Problem with sshd on WindMill

Rob_Hannah@deluxe.com Rob_Hannah@deluxe.com
Thu Dec 14 14:34:00 GMT 2000


One note to an earlier response when I didn't have the user specified in
the /etc/passwd file (something like 'Sounds like a security hole').  How
is it a security hole?  In order to get access to the sshd box, I have to
send my public key file to that box and have the owner (in this case me)
add it to the ~/.ssh/authorized_keys file.  Another difference is in
password lengths.  Std Unix is 8 bytes.  I use a 24-byte passphrase for my
RSA and DSA keys...

Also, under Windows Millenium (i.e., any non-NT+), how are users obtained
by mkpasswd in the generation of the /etc/passwd file?  If it just uses the
current user, then I lose my changes every time I run the Cygwin setup.exe
as it auto-executes mkpasswd whenever I run it.

Note: below is reposted as I think I sent it to the wrong address
earlier...

As requested, here is the full output of both "ssh -v" and "sshd -d".  In
order to simplify, I'm only including the output of running via Protocol 1
when no entry exists on the WindMill passwd file for the given user (which
worked in the prior OpenSSH).

ssh -v:
  SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0.
  Compiled with SSL (0x0090581f).
  debug: Reading configuration data /etc/ssh_config
  debug: Applying options for *
  debug: Applying options for 168.135.21.101
  debug: Seeding random number generator
  debug: ssh_connect: getuid 1003 geteuid 1003 anon 1
  debug: Connecting to 168.135.21.101 [168.135.21.101] port 80.
  debug: Connection established.
  debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0p1
  debug: no match: OpenSSH_2.3.0p1
  debug: Local version string SSH-1.5-OpenSSH_2.3.0p1
  debug: Waiting for server public key.
  debug: Received server public key (768 bits) and host key (1024 bits).
  debug: Host '168.135.21.101' is known and matches the RSA host key.
  debug: Seeding random number generator
  debug: Encryption type: 3des
  debug: Sent encrypted session key.
  debug: Installing crc compensation attack detector.
  debug: Received encrypted confirmation.
  Permission denied.
  debug: Calling cleanup 0x414cf0(0x0)

sshd -d:
  debug1: sshd version OpenSSH_2.3.0p1
  debug1: Seeding random number generator
  debug1: read DSA private key done
  debug1: Seeding random number generator
  debug1: Bind to port 80 on 0.0.0.0.
  Server listening on 0.0.0.0 port 80.
  Generating 768 bit RSA key.
  debug1: Seeding random number generator
  debug1: Seeding random number generator
  RSA key generation complete.
  debug1: Server will not fork when running in debugging mode.
  Connection from 168.135.22.40 port 3635
  debug1: Client protocol version 1.5; client software version OpenSSH_2.3.0p1
  debug1: no match: OpenSSH_2.3.0p1
  debug1: Local version string SSH-1.99-OpenSSH_2.3.0p1
  debug1: Sent 768 bit public key and 1024 bit host key.
  debug1: Encryption type: 3des
  debug1: Received session key; encryption turned on.
  debug1: Installing crc compensation attack detector.
  debug1: Attempting authentication for illegal user k02189.
  Connection closed by 168.135.22.40
  debug1: Calling cleanup 0x4149e4(0x0)


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com



More information about the Cygwin mailing list