This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Definitely no sshd on FAT32?


On Tue, 23 Mar 2004, Ian Brandt wrote:

> Hi,
>
> I've been going through the archives and elsewhere, but just want to
> verify that I'm not missing anything.  Is it definitely *not* possible to
> run sshd with cygwin installed on FAT32?

It is, but it won't be as secure.  See below.

> I set CYGWIN to just "tty" when installing the service with
> ssh-host-config, since according to the Cygwin docs "ntsec" is ignored
> on FAT32 volumes.

FYI, "ntsec" is only ignored for the *disk* volumes, but it is used for a
bunch of other NT-enabled features that have nothing to do with disks
(e.g., user context switching).  However, "ntsec" is on by default now, so
you aren't losing this functionality by omitting it.

> I'm getting the following in /var/log/sshd.log when trying to start...
>
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for '/etc/ssh_host_key' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for '/etc/ssh_host_rsa_key' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_rsa_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for '/etc/ssh_host_dsa_key' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /etc/ssh_host_dsa_key
> Could not load host key: /etc/ssh_host_dsa_key
> Disabling protocol version 1. Could not load host key
> Disabling protocol version 2. Could not load host key
> sshd: no hostkeys available -- exiting.

Try turning off "StrictModes" in your sshd_config.
HTH,
	Igor

> I tried chmod on the keys, but in accordance with the Cygwin docs it
> silently does nothing...
>
> /etc$ chmod go-r ssh*key
> /etc$ ls -al ssh*key
> -rw-r--r--    1 ibrandt  None          672 Mar 23 09:23 ssh_host_dsa_key
> -rw-r--r--    1 ibrandt  None          536 Mar 23 09:23 ssh_host_key
> -rw-r--r--    1 ibrandt  None          887 Mar 23 09:23 ssh_host_rsa_key
>
> Thanks,
> Ian

-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster."  -- Patrick Naughton

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]