X-Spam-Check-By: sourceware.org
Message-ID: <797650580607250935n4c59e262i19832a16f7ff579c@mail.gmail.com>
Date: Tue, 25 Jul 2006 12:35:15 -0400
From: "Arian Hojat" <armyofda12mnkeys AT gmail DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: FW: sshd on windows server 2003 64bit
In-Reply-To: <009f01c6b003$5dd88820$1462a8c0@CASSANDRA5>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Disposition: inline
References: <009f01c6b003$5dd88820$1462a8c0 AT CASSANDRA5>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by delorie.com id k6PGZUQb022958

Not a RSA1 key file /etc/ssh_host_key.???You check to see if its valid file still with RSA info in there?i dunno maybe run ssh-host-config or ssh-keygen again to resetsettings on server and add new RSA key in that dir.

On 7/25/06, Andy Keane <Andy DOT Keane AT soton DOT ac DOT uk> wrote:>> I have a problem with the latest sshd on cygwin:>> debug2: load_server_config: filename /etc/sshd_config> debug2: load_server_config: done config len = 34> debug2: parse_server_config: config /etc/sshd_config len 34> debug1: sshd version OpenSSH_4.3p2> debug3: Not a RSA1 key file /etc/ssh_host_key.> debug1: read PEM private key done: type RSA> debug1: private host key: #0 type 1 RSA> Could not load host key: /etc/ssh_host_rsa_key> Could not load host key: /etc/ssh_host_dsa_key> Disabling protocol version 1. Could not load host key> debug1: rexec_argv[0]='/usr/sbin/sshd'> debug1: rexec_argv[1]='-d'> debug1: rexec_argv[2]='-d'> debug1: rexec_argv[3]='-d'> debug2: fd 3 setting O_NONBLOCK> debug1: Bind to port 22 on 0.0.0.0.> Server listening on 0.0.0.0 port 22.> debug1: fd 4 clearing O_NONBLOCK> debug1: Server will not fork when running in debugging mode.> debug3: send_rexec_state: entering fd = 7 config len 34> debug3: ssh_msg_send: type 0> debug3: send_rexec_state: done> debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7> debug1: inetd sockets after dupping: 3, 3> Connection from 192.168.96.33 port 45771> debug1: Client protocol version 2.0; client software version OpenSSH_3.1p1> debug1: match: OpenSSH_3.1p1 pat OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1*> debug1: Enabling compatibility mode for protocol 2.0> debug1: Local version string SSH-2.0-OpenSSH_4.3> debug2: fd 3 setting O_NONBLOCK> debug2: Network child is on pid 2772> debug3: preauth child monitor started> debug3: mm_request_receive entering> debug1: list_hostkey_types: ssh-rsa> debug1: SSH2_MSG_KEXINIT sent> debug1: SSH2_MSG_KEXINIT received> debug2: kex_parse_kexinit:> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellma> n-group1-sha1> debug2: kex_parse_kexinit: ssh-rsa> debug2: kex_parse_kexinit:> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,a> es192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes25> 6-ctr> debug2: kex_parse_kexinit:> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,a> es192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes25> 6-ctr> debug2: kex_parse_kexinit:> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hm> ac-md5-96> debug2: kex_parse_kexinit:> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hm> ac-md5-96> debug2: kex_parse_kexinit: none,zlib AT openssh DOT com> debug2: kex_parse_kexinit: none,zlib AT openssh DOT com> debug2: kex_parse_kexinit:> debug2: kex_parse_kexinit:> debug2: kex_parse_kexinit: first_kex_follows 0> debug2: kex_parse_kexinit: reserved 0> debug2: kex_parse_kexinit:> diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss> debug2: kex_parse_kexinit:> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc> debug2: kex_parse_kexinit:> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc> debug2: kex_parse_kexinit:> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hm> ac-md5-96> debug2: kex_parse_kexinit:> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hm> ac-md5-96> debug2: kex_parse_kexinit: none> debug2: kex_parse_kexinit: none> debug2: kex_parse_kexinit:> debug2: kex_parse_kexinit:> debug2: kex_parse_kexinit: first_kex_follows 0> debug2: kex_parse_kexinit: reserved 0> debug2: mac_init: found hmac-md5> debug1: kex: client->server aes128-cbc hmac-md5 none> debug2: mac_init: found hmac-md5> debug1: kex: server->client aes128-cbc hmac-md5 none> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received> debug3: mm_request_send