This is the mail archive of the
cygwin@sourceware.cygnus.com
mailing list for the Cygwin project.
Re: OpenSSH and RSA authentication problem
- To: Alexander Vorobiev <avorobiev at usa dot net>
- Subject: Re: OpenSSH and RSA authentication problem
- From: Corinna Vinschen <corinna at vinschen dot de>
- Date: Wed, 14 Jun 2000 22:11:53 +0200
- CC: cygwin <cygwin at sourceware dot cygnus dot com>
- References: <ym0n1kpms1u.fsf@infarmis.abn.com> <640eFmwJo0579M04@www.netaddress.com> <ym0itvcmef6.fsf@infarmis.abn.com> <657eFNRZm1003M29@www.netaddress.com> <ym0d7lkm6tt.fsf@infarmis.abn.com>
- Reply-To: cygwin <cygwin at sourceware dot cygnus dot com>
There's no hint for a specific problem in sshd but it
seems as if you didn't cat your identity.pub file to
authorized_keys. At least the message is identical.
If it would be a permission problem, eg. your authorized_keys
file isn't readable by you, the debug output of ssh -v
would contain:
debug: Remote: Could not open /home/corinna/.ssh/authorized_keys for
reading.
debug: Remote: If your home is on an NFS volume, it may need to be
world-readable
Note that the below output is exactly(!) the same if
your authorized_keys file doesn't exist.
Corinna
Alexander Vorobiev wrote:
>
> Corinna Vinschen <corinna@vinschen.de> writes:
> > Anyway. Please send the output of sshd -d and ssh -V in
> > case of RSA authentication. Maybe that there is some
> > interesting info.
>
> avorobiev$ /usr/local/sbin/sshd.exe -d
> debug: sshd version OpenSSH-1.2.2
> debug: Bind to port 22 on 0.0.0.0.
> Server listening on 0.0.0.0 port 22.
> Generating 768 bit RSA key.
> RSA key generation complete.
> debug: Server will not fork when running in debugging mode.
> Connection from 127.0.0.1 port 4085
> debug: Client protocol version 1.5; client software version OpenSSH-1.2.2
> debug: Sent 768 bit public key and 1024 bit host key.
> debug: Encryption type: 3des
> debug: Received session key; encryption turned on.
> debug: Installing crc compensation attack detector.
> debug: Attempting authentication for administrator.
> debug: seteuid 500: Not owner
> debug: seteuid 500: Not owner
> Failed rsa for administrator from 127.0.0.1 port 4085
> Connection closed by 127.0.0.1
> debug: Calling cleanup 0x411ebc(0x0)
> avorobiev$
>
> and here is what client displays (the same machine):
>
> avorobiev$ slogin -v localhost
> SSH Version OpenSSH-1.2.2, protocol version 1.5.
> Compiled with SSL.
> debug: Reading configuration data /usr/local/etc/ssh_config
> debug: Applying options for *
> debug: seteuid 500: Not owner
> debug: ssh_connect: getuid 500 geteuid 500 anon 1
> debug: Connecting to localhost [127.0.0.1] port 22.
> debug: seteuid 500: Not owner
> debug: seteuid 500: Not owner
> debug: seteuid 500: Not owner
> debug: seteuid 500: Not owner
> debug: Connection established.
> debug: setuid 500: Not owner
> debug: Remote protocol version 1.5, remote software version OpenSSH-1.2.2
> debug: Waiting for server public key.
> debug: Received server public key (768 bits) and host key (1024 bits).
> debug: Forcing accepting of host key for loopback/localhost.
> debug: Encryption type: 3des
> debug: Sent encrypted session key.
> debug: Installing crc compensation attack detector.
> debug: Received encrypted confirmation.
> debug: Trying RSA authentication with key 'administrator@NTBOX'
> debug: Server refused our key.
> Permission denied.
> debug: Calling cleanup 0x40bb1c(0x0)
> avorobiev$
>
> and here is what client displays when I try to connect from unix box
> (real ip addresses and machine names changed):
>
> slogin xx.xx.xx.xx -l administrator -v
> SSH Version 1.2.27 [hppa1.1-hp-hpux10.20], protocol version 1.5.
> Standard version. Does not use RSAREF.
> unixbox: Reading configuration data /homedirs/avorobiev/.ssh/config
> unixbox: Applying options for *
> unixbox: ssh_connect: getuid 1799 geteuid 1799 anon 1
> unixbox: Connecting to xx.xx.xx.xx port 22.
> unixbox: Connection established.
> unixbox: Remote protocol version 1.5, remote software version OpenSSH-1.2.2
> unixbox: Waiting for server public key.
> unixbox: Received server public key (768 bits) and host key (1024 bits).
> unixbox: Host 'xx.xx.xx.xx' is known and matches the host key.
> unixbox: Initializing random; seed file /homedirs/avorobiev/.ssh/random_seed
> unixbox: IDEA not supported, using 3des instead.
> unixbox: Encryption type: 3des
> unixbox: Sent encrypted session key.
> unixbox: Installing crc compensation attack detector.
> unixbox: Received encrypted confirmation.
> unixbox: No agent.
> unixbox: Trying RSA authentication with key 'avorobiev@UNIXBOX'
> unixbox: Server refused our key.
> Permission denied.
>
> in the latter case sshd -d outputs exactly the same messages as in the
> former case (connection from localhost) but with different ip
> addresses of course
>
> all RSA-related files (identity, authorized_hosts etc) seem to be
> ok. It all looks like some permission problem...
>
> Alexander
>
> --
> Narrowness of experience leads to narrowness of imagination
> -- Rob Pike
>
> --
> Want to unsubscribe from this list?
> Send a message to cygwin-unsubscribe@sourceware.cygnus.com
--
Corinna Vinschen
Cygwin Developer
Cygnus Solutions, a Red Hat company
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com