Never ending SSHD story: offering public key terminates connection
Ilya Dogolazky
ilya.dogolazky@nokia.com
Sat Jan 3 15:26:00 GMT 2015
Hi Larry!
01/03/2015 06:44 AM, ext Larry Hall (Cygwin) wrote:
> use ssh-user-config
The manual key creation doesn't do any harm, because the problem is
obviously on the server side. To see this I did all the testing running
the client on a remote machine, no difference in symptoms.
> Don't use 'ssh-host-config -y'.
I don't quite understand: what answers should I give to the script?
If there is any question which should not be answered by "yes", please
explain which question and what should be the answer.
> Drop the flag "-y" ... so that you get a proper password.
As a matter of fact even with the "-y" flag the script asks for the
password for the new user, "xx" is the "proper password" I'm using
(there are no seciruty concerns in my setup)
> If you don't have a "root" in your '/etc/group' file...
I do have it, here is the very first line from the file:
root:S-1-5-32-544:0:
> If that doesn't work, you may have gotten caught by permissions
settings as
> a result of having the sshd service improperly started by the SYSTEM
user.
It seems to me that SYSTEM user needs a security capability to call
"seteuid". Being a member of "Administartors" group doesn't seem to be
enough Alas I don't know which capability needs to be added
I found a UI program called "Local Security Policy", but I don't know
which of those properties is/are needed for "seteuid" call
> you could just wipe out your
> installation and start over
I do it every day many times anyway, including fresh windows
installation (as I described in one of the previous messages). Very
frustrating the whole business.
Ilya
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list