Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <5D4071E2FFF3C048B4D101578625E7F6018FD12E@emsbax01.resdom.droot.net>
From: Stefan DOT Vogler AT HVBInfo DOT com
To: cygwin AT cygwin DOT com
Subject: SSH-Keyauthentification with Windows 2003
Date: Thu, 8 Jan 2004 14:48:02 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
X-IsSubscribed: yes

Hello,

I want to realize SSH-Keyauthentification with Windows 2003 and cygwin
1.5.5.1 As ssh-client I use putty 0.53b on a Windows NT SP6-workstation.

 I use a technical account for the ssh-service with the privileges

- logon as service
- create token
- replace process token

because the local system account context does'nt work anymore under Windows
2003.

If I'm logged on locally on the windows machine (running the ssh-Service)
with the account "p859301" and starting the putty-ssh-Shell from another
one, the keyauthentification for the user "p859301" works fine. (this
meanes, that  ssh is properly configured for this user)

If I'm logged off locally from the machine (running the ssh-Service) and
starting the putty-ssh-shell from another one , I can enter the passphrase
for my public key and then get the following error message

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2004.01.08 13:40:05
=~=~=~=~=~=~=~=~=~=~=~=
login as: p859301
Authenticating with public key "rsa-key-20031002"
Passphrase for key "rsa-key-20031002": 
Last login: Thu Jan  8 13:39:53 2004 from 172.108.20.203 Could not chdir to
home directory /home/p859301: No such file or directory
/bin/bash: No such file or directory

____________________________________________________________________________
__

then, the shell closes .

starting the ssh-Service on the machine in debugmode, I got the following
output , if I want to establish the ssh-session ont the client


C:\cygwin\usr\sbin>sshd -d
/etc/sshd_config line 27: Deprecated option RhostsAuthentication
debug1: sshd version OpenSSH_3.7.1p2
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 172.108.20.203 port 3835
debug1: Client protocol version 2.0; client software version
PuTTY-Release-0.53b

debug1: no match: PuTTY-Release-0.53b
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2
debug1: list_hostkey_types: ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes256-cbc hmac-sha1 none
debug1: kex: server->client aes256-cbc hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user p859301 service ssh-connection method none
debug1: attempt 0 failures 0
Failed none for p859301 from 172.108.20.203 port 3835 ssh2
debug1: userauth-request for user p859301 service ssh-connection method
publicke
y
debug1: attempt 1 failures 1
debug1: test whether pkalg/pkblob are acceptable
debug1: temporarily_use_uid: 1049/513 (e=1066/513)
debug1: trying public key file /home/P859301/.ssh/authorized_keys
debug1: matching key found: file /home/P859301/.ssh/authorized_keys, line 1
Found matching RSA key: f8:a7:b3:90:38:0d:57:f2:3e:cf:97:98:ee:04:dd:78
debug1: restore_uid: (unprivileged)
Postponed publickey for p859301 from 172.108.20.203 port 3835 ssh2
debug1: userauth-request for user p859301 service ssh-connection method
publicke
y
debug1: attempt 2 failures 1
debug1: temporarily_use_uid: 1049/513 (e=1066/513)
debug1: trying public key file /home/P859301/.ssh/authorized_keys
debug1: matching key found: file /home/P859301/.ssh/authorized_keys, line 1
Found matching RSA key: f8:a7:b3:90:38:0d:57:f2:3e:cf:97:98:ee:04:dd:78
debug1: restore_uid: (unprivileged)
debug1: ssh_rsa_verify: signature correct
Accepted publickey for p859301 from 172.108.20.203 port 3835 ssh2Accepted
public
key for p859301 from 172.108.20.203 port 3835 ssh2
debug1: monitor_child_preauth: p859301 has been authenticated by privileged
proc
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 256 win 16384 max
16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/tty0
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 2888
debug1: session_exit_message: session 0 channel 0 pid 2888
debug1: session_exit_message: release channel 0
debug1: session_close: session 0 pid 2888
debug1: session_pty_cleanup: session 0 release /dev/tty0
debug1: channel 0: free: server-session, nchannels 1
Connection closed by 172.108.20.203
Closing connection to 172.108.20.203

______________________________________________________________________


the installed cygwin-libaries on the machine:

Cygwin Package Information
Last downloaded files to: D:\cygwin
09102003\ftp%3a%2f%2fcygwin.mirrors.pair.com\release
Last downloaded files from: D:\cygwin
09102003\ftp%3a%2f%2fcygwin.mirrors.pair.com\release

Package              Version            Status
_update-info-dir     00221-1            OK
ash                  20031007-1         OK
base-files           2.6-1              OK
base-passwd          1.1-1              OK
Empty package bash
bash                 2.05b-15           OK
Empty package bzip2
bzip2                1.0.2-5            OK
Empty package cygrunsrv
cygrunsrv            0.96-2             OK
Empty package cygutils
cygutils             1.2.1-2            OK
cygwin               1.5.5-1            OK
Empty package diffutils
diffutils            2.8.4-1            OK
Empty package editrights
editrights           1.01-1             OK
Empty package fileutils
fileutils            4.1-2              OK
Empty package findutils
findutils            4.1.7-4            OK
gawk                 3.1.3-3            OK
Empty package gdbm
gdbm                 1.8.3-7            OK
Empty package grep
grep                 2.5-1              OK
Empty package groff
groff                1.18.1-2           OK
Empty package gzip
gzip                 1.3.5-1            OK
Empty package less
less                 381-1              OK
libbz2_1             1.0.2-5            OK
Empty package libgdbm
libgdbm              1.8.0-5            OK
Empty package libgdbm-devel
libgdbm-devel        1.8.3-7            OK
Empty package libgdbm3
libgdbm3             1.8.3-3            OK
Empty package libgdbm4
libgdbm4             1.8.3-7            OK
Empty package libgettextpo0
libgettextpo0        0.12.1-3           OK
libiconv2            1.9.1-3            OK
Empty package libintl1
libintl1             0.10.40-1          OK
libintl2             0.12.1-3           OK
Empty package libncurses5
libncurses5          5.2-1              OK
Empty package libncurses6
libncurses6          5.2-8              OK
Empty package libncurses7
libncurses7          5.3-4              OK
Empty package libpcre
libpcre              4.1-1              OK
libpcre0             4.4-2              OK
Empty package libpopt0
libpopt0             1.6.4-4            OK
Empty package libreadline4
libreadline4         4.1-2              OK
Empty package libreadline5
libreadline5         4.3-5              OK
Empty package login
login                1.9-7              OK
Empty package man
man                  1.5j-2             OK
Empty package mktemp
mktemp               1.5-3              OK
Empty package ncurses
ncurses              5.3-4              OK
Empty package openssh
openssh              3.7.1p2-1          OK
openssl              0.9.7c-1           OK
Empty package readline
readline             4.3-5              OK
Empty package sed
sed                  4.0.7-3            OK
Empty package sh-utils
sh-utils             2.0.15-4           OK
Empty package tar
tar                  1.13.25-3          OK
Empty package termcap
termcap              20021106-2         OK
Empty package terminfo
terminfo             5.3_20030726-1     OK
Empty package texinfo
texinfo              4.2-4              OK
Empty package textutils
textutils            2.0.21-1           OK
Empty package which
which                1.5-2              OK
Empty package zlib
zlib                 1.1.4-4            OK

Has someone got ssh-keyauthentification to work under windows 2003 ?

greetings,

Stefan Vogler

INF9SD Security Design
e-Mail:	  stefan DOT vogler AT hvbinfo DOT com


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/