Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Thu, 16 May 2002 20:41:14 +0200
From: "Gerrit P. Haase" <gerrit AT familiehaase DOT de>
Reply-To: "Gerrit P. Haase" <gerrit AT familiehaase DOT de>
Organization: Esse keine toten Tiere
X-Priority: 3 (Normal)
Message-ID: <81546376517.20020516204114@familiehaase.de>
To: cygwin AT cygwin DOT com
Subject: Re: SSHD under SYSTEM account (was: Re: cygwin & opensshd on .net enterprise server)
In-Reply-To: <Pine.LNX.4.44.0205161428420.1416-100000@magetower.office.aol.com>
References: <Pine DOT LNX DOT 4 DOT 44 DOT 0205161428420 DOT 1416-100000 AT magetower DOT office DOT aol DOT com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Prentis schrieb:

>  I think these docs are out of date.  this is fixed now, since I am
> doing it.

Ok. PublicKey is working, I figured out to set it up with PublicKey Auth
only and using my DSA key and only allowed protocol was SSH2.  I know
that and that is the reason why I'm still trying to figure out how to
use both (RSA & DSA over pubkey auth).

As I added 'RSAAuthentication yes' to the config it stops working and
I don't understand why.  My collegue has just some RSA keys and was
angry if I asked him to get some DSA keys too, so I tried to use both,
SSH1 & SSH2 and RSA & DSA with no passwords, only pubkey.

It seems to be tricky...

Well we have options, I could make some RSA keys and we would both use
RSA or he makes some DSA keys.  But now I have tasted blood (we say
in Germany: Blut geleckt...), I want to use both with our existing keys
just like we do at a Linux box we are both accessing where it works
well.


> On Thu, 16 May 2002, Gerrit P. Haase wrote:

>> Inc) schrieb:
>> 
>> >>I did copy him on the original note so he would be aware of the issue,
>> >>but at this point I have completely removed his version (including
>> >>deleting registry keys) and installed the cygwin environment. It appears
>> >>that all of cygwin works when run in a system owned command window, but
>> >>nothing works from an administrator account.
>> 
>> > Can you please acknowledge whether or not you read openssh*.README so that
>> > we know whether you've missed the obvious user rights settings necessary for
>> > the administrator account?
>> 
>> I read it and still have similar problems and there is this:
>> 
>>   "The system account does of course own that user rights by default."
>> 
>> That means SYSTEM is ok and it is the default if I let the
>> ssh-host-config do the service setup.  So I expect no problems here.
>> More:
>> 
>>   Unfortunately, if you choose that way, you can only logon with
>>   NT password authentification and you should change
>>   /etc/sshd_config to contain the following:
>> 
>>     PasswordAuthentication yes
>>     RhostsAuthentication no
>>     RhostsRSAAuthentication no
>>     RSAAuthentication no
>> 
>> 
>> Wow this is like a hammer.  That means I cannot use PublicKey
>> Authentication?  If I cannot use public key authentication, the whole
>> benefit (besides transfering passwords encrypted) is futsch...
>> 
>> If I let them try to guess my password several days there will be at
>> least one intruder every month...
>> 
>> Is this true that PublicKey auth isn't working? (I cannot believe it).
>> 
>> 
>> Gerrit
>> 



-- 
=^..^=


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/