SSH and Remote Key authentication
Norman Vine
nhv@cape.com
Mon Feb 16 00:31:00 GMT 2004
Larry Hall writes:
>
> At 03:43 PM 2/15/2004, Norman Vine you wrote:
> >Larry Hall writes:
> >>
> >> At 03:25 PM 2/15/2004, Norman Vine you wrote:
> >> >Hi all
> >> >
> >> >I am trying to use SSH remote key authentication
> >> >It appears as if the remote $HOST does not like
> >> >the permissions on my home dir
> >> >
> >> >Any guidance appreciated
> >> >
> >> >$ ssh -v $USER@$HOST
> >
> >> >debug1: Remote: Authentication refused: bad ownership or modes for directory /home/$USER
> >> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >> >
> >>
> >> Sounds like a simple permissions problem on ~/.ssh/identity. Your best
> >> bet is to read up on openssh docs so that you're sure you get everything
> >> configured correctly
> >
> >AFAICT I have the correct permissions on ~/.ssh/identity
> >and the permissions on the $HOST files are identical to
> >those that admin@$HOST uses to connect from a remote Linux machine
> >
> >$ cd ~
> >$ ls -la .ssh/identity
> >-rw------- 1 $USER None 525 Feb 12 14:51 .ssh/identity
>
> OK then. I agree, that looks fine. So since this is all the information
> you've given, besides a possible implication that you can ssh to the $HOST
> machine from a Linux machine, I can't really help much.
I do appreciate your help, and hopefully I have included enough info this time :-)
> If you can ssh in
> from a Linux machine, try comparing all differences between that machine
> and the problem "box" and see if you can find what's missing.
Note I can ssh in using password authrntication from my Cygwin box
hence the subject line
but you are correct I should have explicitly stated this.
> You could
> also turn on debugging on the server to help, though I think the message
> you got already is pretty clear about what it thinks the problem is. Check
> the permissions real close (use 'getfacl' if you need to),
I too am reasonably sure this is a 'local permissions' problem
i.e. The remote sshd daemon does not believe my identity file is secure
My problem is that I do not know what the proper permissions should be, and
AFAIK these are the permissions set by the the Cygwin install proceedure as
I do not believe I have touched them
$ ls -ld /
drwxrwxr-x+ 20 admins Administ 14520320 Feb 10 16:27 /
$ ls -ld /home
drwxrwxr-x+ 8 admins Administ 4096 Nov 3 2001 /home
$ ls -ld /home/nhv
drwxr-xr-x+ 21 nhv None 32768 Feb 13 06:29 /home/nhv
$ ls -ld /home/nhv/.ssh
drwx------+ 3 nhv None 4096 Feb 12 13:49 /home/nhv/.ssh
$ ls -ld /home/nhv/.ssh/identity
-rw------- 1 nhv None 525 Feb 12 14:51 /home/nhv/.ssh/identity
attached find the result of
cygcheck -s -v -r > cygcheck.out
Thanks again
Norman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cygcheck.out
Type: application/octet-stream
Size: 52346 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20040216/da9495f2/attachment.obj>
-------------- next part --------------
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list