entering: type 0> debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI> debug3: mm_request_receive_expect entering: type 1> debug3: mm_request_receive entering> debug3: monitor_read: checking request 0> debug3: mm_answer_moduli: got parameters: 1024 2048 8192> debug3: mm_request_send entering: type 1> debug2: monitor_read: 0 used once, disabling now> debug3: mm_request_receive entering> debug3: mm_choose_dh: remaining 0> debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent> debug2: dh_gen_key: priv key bits set: 141/256> debug2: bits set: 1036/2048> debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT> debug2: bits set: 1013/2048> debug3: mm_key_sign entering> debug3: mm_request_send entering: type 4> debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN> debug3: mm_request_receive_expect entering: type 5> debug3: mm_request_receive entering> debug3: monitor_read: checking request 4> debug3: mm_answer_sign> debug3: mm_answer_sign: signature 0x100134e8(271)> debug3: mm_request_send entering: type 5> debug2: monitor_read: 4 used once, disabling now> debug3: mm_request_receive entering> debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent> debug2: kex_derive_keys> debug2: set_newkeys: mode 1> debug1: SSH2_MSG_NEWKEYS sent> debug1: expecting SSH2_MSG_NEWKEYS> debug2: set_newkeys: mode 0> debug1: SSH2_MSG_NEWKEYS received> debug1: KEX done> debug1: userauth-request for user ajk service ssh-connection method none> debug1: attempt 0 failures 0> debug3: mm_getpwnamallow entering> debug3: mm_request_send entering: type 6> debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM> debug3: mm_request_receive_expect entering: type 7> debug3: mm_request_receive entering> debug3: monitor_read: checking request 6> debug3: mm_answer_pwnamallow> debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1> debug3: mm_request_send entering: type 7> debug2: monitor_read: 6 used once, disabling now> debug3: mm_request_receive entering> debug2: input_userauth_request: setting up authctxt for ajk> debug3: mm_inform_authserv entering> debug3: mm_request_send entering: type 3> debug2: input_userauth_request: try method none> debug3: mm_auth_password entering> debug3: mm_request_send entering: type 10> debug3: monitor_read: checking request 3> debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD> debug3: mm_answer_authserv: service=ssh-connection, style=> debug3: mm_request_receive_expect entering: type 11> debug3: mm_request_receive entering> debug2: monitor_read: 3 used once, disabling now> debug3: mm_request_receive entering> debug3: monitor_read: checking request 10> debug3: mm_answer_authpassword: sending result 0> debug3: mm_request_send entering: type 11> Failed none for ajk from 192.168.96.33 port 45771 ssh2> debug3: mm_auth_password: user not authenticated> debug3: mm_request_receive entering> debug1: userauth-request for user ajk service ssh-connection method> publickey> debug1: attempt 1 failures 1> debug2: input_userauth_request: try method publickey> debug1: test whether pkalg/pkblob are acceptable> debug3: mm_key_allowed entering> debug3: mm_request_send entering: type 20> debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED> debug3: mm_request_receive_expect entering: type 21> debug3: mm_request_receive entering> debug3: monitor_read: checking request 20> debug3: mm_answer_keyallowed entering> debug3: mm_answer_keyallowed: key_from_blob: 0x1001d948> debug1: temporarily_use_uid: 11155/10512 (e=11155/10512)> seteuid 11155: Permission denied> debug1: do_cleanup> debug1: do_cleanup>>>> Does anyone know why this is happening – the user 11155 has Administrator> privileges as a domain admin.> This setup used to work about 8 weeks ago and as far as I can tell I have> not changed anything that should matter!>> Regards>> Andy>> Prof. Andy Keane,> School of Engineering Sciences, University of Southampton, Highfield,> Southampton, SO17 1BJ, UK.> Tel +44(0)2380 592944, Fax +44(0)2380 594813, Mob +44(0)7802 422728> http://www.soton.ac.uk/~ajk> See our new book at http://www.aerospacedesign.org>>>>>>> --> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple> Problem reports:       http://cygwin.com/problems.html> Documentation:         http://cygwin.com/docs.html> FAQ:                   http://cygwin.com/faq/>>