X-Spam-Check-By: sourceware.org
Message-ID: <4685C08F.610BF38B@dessent.net>
Date: Fri, 29 Jun 2007 19:31:43 -0700
From: Brian Dessent <brian AT dessent DOT net>
X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: Private key file permissions w/Cygwin OpenSSH on Vista
References: <4685A8FB DOT 4020309 AT gmail DOT com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
Reply-To: cygwin AT cygwin DOT com
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Siva wrote:

> Re:  binary distro of OpenSSH 3.8.1p1

If this is a reply to a previous message then please send it as an
actual reply, don't start a new thread.  Otherwise, you break threading
in the archives and for anyone using a threaded email client.

> I've been unable to use Cygwin's OpenSSH on Vista w/public key
> authentication because ssh.exe always states the file permissions on the
> private key file--"id_rsa"--are too open.
> 
> I've used the chmod.exe utility to change the permissions on the id_rsa
> file to 600, but ssh.exe still pops up with the same error message.
> 
> I've also used Windows' cacls.exe command to alter the ACLs for the file
> to be ONLY read-accesible to the current user, and the same thing happens.
> 
> This behavior DOES NOT occur on XP and 2000 when I try it, i. e.
> chmod.exe WORKS on these OSs to change id_rsa's permissions so that
> ssh.exe is happy (i. e. to 0600).
> 
> Is there a specific bona-fide way to set the id_rsa file's permission to
> always be acceptable to Cygwin SSH on Vista, in addition to the other
> Windows OSs?

I can't reproduce this.  I just tried using a stock Cygwin 1.5.24 and
OpenSSH 4.6p1-1 under Vista and it worked fine.  The default permissions
set on the private keyfile by ssh-keygen worked without any fiddling.

$ ls -l .ssh/id*
-rw------- 1 brian None 1675 Jun 29 19:20 .ssh/id_rsa
-rw-r--r-- 1 brian None  393 Jun 29 19:20 .ssh/id_rsa.pub

So, I think you're going to need to give us a lot more information about
your config, starting with the cygcheck output as requested at
<http://cygwin.com/problems.html>.  It would also be good to know why
you're trying to use this very old version of OpenSSH, which might mean
that your version of Cygwin is ancient too.

Brian

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/