X-Spam-Check-By: sourceware.org
Message-ID: <4656341F.2000603@u.washington.edu>
Date: Thu, 24 May 2007 17:55:59 -0700
From: Dan Miller <dgmiller AT u DOT washington DOT edu>
Reply-To: dguthriem AT gmail DOT com
User-Agent: Thunderbird 2.0.0.0 (Windows/20070326)
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: password authentication fails in cygwin openssh windows xp pro
References: <4655A077 DOT 60407 AT gmail DOT com> <Pine DOT LNX DOT 4 DOT 58 DOT 0705241028510 DOT 18442 AT dargo DOT trilug DOT org> <4655A398 DOT 80504 AT u DOT washington DOT edu> <f354ln$t9h$1 AT sea DOT gmane DOT org>
In-Reply-To: <f354ln$t9h$1@sea.gmane.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

René Berber wrote:
> Dan Miller wrote:
>
>   
>> OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
>> debug1: Reading configuration data /etc/ssh_config
>> debug2: ssh_connect: needpriv 0
>> debug1: Connecting to localhost [127.0.0.1] port 22.
>> debug1: Connection established.
>> debug1: identity file /home/dan/.ssh/identity type -1
>> debug1: identity file /home/dan/.ssh/id_rsa type -1
>> debug1: identity file /home/dan/.ssh/id_dsa type -1
>>     
>
> These last 3 mean you didn't use ssh-user-config, contrary of what you said
> before... but that is not the problem.
>
> [snip]
>   
>> Permission denied, please try again.
>> debug3: packet_send2: adding 64 (len 48 padlen 16 extra_pad 64)
>> debug2: we sent a password packet, wait for reply
>> debug1: Authentications that can continue: publickey,password
>> Permission denied, please try again.
>> debug3: packet_send2: adding 64 (len 48 padlen 16 extra_pad 64)
>> debug2: we sent a password packet, wait for reply
>> debug1: Authentications that can continue: publickey,password
>> debug2: we did not send a packet, disable method
>> debug1: No more authentication methods to try.
>> Permission denied (publickey,password).
>>     
>
> OK, nothing unusual here.
>
> Does user "dan" has a non-empty password?  If no, are you sure you are using the
> correct exact password?  The output above shows what happens when you use the
> wrong password, uppercase/lowercase/length has to be correct.
>
> Did you change anything in /etc/sshd_config?
>
> Let's try public key:
>
> As user "dan" run ssh-user-config, it should ask you a few things and take some
> time to generate your private/public keys.
>
> Check that the keys were created in /home/dan/.ssh (names are identity, id_dsa,
> id_rsa, and the same with .pub extension -- not all 3 are necessary but at least
> one of the id_[dr]sa is); if they were not created check the permissions on
> ~/.ssh, they should be "drwxr---- dan None".
>
> Run `cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys` (change id_dsa.pub if you
> don't have the rsa key).
>
> Try again `ssh dan AT localhost`, this time you are using password-less login
> (public key).
>   
Rene,

Really appreciate you taking a look at this.

After trying everything possible as described in my first e-mail I 
reset/uninstalled everything including cygwin, registry entries, path 
variables, cygwin variables etc. Then I reinstalled cygwin and openssh, 
ran ssh-host-config and emailed this list server. So you are right, I 
currently had not run ssh-user-config on this install. I also no longer 
have a sshdproc user with the rights I originally stated because I 
wanted to start from scratch. I wasn't sure how much I had done before 
was right or wrong. So, I now ran ssh-user-config and generated key 
files. they ended up in /home/dan/.ssh as you suggested. I cat'd them to 
authorized keys and still there is a login problem. It appears the key 
file format may be wrong. here is the output now of ssh -vvv localhost.

Should I recreate the sshdproc user with appropriate rights before we 
continue?

Dan

OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/dan/.ssh/identity type -1
debug3: Not a RSA1 key file /home/dan/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/dan/.ssh/id_rsa type 1
debug1: identity file /home/dan/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.6
debug1: match: OpenSSH_4.6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: 
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: 
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: 
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: 
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: 
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: 
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 121/256
debug2: bits set: 508/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/dan/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /home/dan/.ssh/known_hosts:1
debug2: bits set: 514/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/dan/.ssh/identity (0x0)
debug2: key: /home/dan/.ssh/id_rsa (0x6aa608)
debug2: key: /home/dan/.ssh/id_dsa (0x0)
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/dan/.ssh/identity
debug3: no such identity: /home/dan/.ssh/identity
debug1: Offering public key: /home/dan/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/dan/.ssh/id_dsa
debug3: no such identity: /home/dan/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
debug3: packet_send2: adding 64 (len 48 padlen 16 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug3: packet_send2: adding 64 (len 48 padlen 16 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug3: packet_send2: adding 64 (len 48 padlen 16 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,password).

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/