Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com From: "Ross Smith II" To: "Max Bowsher" , "Marcos Lorenzo" Cc: Subject: RE: Trouble with RSA authentication Date: Thu, 31 Oct 2002 07:58:03 -0800 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0009_01C280B3.3D3BDD70" X-Priority: 3 (Normal) X-MSMail-Priority: Normal Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 In-Reply-To: <008101c280d9$0a819c00$78d96f83@pomello> ------=_NextPart_000_0009_01C280B3.3D3BDD70 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit /usr/doc/Cygwin/openssh-3.4p1-5.README states that RSA authentication only works if sshd runs under a user account (as opposed to the SYSTEM account). To that end, I've created 2 shell scripts to allow one to "switch" from running sshd as SYSTEM to running as a user, and visa versa. These scripts will also fix the '/var/empty' problem, so they are worthwhile to run once, even if you will never switch. I haven't tried it, but you could probably even have a user and a SYSTEM daemon running at the same time, by running one of the daemons on another port via the -p option. Attached and inline are the scripts. I'll also put the latest versions up at http://www.netebb.com/cygwin/. I'd love to see these incorporated into cygwin's openssh (or at least a user contribs) package. I'm not a cygwin wizard, so feedback is appreciated. -Ross #!/bin/sh # $Id: sshd_user.sh $ case "$1" in -h | -he | -hel | -help | -? | --h | --he | --hel | --help | --? | /h | /he | /hel | /help | /?) echo Usage: $0 [username] [password] ["CYGWIN options"] ["sshd options"] exit 1 ;; *) ;; esac if [ -n "$1" ] then USER=$1 fi CYGRUNSRV= if [ -n "$2" ] then CYGRUNSRV="-w $2" fi if [ -n "$3" ] then CYGWIN=$3 fi SSHD="" if [ -n "$4" ] then shift shift shift SSHD=$* fi cd if [ ! -d .ssh ] then echo $0: Please run ssh-user-config first to create your .ssh directory. exit 2 fi chown ${USER}.None . .ssh /var/empty /etc/ssh_host_* /var/log/sshd.log chmod 755 . .ssh chmod 600 .ssh/* chmod 644 .ssh/*.pub .ssh/authorized_keys? /var/log/sshd.log chmod 755 /var/empty cygrunsrv --stop sshd cygrunsrv --remove sshd cygrunsrv --install sshd -e "CYGWIN=${CYGWIN}" \ -u ${USER} \ ${CYGRUNSRV} \ -d "sshd as ${USER}" \ -p /usr/sbin/sshd.exe \ -1 /var/log/sshd.log \ -2 /var/log/sshd.log \ -a "-e -D ${SSHD} " cygrunsrv --start sshd #!/bin/sh # $Id: sshd_system.sh $ case "$1" in -h | -he | -hel | -help | -? | --h | --he | --hel | --help | --? | /h | /he | /hel | /help | /?) echo Usage: $0 [CYGWIN options...] exit 0 ;; *) ;; esac if [ -n "$1" ] then CYGWIN="$*" fi SSHD="" if [ -n "$4" ] then shift shift shift SSHD=$* fi if [ ! -f /etc/ssh_host_key ] then echo $0: Please run ssh-host-config first to create your /etc/ssh_host_* files. exit 2 fi chown SYSTEM.SYSTEM /var/empty /etc/ssh_host_* /var/log/sshd.log chmod 600 /etc/ssh_host_* chmod 644 /etc/ssh_host_*.pub /var/log/sshd.log chmod 755 /var/empty cygrunsrv --stop sshd cygrunsrv --remove sshd cygrunsrv --install sshd -e "CYGWIN=${CYGWIN}" \ -d "sshd as SYSTEM" \ -p /usr/sbin/sshd.exe \ -1 /var/log/sshd.log \ -2 /var/log/sshd.log \ -a "-e -D ${SSHD}" cygrunsrv --start sshd > -----Original Message----- > From: cygwin-owner AT cygwin DOT com [mailto:cygwin-owner AT cygwin DOT com]On Behalf > Of Max Bowsher > Sent: Thursday, October 31, 2002 4:29 AM > To: Marcos Lorenzo; cygwin AT cygwin DOT com > Subject: Re: Trouble with RSA authentication > > > Marcos Lorenzo wrote: > > I finally got sshd