This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: SSH login to cygwin sshd (6.7p1-1) fails with error seteuid1000: Operation not permitted when ~/.ssh/id_rsa keys available on client
- From: Andrey Repin <anrdaemon at yandex dot ru>
- To: "The Sec Maestro" <thesecmaestro at gmail dot com>, cygwin at cygwin dot com
- Date: Mon, 5 Jan 2015 08:25:51 +0300
- Subject: Re: SSH login to cygwin sshd (6.7p1-1) fails with error seteuid1000: Operation not permitted when ~/.ssh/id_rsa keys available on client
- Authentication-results: sourceware.org; auth=none
- References: <009801d028a4$b3921fb0$1ab65f10$ at com>
- Reply-to: cygwin at cygwin dot com
Greetings, The Sec Maestro!
> SSH Login, using 'tester' account (in Adminstrators group) to the Cygwin
> sshd server fails from a client machine which has ~/.ssh/id_rsa keys
> available.
Check permissions on the ~/.ssh directory and subsequent files. ssh is VERY
picky about them.
Both standard POSIX and ACL permissions.
Use setfacl -b option if necessary to strip unwanted extra ACE's.
> Login from the same client, without the id_rsa keys is successful. SSH
> locally (on cygwin box) is also successful.
> Comparison of the sshd logs (debugging enabled) of a good vs failure login
> shows that when id_rsa is enabled on the client, the following in the
> failure case:
> debug1: temporarily_use_uid: 1000/513 (e=18/544)
> seteuid 1000: Operation not permitted
> This seem to be related to a permission related problem, but cygcheck_output
> though shows the 'tester' user is member of Administrators group.
> What am I missing?
--
WBR,
Andrey Repin (anrdaemon@yandex.ru) 05.01.2015, <08:23>
Sorry for my terrible english...
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple