Never ending SSHD story: offering public key terminates connection
Larry Hall (Cygwin)
Sat Jan 3 04:44:00 GMT 2015
On 12/31/2014 06:25 PM, Ilya Dogolazky wrote:
> Hello !
> Using information posted provided by PolarStorm
> (https://www.cygwin.com/ml/cygwin/2014-12/msg00205.html) I managed to start
> the SSH daemon. As usual I started with a virgin virtual machine, installed
> OS from DVD image, downloaded setup-x86_64.exe from cygwin.com, started it,
> added openssh package to the default set of packages, didn't change any
> package version. After the installer finished, I right clicked the terminal
> icon and started the Admin shell. The transcript from this shell is
> attached as "log". The output of "cygcheck -s -v -r" is attached as well.
> The SSHD kinda works now, but not properly. Let's see what does it mean.
> First I tried to connect to my own cygwin host:
> ilya@w9 ~ $ ssh localhost /bin/echo BLAH
> ilya@localhost's password: [ *** typing my password here *** ]
> ilya@w9 ~ $
> So... the connection, password authentication and remote execution work fine.
> Now I want to create a key pair first, and later try to use this pair to log
> in without typing my password. So let's create it:
> ilya@w9 ~ $ ssh-keygen.exe
There may be nothing wrong with what you're doing here but using
ssh-user-config is the recommended and supported way of doing this.
You may want to check to be sure that the steps you're doing below
manually conform to the script that would do this for you automatically
and make the appropriate adjustments, if any.
> The summary: a client offering a key is a reason enough for the server just
> to say goodbye and terminate the connection. The file /var/log/sshd.log is
> present on my system, but it is empty. I tried to increase the log level in
> sshd_config file, but it doesn't work: the log file is always empty, so I
> don't have a clue what's happening on the server side. Neither can I start
> the sshd manually with the '-d' flag, because of some permission error I
> don't understand.
Don't use 'ssh-host-config -y'. Drop the flag and configure it manually so
that you get a proper password.
If you don't have a "root" in your '/etc/group' file, that suggests that
'/etc/postinstall/000-cygwin-post-install.sh' didn't run or didn't run
properly. Try running it or the like-named file ending in ".done" taking
particular note of any output. If your '/etc/group' file has the "root"
group now, you're good to go. Try running 'ssh-host-config' again and see
if that helps.
If that doesn't work, you may have gotten caught by permissions settings as
a result of having the sshd service improperly started by the SYSTEM user.
You can either go through all those settings in the ssh-host-config script
and compare them with what you have or you could just wipe out your
installation and start over (OK, there are "in-between" possibilities too
that are less drastic but require more effort - I think you get the picture
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email?
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin