X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-2.5 required=5.0	tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,RFC_ABUSE_POST,TW_CD,TW_CV,T_TO_NO_BRKTS_FREEMAIL
X-Spam-Check-By: sourceware.org
Message-ID: <4DBA367B.4010605@gmail.com>
Date: Thu, 28 Apr 2011 23:54:35 -0400
From: Jason Schamp <jason DOT schamp AT gmail DOT com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.15) Gecko/20110303 Thunderbird/3.1.9
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Bump! SSH works great, SFTP with a keypair fails. Please take a look at this log...
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

I've struggled with this for weeks. I'm using Cygwin v1.7.5 or v1.7.7 and see the same behavior. SSH with or
without a key pair will work flawlessly every time. SFTP with a password will work fine, but SFTP with a key
pair will fail every time. The server thinks the publickey is accepted and then calls the SFTP subsystem... but it
will disconnect a few seconds later. sftp-server.exe has the privileged server and domain users in the NTFS
security and the privilege server has modify rights. It really looks like it should be working. Any ideas?


Here is the debug code from the client when attempting to SFTP with a 
key pair:

SCHAMJI AT OHCSCXXE85061MT /cygdrive/c
$ sftp -v -v -v -i /cygdrive/c/id_rsa RISF01P AT SDC01DERFNPA01S
OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to SDC01DERFNPA01S [10.16.107.184] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/cygdrive/c/id_rsa" as a RSA1 public key
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /cygdrive/c/id_rsa type 1
debug1: identity file /cygdrive/c/id_rsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.4
debug1: match: OpenSSH_5.4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "sdc01derfnpa01s" from file
"/home/SCHAMJI/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file/home/SCHAMJI/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs:
ssh-rsa-cert-v01 AT openssh DOT com,ssh-rsa-cert-v00 AT openssh DOT com,ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hell
man-group-exchange-s
roup1-sha1
debug2: kex_parse_kexinit:
ssh-rsa-cert-v01 AT openssh DOT com,ssh-rsa-cert-v00 AT openssh DOT com,ssh-rsa,ecdsa-sha2-nistp256-cert-v01 AT open
ssh.com,ecdsa-sha2-nistp38
v01 AT openssh DOT com,ssh-dss-cert-v01 AT openssh DOT com,ssh-dss-cert-v00 AT openssh DOT com,ecdsa-sha2-nistp256,ec
dsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes
192-cbc,aes256-cbc,arc
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes
192-cbc,aes256-cbc,arc
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-
96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-
96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-h
ellman-group1-sha
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes
192-cbc,aes256-cbc,arc
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes
192-cbc,aes256-cbc,arc
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-
96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64 AT openssh DOT com,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-
96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com
debug2: kex_parse_kexinit: none,zlib AT openssh DOT com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 120/256
debug2: bits set: 499/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 32:66:18:8a:65:63:09:b8:50:49:ef:99:28:67:62:67
debug3: load_hostkeys: loading entries for host "sdc01derfnpa01s" from file
"/home/SCHAMJI/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file/home/SCHAMJI/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "10.16.107.184" from file
"/home/SCHAMJI/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file/home/SCHAMJI/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys
debug1: Host 'sdc01derfnpa01s' is known and matches the RSA host key.
debug1: Found key in/home/SCHAMJI/.ssh/known_hosts:6
debug2: bits set: 539/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /cygdrive/c/id_rsa (0x6a87b8)
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /cygdrive/c/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp 57:a6:41:9f:47:dd:95:c2:db:af:8b:c2:32:fa:c7:71
debug3: sign_and_send_pubkey: RSA 57:a6:41:9f:47:dd:95:c2:db:af:8b:c2:32:fa:c7:71
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to SDC01DERFNPA01S ([10.16.107.184]:22).
debug2: fd 4 setting O_NONBLOCK
debug2: fd 5 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requestingno-more-sessions AT openssh DOT com
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x08
debug1: Sending subsystem: sftp
debug2: channel 0: request subsystem confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: subsystem request accepted on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
debug1: client_input_channel_req: channel 0 rtypeeow AT openssh DOT com  reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open ->   closed
debug2: channel 0: rcvd eof
debug2: channel 0: output open ->   drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain ->   closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
   #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)


debug3: fd 0 is not O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
Transferred: sent 2624, received 2280 bytes, in 0.5 seconds
Bytes per second: sent 5085.3, received 4418.6
debug1: Exit status -1
Connection closed


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple