Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Message-Id: Date: Sun, 18 Sep 2005 04:09:38 -0500 From: "Bill Martin" To: Subject: SSH Client Odditie with shosts on 2K/2K3/XP?? Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id j8I9AZJ1031883 I am utterly confused . . . Win2K3 Server latest patches, latest install of Cygwin (DLL version: 1.5.18) and OpenSSH (openssh 4.2p1-1). No trouble getting SSHD to behave properly once configured; I can authenticate to this box via shosts from remote Linux and UNIX systems. I cannot use the Cygwin SSH client to do host based authentication to another server that I typically can SSH to via host base (-o PreferredAuthentications hostbased) or even to the localhost. The Linux / UNIX boxes I tries are running SSH daemons, and they are configured to allow host base and work fine both as clients and servers to one another, so I know I have their configuration correct. I can SSH locally and auth via public key, but not host based even after the shosts file is configured. It appears that when the PreferredAuthentication is passed, it sees the hostbased statement, but just dies. Mind you, I can SSH from a remote location to the same server once the shosts file is configured and it works fine. ssh_config --------------------- AddressFamily inet EnableSSHKeysign yes HostbasedAuthentication yes LogLevel DEBUG3 PreferredAuthentications 'hostbased,publickey,keyboard-interactive,password' Protocol 2 PubkeyAuthentication yes RhostsAuthentication yes RhostsRSAAuthentication yes RSAAuthentication yes UsePrivilegedPort yes Host * ForwardX11 yes After a number of traces, and running in verbose mode, it appears to just die when it sees the "hostbased" statement. Example: debug1: Connecting to localhost [127.0.0.1] port 22. debug1: Allocated local port 816. debug1: Connection established. ------- debug1: identity file /home/Administrator/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2 debug1: match: OpenSSH_4.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.2 ------- debug1: Host 'localhost' is known and matches the RSA host key. debug1: Found key in /home/Administrator/.ssh/known_hosts:1 debug2: bits set: 547/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/Administrator/.ssh/id_rsa (0x1002ec10) debug2: key: /home/Administrator/.ssh/id_dsa (0x1002a538) debug1: Authentications that can continue: publickey,password,keyboard-interactive,hostbased debug3: start over, passed a different list publickey,password,keyboard-interactive,hostbased debug3: preferred hostbased debug3: authmethod_lookup hostbased debug3: remaining preferred: debug3: authmethod_is_enabled hostbased debug1: Next authentication method: hostbased debug2: userauth_hostbased: chost cms01. debug2: ssh_keysign called debug3: ssh_msg_send: type 2 debug3: ssh_msg_recv entering could not open any host key ssh_keysign: no reply key_sign failed debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey,password,keyboard-interactive,hostbased). If I specify "ssh localhost -o 'PreferredAuthentications hostbased,publickey'" all is fine . . . .but it auths bashed on public key. I even went to far as to setuid on the ssh.exe, so what AM I missing? -bill- -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/