Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin AT sources DOT redhat DOT com
From: "John Pollock" <jpollock AT curl DOT com>
To: <cygwin AT sourceware DOT cygnus DOT com>
Subject: RE: passwords for ssh/sshd and ssh_host_dsa_key
Date: Tue, 24 Oct 2000 10:52:04 -0400
Message-ID: <NEBBJPGNBOKKDAEIIMIKCEEOCCAA.jpollock@curl.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600

> I have just figured out how to get sshd up and running on an NT box.
> I have a problem however, when I try to login from another box,
> (or for that matter from the same box) my password isn't recognized.
> I have even tried accounts where there is no password, and the empty
> password is not recognized. Does sshd use a different set of passwords
> then the normal NT login? If so how do I define them for each user.

1) are you using opensshd available via the latest cygwin net release, or a
previous version of sshd?
2) If the former, did you run /usr/bin/ssh-config after installing cygwin?
That ensures that the sshd_config file is compatible with the version of
sshd you're using.  I'm guessing you probably did, since sshd would refuse
to even start up if the sshd_config file had invalid parameters.
3) Are you hoping to use RSA authentication (i.e. public/private key pairs)
or just NT password authentication?  If the latter, you should have the
PasswordAuthentication field in /etc/sshd_config set to "yes" and
RSAAuthentication should be set to "no".  And if you make these changes, you
should restart sshd so that it picks them up.
4) If you want to do password authentication, i think that the service
that's starting up sshd needs to be run as an account that has the advanced
user rights to log on as different user accounts.  There's "Act as part of
the OS", "Replace a Process-level Token", "Increase Quotas", and "Log on as
a service".  This isn't necessary with RSA authentication because you wind
up becoming the user that's running the sshd service in all cases.   Note
that these rights are not all granted to Administrators by default; they
need to be explicitly granted for the account you select using User Manager.

In addition, the users that want to be able to ssh in need to have entries
in /etc/passwd.

>Also when I start sshd, I get a warning, ssh_host_dsa_key not found. What
>does this mean? do I need this file?

Not if you're using RSA authentication or password authentication.

You can do "man sshd" for more information as well.  I'm not sure if there's
a doc on opensshd on the sources.redhat.com web page.

John


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com