X-Recipient: archive-cygwin AT delorie DOT com X-Spam-Check-By: sourceware.org Message-ID: <96c450350712232203r666e1f3bx93678ad0c4eaaf98@mail.gmail.com> Date: Mon, 24 Dec 2007 00:03:59 -0600 From: "Kevin Hilton" To: cygwin AT cygwin DOT com Subject: Re: SSHD problems on Vista with no privilege separation In-Reply-To: <96c450350712232027n70da97bdn22f7a999e50f0ac4@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <96c450350712231853j736cf94nd594eeb74c6def7e AT mail DOT gmail DOT com> <96c450350712232027n70da97bdn22f7a999e50f0ac4 AT mail DOT gmail DOT com> Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com I appreciate all the help, but Ive about had it. Ive reinstalled like 20 times on both machines. Here is what I am doing currently with the install (ssh-host-config) priviledge separation - yes create local sshd user - yes install sshd as a service - yes create a new local account ssh_server which has the required privileges - no environment variable CYGWIN=tty ntsec With this configuration (notice with ssh_server = yes I couldnt get the server to start), the sshd server will start During the login process however I now am continually getting this: $ ssh -vvv localhost OpenSSH_4.7p1, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to localhost [127.0.0.1] port 22. debug1: Connection established. debug1: identity file /home/klal/.ssh/identity type -1 debug3: Not a RSA1 key file /home/klal/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /home/klal/.ssh/id_rsa type 1 debug1: identity file /home/klal/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7 debug1: match: OpenSSH_4.7 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.7 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-g roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripemd160 ,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripemd160 ,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-g roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripemd160 ,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripemd160 ,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib AT openssh DOT com debug2: kex_parse_kexinit: none,zlib AT openssh DOT com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 127/256 debug2: bits set: 508/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/klal/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host 'localhost' is known and matches the RSA host key. debug1: Found key in /home/klal/.ssh/known_hosts:1 debug2: bits set: 508/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/klal/.ssh/identity (0x0) debug2: key: /home/klal/.ssh/id_rsa (0x108a540) debug2: key: /home/klal/.ssh/id_dsa (0x0) debug1: Authentications that can continue: publickey,password,keyboard-interacti ve debug3: start over, passed a different list publickey,password,keyboard-interact ive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/klal/.ssh/identity debug3: no such identity: /home/klal/.ssh/identity debug1: Offering public key: /home/klal/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply Connection closed by 127.0.0.1 Ive turned the UAC off and on -- no different behaivor. Ive moved hosts.allow and hosts.deny to hosts.allow.bak and hosts.deny.bak (Ive changed settings in these files too -- none seem to make a difference). Nothing is showing up in the logs to explain the reason why the connection is closing. Any successful Vista users out there? -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/