Mail Archives: cygwin/2003/05/22/20:24:59

www.delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2003/05/22/20:24:59

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sources.redhat.com/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

X-Injected-Via-Gmane: http://gmane.org/

To: cygwin AT cygwin DOT com

From: Andrew DeFaria <ADeFaria AT Salira DOT com>

Subject: Re: Question about "rexec"

Date: Thu, 22 May 2003 17:24:59 -0700

Lines: 55

Message-ID: <bajpin$lt3$1@main.gmane.org>

References: <OF7733B313 DOT 5DACF56D-ON88256D2D DOT 0074D1D5 AT ds-us DOT com> <Pine DOT GSO DOT 4 DOT 44 DOT 0305211929530 DOT 26639-100000 AT slinky DOT cs DOT nyu DOT edu> <bajdmg$mm5$1 AT main DOT gmane DOT org> <000901c320a7$011f94a0$6400a8c0 AT FoxtrotTech0001> <001b01c320a7$b299d880$6400a8c0 AT FoxtrotTech0001> <bajj1g$qdk$1 AT main DOT gmane DOT org> <007401c320b5$d4f5bdf0$6400a8c0 AT FoxtrotTech0001>

Mime-Version: 1.0

X-Complaints-To: usenet AT main DOT gmane DOT org

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4b) Gecko/20030515 Thunderbird/0.1a

X-Accept-Language: en-us, en

In-Reply-To: <007401c320b5$d4f5bdf0$6400a8c0@FoxtrotTech0001>

Bill C. Riemers wrote:

>You might also want to check the ownership of your home directory and .ssh
>directory, as that is the only thing I can think of that would cause the
>touch error in your previous message.  If ownership or permissions are
>wrong, then sshd defaults to require a password rather than trusting that
>nobody else has changed the key files.
>  
>
Herein I believe my difficulties lie. That an not understanding Windows 
permissions vs Unix permissions and how such things are mapped. Here's 
what I do know:

$ cd ~/.ssh
$ ls -l
total 6
-rw-r--r--    1 adefaria Domain U      227 May 22 17:10 authorized_keys
-rw-r--r--    1 adefaria Domain U      227 May 22 15:25 authorizedkeys
-rw-r--r--    1 adefaria Domain U      887 May 22 15:22 id_rsa
-rw-r--r--    1 adefaria Domain U      227 May 22 15:22 id_rsa.pub
-rw-r--r--    1 adefaria Domain U     1624 May 22 15:19 known_hosts
$ chmod 600 id_rsa*
$ ls -l
total 6
-rw-r--r--    1 adefaria Domain U      227 May 22 17:10 authorized_keys
-rw-r--r--    1 adefaria Domain U      227 May 22 15:25 authorizedkeys
-rw-r--r--    1 adefaria Domain U      887 May 22 15:22 id_rsa
-rw-r--r--    1 adefaria Domain U      227 May 22 15:22 id_rsa.pub
-rw-r--r--    1 adefaria Domain U     1624 May 22 15:19 known_hosts

Nothing. So I go into Windows Explorer and look at the Security setting 
on the Properties dialog. I attempt to remove the users in the Security 
section and it tells me that I have to stop inheriting permissions. So I 
go to stop inheriting permissions and tell it to remove everything. Now 
nobody's listed in the Securities section. Windows warns me that only 
the create of the file will be able to access it. I look in Cygwin with 
ls -l and the mode bits are the same. I try the chmod again and there is 
no change! So I add my user back to having full control. My user is the 
only user listed now but the mode bits are still 644.

When I try to ssh $(hostname) cmd I get:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/us/adefaria/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /us/adefaria/.ssh/id_rsa

Now what?!?

(It would be nice if somebody who really knew the algorithm could 
explain Windows permissions and how they are mapped to Unix mode bits).

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
X-Injected-Via-Gmane:	http://gmane.org/
To:	cygwin AT cygwin DOT com
From:	Andrew DeFaria <ADeFaria AT Salira DOT com>
Subject:	Re: Question about "rexec"
Date:	Thu, 22 May 2003 17:24:59 -0700
Lines:	55
Message-ID:	<bajpin$lt3$1@main.gmane.org>
References:	<OF7733B313 DOT 5DACF56D-ON88256D2D DOT 0074D1D5 AT ds-us DOT com> <Pine DOT GSO DOT 4 DOT 44 DOT 0305211929530 DOT 26639-100000 AT slinky DOT cs DOT nyu DOT edu> <bajdmg$mm5$1 AT main DOT gmane DOT org> <000901c320a7$011f94a0$6400a8c0 AT FoxtrotTech0001> <001b01c320a7$b299d880$6400a8c0 AT FoxtrotTech0001> <bajj1g$qdk$1 AT main DOT gmane DOT org> <007401c320b5$d4f5bdf0$6400a8c0 AT FoxtrotTech0001>
Mime-Version:	1.0
X-Complaints-To:	usenet AT main DOT gmane DOT org
User-Agent:	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4b) Gecko/20030515 Thunderbird/0.1a
X-Accept-Language:	en-us, en
In-Reply-To:	<007401c320b5$d4f5bdf0$6400a8c0@FoxtrotTech0001>