X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Message-ID: <4923E945.80905@criptos.com>
Date: Wed, 19 Nov 2008 11:24:05 +0100
From: =?ISO-8859-1?Q?Tom=E0s_N=FA=F1ez?= <tomas AT criptos DOT com>
User-Agent: Thunderbird 2.0.0.16 (Windows/20080708)
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: Cygwin sshd key auth doesn't work (seteuid 500: Permission denied)  [SOLVED]
References: <4923DCFA DOT 4030001 AT criptos DOT com>
In-Reply-To: <4923DCFA.4030001@criptos.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Hi

I've found this doc
http://ist.uwaterloo.ca/~kscully/CygwinSSHD_W2K3.html
and followed the part of "privilege separation". After that, everything 
worked fine with key auth.

Thanks anyway!!

Tomās

En/na Tomās Núņez ha escrit:
>>>     sshd: PID 8272: fatal: seteuid 500: Permission denied. 
>>
>> Did you configure your SSH installation with ssh-host-config?  How
>> about your user with ssh-user-config?
> 
> I did indeed.
> 
>>>     When I run ssh daemon as a user, in order to debug, I get that:
>>>     user AT server ~/$ /usr/sbin/sshd.exe -d
>>
>> Ugh!  This suggests that you have not read OpenSSH readme in
>> /usr/share/doc/Cygwin.  You can't do this without screwing up all
>> the permissions on various directories and files that SSH checks
>> the permissions of.
> 
> 
> Sorry, I've read again those docs ( /usr/share/doc/cygwin-doc-1.4 and 
> /usr/share/doc/openssh) and I've found nothing about not debugging 
> sshd... :|
> 
> Anyway, I have the same issue on more machines, so if I screwed that 
> one, I still need to configure the others...
> 
>> Sure.  See the problem reporting guidelines below.  You've told us
>> what you're having problems with and it's obvious that you misunderstand
>> what's necessary to get pubkey authentication to switch users but what's
>> not clear is how you've set this up, what you're working with, and what
>> your intentions are.  
> 
> I want to use key-auth to run bash scripts remotely. Although it does 
> not matter anyway, as I just need to use key-auth...
> 
> I've installed cygwin with openssh (all default) on the windows server 
> and then I ran ssh-host-config. Then I copied the content of my 
> id_rsa.pub file to this server, to the file ~/.ssh/authorized_keys, 
> making sure they have no righs for group and other. Let's say, the usual 
> way of configuring key-auth for me, as I did a bunch of times in my unix 
> machines. But, this time is not a unix machine, but a windows 2003 with 
> cygwin installed. And I'm getting some errors when I use key-auth, but 
> not when I use password-auth.
> 
>> I'd recommend that you review the docs and email
>> archives to come up to speed.  Then, if you're still having problems,
>> contact the list again with a follow-up problem report.
> 
> I thought that cygwin's openssh pretty much like unix openssh. Anyway, I 
> reviewed docs before posting the first time, and found nothing solving 
> this issue. Maybe I didn't look at the right place...
> 
> Can you give me a hint about this issue or directions to a doc where 
> this things are discussed? Thank you very much.
> 
> Tomās
> 

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/