DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type; q=dns; s=default; b=U7
	jUlxjQkg8OsutPTWg5SIAQROGytHP9GDlHZ8DFqyfDMVR54fz1Ha0G57vNGB3p6b
	XcLcPXA3B5+WbpPxsRCbpWnqwHYHaJBW8856Lr4UVtq8EFAQ+LDEEhIMVVN93JeS
	D29cACc81jRZGV9OQu63owChObgpIGJ/lPCuRLlBA=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
MIME-Version: 1.0
In-Reply-To: <537D4EB6.4020308@oliveyou.net>
References: <537D458E DOT 9060507 AT oliveyou DOT net>	<537D4EB6 DOT 4020308 AT oliveyou DOT net>
Date: Wed, 21 May 2014 21:52:19 -0400
Message-ID: <CAMhuX2AHutZvKZnGLTn3EF+3cj54oPrj-VFOvC8s4DS0H65O2g@mail.gmail.com>
Subject: Re: Cannot log in to SSHD, either with public key or password
From: Evan Rowley <rowley DOT evan AT gmail DOT com>
To: Andrey Repin <cygwin AT cygwin DOT com>
Content-Type: text/plain; charset=UTF-8

This page has a lot of good information in it:
http://cygwin.com/cygwin-ug-net/ntsec.html

One part you might want to look at is where it mentions
"cyglsa-config" - this could be useful to you given what you're trying
to set up. In order to utilize this, you'll also want to enable the
"Create a token object" and "Act as part of the operating system"
local security policy options.

These are things I've missed in the past when setting up sshd to work
with key-based authentication. They might not be relevant to the
problem you're having, but it's still good to have the bases covered.

On Wed, May 21, 2014 at 9:11 PM, Chloe <starrychloe AT oliveyou DOT net> wrote:
>
> Please help, I cannot log into Cygwin with SSH.
>
> ssh -vvv Chloe AT localhost log: http://pastebin.com/vt2aP86F
>
> I don't know why it says
> debug3: Could not load "/home/Chloe/.ssh/id_rsa" as a RSA1 public key
> because I can use that key to log into a VPS.
>
> I installed the latest ssh. I verified permissions:
>
> ---------------------------
> $ ls -ld . *
> drw-------+ 1 Chloe None     0 May 21 19:31 .
> -rw-------  1 Chloe None   395 May 21 19:31 authorized_keys
> -rw-------  1 Chloe None  1638 Apr  6  2009 authorized_keys.old
> -rw-------  1 Chloe None   668 Apr  6  2009 id_dsa
> -rw-------  1 Chloe None   603 Apr  6  2009 id_dsa.pub
> -rw-------  1 Chloe None  1675 Apr  6  2009 id_rsa
> -rw-------  1 Chloe None  1464 Apr 23  2009 id_rsa.ppk
> -rw-------  1 Chloe None   395 Apr  6  2009 id_rsa.pub
> -rw-------  1 Chloe None   976 Apr  6  2009 identity
> -rw-------  1 Chloe None   640 Apr  6  2009 identity.pub
> -rw-------  1 Chloe None 12226 May 21 19:30 known_hosts
> ------------------------------
>
> This is the error in Application event viewer log:
>
> ---------------------
> The description for Event ID 0 from source sshd cannot be found. Either the
> component that raises this event is not installed on your local computer or
> the installation is corrupted. You can install or repair the component on
> the local computer.
>
> If the event originated on another computer, the display information had to
> be saved with the event.
>
> The following information was included with the event:
>
> sshd: PID 6840: Failed password for Chloe from 127.0.0.1 port 49802 ssh2
> -----------------------
>
> I've also tried
> $ ssh chloe AT localhost
> and
> $ ssh Chloe AT 127 DOT 0 DOT 0 DOT 1
> and I've also tried Putty.
>
> Here are non-comments in sshd_config
>
> -----------------------------------------------------------
> $ grep -v ^\# /etc/sshd_config | grep -ve '^\s*$'
> Port 22
> ListenAddress 127.0.0.1
> StrictModes no
> AuthorizedKeysFile      .ssh/authorized_keys
> UsePrivilegeSeparation sandbox          # Default for new installations.
> Subsystem       sftp    /usr/sbin/sftp-server
> -------------------------------------------------------------
>
> I see this in the sshd.log
>
> ----------------------------------
> $ tail -1 /var/log/sshd.log
> Could not load host key: /etc/ssh_host_ecdsa_key
> -----------------------------------
>
> But I don't understand why it can't open it. That's how ssh-host-config set
> it up. I had to change owner for sshd_config to myself so I could save my
> edits (ListenAddress).
>
> ------------------------------------
> $ ls -l ssh*
> -rw-r--r--  1 cyg_server root 1574 May 21 19:22 ssh_config
> -rw-------  1 cyg_server root  672 May 21 18:19 ssh_host_dsa_key
> -rw-r--r--  1 cyg_server root  599 May 21 18:19 ssh_host_dsa_key.pub
> -rw-------  1 cyg_server root  227 May 21 18:19 ssh_host_ecdsa_key
> -rw-r--r--  1 cyg_server root  171 May 21 18:19 ssh_host_ecdsa_key.pub
> -rw-------  1 cyg_server root  399 May 21 18:19 ssh_host_ed25519_key
> -rw-r--r--  1 cyg_server root   91 May 21 18:19 ssh_host_ed25519_key.pub
> -rw-------  1 cyg_server root  974 May 21 18:19 ssh_host_key
> -rw-r--r--  1 cyg_server root  639 May 21 18:19 ssh_host_key.pub
> -rw-------  1 cyg_server root 1675 May 21 18:19 ssh_host_rsa_key
> -rw-r--r--  1 cyg_server root  391 May 21 18:19 ssh_host_rsa_key.pub
> -rw-------+ 1 Chloe      root 3640 May 21 20:10 sshd_config
> ------------------------------------
>
> I checked in Task Manager and sshd is running as cyg_server.
>
>
>
>
>
>
>
> --
> Problem reports:       http://cygwin.com/problems.html
> FAQ:                   http://cygwin.com/faq/
> Documentation:         http://cygwin.com/docs.html
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
>


-- 
 - EJR

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple