroup -d doesn't generate group records with gid either 513 or 544
(it generates many others though)

So i'm a little confused - how can i get correct sid for my uid/gid
combination? What's a proper way of getting correct passwd and groups
files?

Alexander

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com