| www.delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:reply-to:mime-version:to | |
| :subject:references:in-reply-to:content-type | |
| :content-transfer-encoding; q=dns; s=default; b=FwCbr9aGxqAvs4ux | |
| qReyddeWZNjIjyshn/Hf1z3RtM/ms86rdm1n3+Y7ZgP26r9JdGWALdkh+ofyndYv | |
| rH+RkVMWIiuLgM4NAEdbY0aEeBxgf406wX0r+wACMM3ivDLh8MWqKxEyUO3uXkko | |
| bx2gDaYEp6Tn/J3pQvPTQNtgwvg= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:reply-to:mime-version:to | |
| :subject:references:in-reply-to:content-type | |
| :content-transfer-encoding; s=default; bh=Xg+qwieUwKcNn7AvcHYgqw | |
| TWavc=; b=gnqoD9XA7wgW+HSzC/gLbr7S6NPvH1BUMpyp8gpM88VBIRtJd2YPq8 | |
| +qwhTwc8bkNttNg2sRFmlZdqLL0b85ny3HKWuAQRBJY3EJzc3s667YMNbk3MLXF/ | |
| CUdC8NsnMoZk9piRFF7Xd3WfSAus0nItsXI/rNrdkPvv69kQhaWk8= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-1.6 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,T_FRT_BELOW2 autolearn=ham version=3.3.2 |
| X-HELO: | vms173007pub.verizon.net |
| Message-id: | <525DA24B.2060309@cygwin.com> |
| Date: | Tue, 15 Oct 2013 16:15:07 -0400 |
| From: | "Larry Hall (Cygwin)" <reply-to-list-only-lh AT cygwin DOT com> |
| Reply-to: | cygwin AT cygwin DOT com |
| User-Agent: | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.0.1 |
| MIME-version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: SSH Key Authentication is not working |
| References: | <CALHkaY86UwRho0880z4-as_ca3w0rB1_d_ZhHTFKxfkDxpfANg AT mail DOT gmail DOT com> <CALHkaY99CETJOMiRGO5Gs1-TJDtT0vX+FCA5=GBS3n_Ur1OG9A AT mail DOT gmail DOT com> <CALHkaY-zcMO19=jUrVSQ6hd1CzH3eot8JccRPPziTFYj3zEhmg AT mail DOT gmail DOT com> |
| In-reply-to: | <CALHkaY-zcMO19=jUrVSQ6hd1CzH3eot8JccRPPziTFYj3zEhmg@mail.gmail.com> |
On 10/15/2013 12:29 AM, Tadej Animalix wrote: > Thanks for quick reply. Any idea why I didn't receive email about this reply? Typical etiquette for this list is to correspond through the list, though some may make an extra effort to explicitly include your email address if you request it. That courtesy may break down over the course of the thread though, which is at least part of the reason for the preference to do everything through the list. > First I would need to tell you think "sshd.log" may not be from the > same session, so please ignore it. Since you didn't include it, I think that's easy to do. ;-) > After installation of CYGWIN with OpenSSH I added path of bin > directory to global variables and I ran these commands: > chmod +r /etc/passwd > chmod u+w /etc/passwd > chmod +r /etc/group > chmod u+w /etc/group > chmod 755 /var > touch /var/log/sshd.log > chmod 664 /var/log/sshd.log None of this should be required but probably isn't causing a problem. The only difference I saw between what you have above and what I have is /var/log/sshd.log is 644. > Then I started "ssh-host-config" and entered: > "ntsec tty" for saemon Both of these are deprecated. See: <http://cygwin.com/cygwin-ug-net/using-cygwinenv.html#cygwinenv-removed-options> > answered all with yes > > and I changed name to "sshd" and entered a password. This sounds like a problem to me. The 'sshd' user is already created automatically if you ask for "privilege separation", which you did by answering "yes" to all questions. Please re-run 'ssh-host-config' and allow it to use the default 'cyg-server' user name for the service. If you absolutely must change it to something else, do not use 'sshd' or any other existing name. > After that I ran "cyglsa-config" and answered Yes and rebooted computer. While this is certainly a valid way to run sshd, I'm curious why you went this route? Assuming the above advice isn't helpful, try without cyglsa. > Then in cmd I ran "ash" and re-based all with "/usr/bin/rebaseall". > > Then I opened CYGWIN terminal and executed lines bellow: > chown system /etc/ssh* > chown system /var/empty Why are you doing this? 'ssh-host-config' takes care of setting the permissions and ownership as required. What you've done above is wrong. The owner of these files should be the user that is running the 'sshd' service (i.e. 'cyg-server' by default). > mkgroup -l > ..\etc\group > mkpasswd -l > ..\etc\passwd The above also should not be necessary and, depending on where you invoked it from, may not have had any affect at all. > After that I was able to start "CYGWIN sshd" as service and I was able > to connect with user-pwd authentication, but key login doesn't work at > this point. > > I've also tried to CHMOD ".ssh" folder and "authorized_keys" but that > didn't help. Right. Again, 'ssh-user-config' script sets these permissions properly. Just remove '.ssh' and re-run 'ssh-user-config'. > Am I missing something? Given all the changes you've made, I get the feeling that you've missed the '/usr/share/doc/Cygwin/openssh.README' file which, toward the end of the file, has very explicit and simple directions for configuring your OpenSSH installation. It is possible with all the "external" advice you've found and tried, you may find it easier to just wipe your install and start over. If you do so, I recommend that rely only on the config scripts provided to configure your system. If you choose to try to undo what you've done, the scripts can be a good guide to what needs altering. Any future correspondence with the list on this issue should be accompanied by the output of 'cygcheck -svr'. Please *attach* (rather than append) this output. -- Larry _____________________________________________________________________ A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting annoying in email? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |