This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: HostBasedAuthentication with OpenSSH


On Sep  8 14:50, Gary Whitehead wrote:
> Hi All,
> 
> I am fighting trying to get outward HostBasedAuthentication working with the 
> ssh client under Cygwin on WinXP (SP2).

Hostbased authentication isn't tested on Cygwin.  Since ssh-keysign
needs read access to the private local host keys and these keys are
not world-readable, ssh-keysign must be set-uid root (read: "system").
But set-uid isn't implemented on Cygwin so that's bound to fail. 

What you could try if security isn't an issue for you is, use setfacl
to add read perms for your account to the ssh host keys like this:

  setfacl -m u:$USER:r-- /etc/ssh_host_*_key

However, consider to switch over to public key authentication with 
either a private key w/o passphrase or, better, use ssh-agent/ssh-add
on your local machine.  That's the usual technique and should have the
same result for you, including convenience.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          mailto:cygwin@cygwin.com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]