working! > > > > But I cannot authenticate via RSA. I made the keygen with ssh-keygen > > in my winbox and copied identity.pub to authorized_keys and identity > > in my linbox (I have the same files in both machines). I really know > > how ssh works in linux, but I have some troubles with RSA in cygwin. > > Below is the message that I got: > > > > 12:16:21 marcos AT laud~ ssh -i .ssh/identity.mozart -vvv mozart.lab -1 > > debug1: Connecting to mozart.lab [163.117.144.225] port 22. > > debug1: Trying RSA authentication with key '.ssh/identity.mozart' > > debug1: Server refused our key. > > Looks like the server logs with debugging enabled will hold the necessary > info to debug this. > > Max. ------=_NextPart_000_0009_01C280B3.3D3BDD70 Content-Type: application/octet-stream; name="sshd_user.sh" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="sshd_user.sh" #!/bin/sh=0A= # $Id: sshd_user.sh $=0A= =0A= case "$1" in=0A= -h | -he | -hel | -help | -? | --h | --he | --hel | --help | --? | = /h | /he | /hel | /help | /?)=0A= echo Usage: $0 [username] [password] ["CYGWIN options"] ["sshd options"]=0A= exit 1=0A= ;;=0A= *)=0A= ;;=0A= esac=0A= =0A= if [ -n "$1" ]=0A= then=0A= USER=3D$1=0A= fi=0A= =0A= CYGRUNSRV=3D=0A= if [ -n "$2" ]=0A= then=0A= CYGRUNSRV=3D"-w $2"=0A= fi=0A= =0A= if [ -n "$3" ]=0A= then=0A= CYGWIN=3D$3=0A= fi=0A= =0A= SSHD=3D""=0A= if [ -n "$4" ]=0A= then=0A= shift=0A= shift=0A= shift=0A= SSHD=3D$*=0A= fi=0A= =0A= cd=0A= =0A= if [ ! -d .ssh ]=0A= then=0A= echo $0: Please run ssh-user-config first to create your .ssh directory.=0A= exit 2=0A= fi=0A= =0A= chown ${USER}.None . .ssh /var/empty /etc/ssh_host_* /var/log/sshd.log =0A= chmod 755 . .ssh=0A= chmod 600 .ssh/*=0A= chmod 644 .ssh/*.pub .ssh/authorized_keys? /var/log/sshd.log=0A= chmod 755 /var/empty=0A= cygrunsrv --stop sshd=0A= cygrunsrv --remove sshd=0A= cygrunsrv --install sshd -e "CYGWIN=3D${CYGWIN}" \=0A= -u ${USER} \=0A= ${CYGRUNSRV} \=0A= -d "sshd as ${USER}" \=0A= -p /usr/sbin/sshd.exe \=0A= -1 /var/log/sshd.log \=0A= -2 /var/log/sshd.log \=0A= -a "-e -D ${SSHD} "=0A= cygrunsrv --start sshd=0A= ------=_NextPart_000_0009_01C280B3.3D3BDD70 Content-Type: application/octet-stream; name="sshd_system.sh" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="sshd_system.sh" #!/bin/sh=0A= # $Id: sshd_system.sh $=0A= =0A= case "$1" in=0A= -h | -he | -hel | -help | -? | --h | --he | --hel | --help | --? | = /h | /he | /hel | /help | /?)=0A= echo Usage: $0 [CYGWIN options...]=0A= exit 0=0A= ;;=0A= *)=0A= ;;=0A= esac=0A= =0A= if [ -n "$1" ]=0A= then=0A= CYGWIN=3D"$*"=0A= fi=0A= =0A= SSHD=3D""=0A= if [ -n "$4" ]=0A= then=0A= shift=0A= shift=0A= shift=0A= SSHD=3D$*=0A= fi=0A= =0A= if [ ! -f /etc/ssh_host_key ]=0A= then=0A= echo $0: Please run ssh-host-config first to create your = /etc/ssh_host_* files.=0A= exit 2=0A= fi=0A= =0A= chown SYSTEM.SYSTEM /var/empty /etc/ssh_host_* /var/log/sshd.log =0A= chmod 600 /etc/ssh_host_*=0A= chmod 644 /etc/ssh_host_*.pub /var/log/sshd.log=0A= chmod 755 /var/empty=0A= cygrunsrv --stop sshd=0A= cygrunsrv --remove sshd=0A= cygrunsrv --install sshd -e "CYGWIN=3D${CYGWIN}" \=0A= -d "sshd as SYSTEM" \=0A= -p /usr/sbin/sshd.exe \=0A= -1 /var/log/sshd.log \=0A= -2 /var/log/sshd.log \=0A= -a "-e -D ${SSHD}"=0A= cygrunsrv --start sshd=0A= ------=_NextPart_000_0009_01C280B3.3D3BDD70 Content-Type: text/plain; charset=us-ascii -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ ------=_NextPart_000_0009_01C280B3.3D3BDD70--