X-Recipient: archive-cygwin AT delorie DOT com
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 957A93857034
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=yandex.ru
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=yandex.ru
X-Yandex-Fwd: 2
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
 t=1648757102; bh=j8fr2yFwTZpybcOnm5EOhIVJZjQLKjlvU5rT2suYMLM=;
 h=In-Reply-To:Subject:To:From:Message-ID:References:Date:Reply-To;
 b=Tp5QY2UhUHyihmwUW4/ebBiaWRIp317N78tgM9FJPK7TO/oFaRXVrAlmiFks7T09y
 W7FkdKwZeVZR1oVj+meDl1SrS3qkjDxAeinPwEXJeYEJOnAT/5+N5SYQv52+xYzJ6H
 l4PuayuyP/HSxgYo7EuDY5g0K1I8CM6VP6GbdkPo=
Authentication-Results: sas8-725cda28fc94.qloud-c.yandex.net;
 dkim=pass header.i=@yandex.ru
Date: Thu, 31 Mar 2022 23:04:35 +0300
From: Andrey Repin <anrdaemon AT yandex DOT ru>
X-Mailer: The Bat! (v9.3.4) Professional
Message-ID: <222393658.20220331230435@yandex.ru>
To: Chris Roehrig <croehrig AT house DOT org>, cygwin AT cygwin DOT com
Subject: Re: SSH connection from Linux to Windows by CYGSSHD: port 22
In-Reply-To: <eeb134dc-e44a-b24f-313d-ac74be6c8fca@house.org>
References: <AM9PR04MB8748489350878A860F10700B871F9 AT AM9PR04MB8748 DOT eurprd04 DOT prod DOT outlook DOT com>
 <114169113 DOT 20220331161839 AT yandex DOT ru>
 <eeb134dc-e44a-b24f-313d-ac74be6c8fca AT house DOT org>
MIME-Version: 1.0
X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, KAM_NUMSUBJECT,
 KAM_THEBAT, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE,
 XM_LIGHT_HEAVY autolearn=no autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
Reply-To: cygwin AT cygwin DOT com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>

Greetings, Chris Roehrig!

> I recently had to add the following lines to my Cygwin /etc/sshd_config to
> re-enable RSA in order for my older machines to connect:

> HostKeyAlgorithms +ssh-rsa
> PubkeyAcceptedAlgorithms +ssh-rsa

I'm not using RSA for, like, 5 years now.
Too long to manage.

> -- Chris

> On 2022-03-31 06:18, Andrey Repin wrote:
>> Greetings, Greco Giovanni!
>>
>>> must port 22 on Windows server be enabled in a bidirectional way to
>>> establish a connection with RSA key exchange?
>>> I have a Linux server on a vlan and a Windows server on another vlan, those
>>> vlans are connected thru a firewall, where port 22 is enabled from Linux
>>> server to Windows server unidirectionally.
>>> Connection with user and password works, but not with RSA key exchange: is
>>> the problem located on port 22 unidirectional enabling?
>> No, it is most likely because you are connecting to Microsoft provided
>> OpenSSH.
>> `netstat -aon` and `ps ax` will tell you more.
>>
>>




-- 
With best regards,
Andrey Repin
Thursday, March 31, 2022 23:03:27

Sorry for my terrible english...


-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple