Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin AT sources DOT redhat DOT com
Date: Sat, 9 Dec 2000 23:22:12 -0500
From: Christopher Faylor <cgf AT redhat DOT com>
To: Corinna Vinschen <cygwin AT cygwin DOT com>
Subject: Re: openSSH runs command= in authorized_keys? (Was W98 -- sshd )
Message-ID: <20001209232212.A19775@redhat.com>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: Corinna Vinschen <cygwin AT cygwin DOT com>
References: <wkelzjopa0 DOT fsf AT blue DOT sea DOT net> <00120723515909 DOT 04143 AT cobold> <wk7l59nes7 DOT fsf_-_ AT blue DOT sea DOT net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.11i
In-Reply-To: <wk7l59nes7.fsf_-_@blue.sea.net>; from posting-list@MailAndNews.com on Sun, Dec 10, 2000 at 06:16:22AM +0200
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id XAA10641

On Sun, Dec 10, 2000 at 06:16:22AM +0200, Jari Aalto+mail.emacs wrote:
>* Thu 2000-12-07 Corinna Vinschen <cygwin AT cygwin DOT com> list.cygwin
>* Message-Id: <00120723515909 DOT 04143 AT cobold>
>| On Thursday 07 December 2000 23:11, Jari Aalto+mail.emacs wrote:
>| 
>| > Authentication tried for jaalto with correct key but not from a
>| > permitted host ( host3.167.166.26, ip3.167.166.26).
>| > ---------------------------------------------------------------------
>| >-- # /etc/sshd_config -- Cygwin -- Open SSH 2.1.1
>| > # $Id$
>| > #
>| > # This is ssh server systemwide configuration file.
>| >
>| >
>| > Port		    22
>| > Protocol	    1,2
>| >
>| > # ListenAddress 0.0.0.0
>| > # ListenAddress ::
>| > # HostKey /etc/ssh_host_key
>| >
>| > ServerKeyBits	    768
>| > LoginGraceTime	    600
>| >
>| > KeyRegenerationInterval 3600
>| >
>| > #   Don't read ~/.rhosts and ~/.shosts files
>| >
>| > IgnoreRhosts	    no
>| 
>| Try setting
>| 
>| 	IgnoreRhosts yes
>| 
>| in your sshd_config file.
>
>Exllent, it almost permitted me to login, but now it tries to
>run this command
>
>   Accepted rsa for jaalto from 193.167.70.2 port 36312
>   debug1: session_new: init
>   debug1: session_new: session 0
>   debug1: Enabling compression at level 9.
>   debug1: Allocating a pty not permitted for this authentication.
>>>   debug1: Forced command '/users/jaalto/test.sh'
>
>Why does it want to run it, when I'm not connecting from X
>not Y? The line in my authorized_keys reads:
>
>command="/users/jaalto/test.sh",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,from="terra.cs.tpu.fi" 1024 37 ....KEY... acos-pwdless
>
>The client machine I used for connecting to Win98 sshd was
>
>    newton tmp % nslookup newton.tpu.fi
>    Server:  newton.tpu.fi
>    Address:  193.167.70.2
>
>    Name:    newton.tpu.fi
>    Address:  193.167.70.2
>
>
>It's t supposed to trigger only for specific domain addresses?

No.  The trigger is the public key in authorized_keys.  If you are logging in
from a host which is has the corresponding private key then you will trigger
this line.  This is openssh working as designed.

cgf

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com