This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Man-in-the-middle error on only one side.


I've tried to research this extensively but I'm hitting a wall now. 
 
I'm running a Windows 7 64 bit I7 box with 12 gbytes. I have VMware
Workstation installed and it is running VMware Studio which is a Ubuntu
virtual appliance. 
 
I've installed Cygwin OpenSSH and configured it using ssh-host-config
and ssh-user-config. Cygwin sshd is running as a service and the "Allow
service to interact with desktop" box is checked.
 
I AM able to connect via ssh and also to scp files to VMware Studio.
 
However, I am NOT ABLE to connect via ssh from VMware Studio to the
windows box. 
There are 3 data sections below that will hopefully describe the
problem:
  - The verbose output from the SSH command attempt: (VMware -> Windows)
  - The Windows event data generated by that attempt
  - The ssh-keygen data for each side of the connection
 
1. SSH COMMAND VERBOSE OUTPUT DATA
root@VMwareStudio:~# more sshLog.txt
OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.120 [192.168.1.120] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
debug1: match: OpenSSH_5.8 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
44:92:ae:a4:32:51:06:bc:59:89:f3:be:38:53:54:52.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this
message.
Offending key in /root/.ssh/known_hosts:3
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid
man-in-the-middle attacks.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
Connection closed by 192.168.1.120
root@VMwareStudio:~#
 
2. EVENT LOG DATA
Log Name: Application
Source: sshd
Date: 7/26/2011 8:49:46 PM
Event ID: 0
Task Category: None
Level: Error
Keywords: Classic
User: SYSTEM
Computer: drjmgh-PC
Description:
The description for Event ID 0 from source sshd cannot be found. Either
the component that raises this event is not installed on your local
computer or the installation is corrupted. You can install or repair the
component on the local computer. If the event originated on another
computer, the display information had to be saved with the event. The
following information was included with the event: 
sshd: PID 8608: fatal: seteuid 1020: Permission denied
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event";>
<System>
<Provider Name="sshd" />
<EventID Qualifiers="0">0</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-07-27T03:49:46.000000000Z" />
<EventRecordID>8201</EventRecordID>
<Channel>Application</Channel>
<Computer>drjmgh-PC</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data>sshd: PID 8608: fatal: seteuid 1020: Permission denied</Data>
</EventData>
</Event>
 
3. SSH-KEYGEN DATA
 a. The authorized_keys and known_hosts files on the VMware side.

   root@VMwareStudio:~/.ssh# more authKeys.txt
     2048 44:92:ae:a4:32:51:06:bc:59:89:f3:be:38:53:54:52
authorized_keys
   root@VMwareStudio:~/.ssh#

   root@VMwareStudio:~/.ssh# more knownHosts.txt
     2048 44:92:ae:a4:32:51:06:bc:59:89:f3:be:38:53:54:52 known_hosts
   root@VMwareStudio:~/.ssh#
 

 b. The Windows side. This is the /etc/ssh_host_rsa_key.pub file. I
added this key since the ssh command   
    output above indicated that this is the key that it is looking for.

  vmware_studiouser@drjmgh-PC /etc
     $ ssh-keygen -lf ssh_host_rsa_key.pub
     2048 44:92:ae:a4:32:51:06:bc:59:89:f3:be:38:53:54:52
ssh_host_rsa_key.pub (RSA)
 
 
Thanks for any help that you can provide.
Don Johnson


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]