This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ssh: Permission denied


If AdminCCRD is really an account created to run sshd and has been properly
privileged to allow switching users, then this is really not a good account
to log into with ssh.  Why not use a "regular" account without all these
security risks?

I guess I'm not communicating well, though I'm not sure how I can be more
clear.  You need to provide background details of your installation at 
least.  Just knowing what happens and a few log statements isn't enough
in this case.  That's why I've been pointing you to 
<http://cygwin.com/problems.html>.  It explains how this list works, how
one should present a problem to the list, and some real specifics of 
required information that should be sent (i.e. cygcheck output) that should
be sent with any inquiry.  I've been pointing to save me from 
regurgitating what's there and sparing others that read this list from a 
rehash of these details.  Have you read this page?  If not, please do so
and process it.

I think you're going to want to install a version of sshd in debug mode as
well.  That will dump allot of info to the sshd.log file, which should help
you out (which is the reason I suggested it ;-) ).  If this doesn't clarify 
the issue for you, you should make sure you provide the sshd log file, your 
/etc/passwd and /etc/group files, and your cygcheck output with whatever 
other pertinent information is necessary when you post to the list for help 
on this issue.  It may be an obvious problem but the information provided so 
far doesn't show it.

Larry


At 03:02 AM 11/20/2003, friedrich_lehn@ch.schindler.com you wrote:
>Sorry, my info was too sparse.
>Here is what I could find:
>
>/var/log/sshd.log: no entries on both sides
>
>Windows event log:
>The description for Event ID ( 0 ) in Source ( sshd ) cannot be found. The
>local computer may not have the necessary registry information or message
>DLL files to display messages from a remote computer. The following
>information is part of the event: sshd : PID 1884 : Failed password for
>AdminCCRD from 195.65.184.50 port 26978 ssh2.
>
>Strange thing is that the ip address doesn't match with both sides and I
>thought ssh uses port number 22 exclusively (at least that's what out
>network guys opened for me).
>AdminCCRD is a local account on crdw0157, does he try to access the domain
>server? How would I specify a local account then?
>
>AdminCCRD is also the account I configured for the sshd demon when setting
>up the Windows service. He has local admin rights.
>
>Here is the log from the client side:
>
>ssh crdw0157 -vvv -l AdminCCRD
>...
>debug1: Next authentication method: keyboard-interactive
>debug2: userauth_kbdint
>debug2: we sent a keyboard-interactive packet, wait for reply
>debug1: Authentications that can continue:
>publickey,password,keyboard-interactive
>debug3: userauth_kbdint: disable: no info_req_seen
>debug2: we did not send a packet, disable method
>debug3: authmethod_lookup password
>debug3: remaining preferred:
>debug3: authmethod_is_enabled password
>debug1: Next authentication method: password
>AdminCCRD@crdw0157's password:
>debug3: packet_send2: adding 48 (len 62 padlen 18 extra_pad 64)
>debug2: we sent a password packet, wait for reply
>debug1: Authentications that can continue:
>publickey,password,keyboard-interactive
>Permission denied, please try again.
>AdminCCRD@crdw0157's password:
>
>
>
>|---------+--------------------------->
>|         |           Larry Hall      |
>|         |           <cygwin-lh@cygwi|
>|         |           n.com>          |
>|         |                           |
>|         |           19.11.2003 19:49|
>|         |           Please respond  |
>|         |           to Cygwin List  |
>|         |                           |
>|---------+--------------------------->
>  >-----------------------------------------------------------------------------------------------------------------------|
>  |                                                                                                                       |
>  |        To:      friedrich_lehn@ch.schindler.com, cygwin@cygwin.com                                                    |
>  |        cc:                                                                                                            |
>  |        Subject: Re: ssh: Permission denied                                                                            |
>  >-----------------------------------------------------------------------------------------------------------------------|
>
>
>
>
>At 12:02 PM 11/19/2003, friedrich_lehn@ch.schindler.com you wrote:
>>I've installed ssh.
>>I managed to get passwordless access via RSA.
>>However, I didn't manage to get access via password authentication.
>>/etc/passwd seems to be OK, I tried different accounts (local, domain,
>>admin) for login and for the sshd service log on account - no success.
>>
>>TIA for any hints, Friedrich
>
>
>Since password authentication is generally far easier to configure (i.e.
>you generally get it "for free"), I'm going to have to direct you to
><http://cygwin.com/problems.html> with the added comment that you should
>think about what information might be necessary for someone else to see
>what your problem might be.  This process may even present the solution
>without the need for the repost.  I'd recommend that you scrutinize ssh
>and sshd debug output (from their respective debug modes) and log files
>too.
>
>Good luck,
>
>
>
>--
>Larry Hall                              http://www.rfk.com
>RFK Partners, Inc.                      (508) 893-9779 - RFK Office
>838 Washington Street                   (508) 893-9889 - FAX
>Holliston, MA 01746
>
>
>
>
>
>
>
>--
>Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
>Problem reports:       http://cygwin.com/problems.html
>Documentation:         http://cygwin.com/docs.html
>FAQ:                   http://cygwin.com/faq/


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]