X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:to:message-id:subject
	:mime-version:content-type:content-transfer-encoding; q=dns; s=
	default; b=sY/bR090OpKJUPGNe1FbTDOmI8aEcAxA4J5g5kXY9SJk/c9rzDns7
	kBQg+OXNOVkzeqmaHNWYzNi3d43+u6PJfH697EXAxvDPdUwr7N+tb6hRi18PhkjW
	kkqcpEZpVLNx4j88JpGfyyYZRcQUl9Z4xxE+/aFxcUO6i74bYGRaso=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:to:message-id:subject
	:mime-version:content-type:content-transfer-encoding; s=default;
	 bh=WjTrwlYGR5s8S/pKKIXPDm0aUnk=; b=kb2eI+xQVpsE5tY35dFTFxthm0wh
	pJ61ltRYJSzR3QAOhImeFuoaGbOtqOizfVSwx0bNkXQLOzveFYzKLnEatjVtzbUK
	PNMXZJr5J+vJVkKJStEnss6pRI36Wh0Yvd4oY2M4t+4kE44vusKOcLAqqmnNQTAI
	Y6NbNUzVY35YPmI=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=0.5 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2
X-HELO: nm1.bullet.mail.gq1.yahoo.com
Date: Sun, 6 Sep 2015 15:46:03 +0000 (UTC)
From: Zdzislaw Meglicki <zdzisiekm AT sbcglobal DOT net>
Reply-To: Zdzislaw Meglicki <zdzisiekm AT sbcglobal DOT net>
To: "cygwin AT cygwin DOT com" <cygwin AT cygwin DOT com>
Message-ID: <1536135967.1623711.1441554363665.JavaMail.yahoo@mail.yahoo.com>
Subject: Re: Sshd behaving strangely...
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

   > OpenSSH 7.0 (and thus the current 7.1) deprecated a couple 
   > of old and insecure ciphers.  Probably that's the reason.

Well, what I mean is that it is strange that sshd-7.1p1-1 accepts
a connection from ssh-3.9p1, upon announcing that the "key type ssh-dss [is] not in PubkeyAcceptedKeyTypes," and lets the user in having accepted
the password, yet rejects connection from ssh-6.8p1-1 not even allowing
for the presentation of a password, and claims that "seteuid operation
[is] not permitted." 

Why was the operation permitted when the key was not in
PubkeyAcceptedKeyTypes?

This seems to me to be a security bug.

And I still wonder how to configure sshd to allow normal connections
with accepted key types, any documentation out there that would help?

Zdzislaw (Gustav) Meglicki
Indiana University

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple