This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Sshd behaving strangely...


Greetings, Zdzislaw Meglicki!

Please teach your mail agent to not break threading. Thank you in advance.

>> OpenSSH 7.0 (and thus the current 7.1) deprecated a couple
>> of old and insecure ciphers.  Probably that's the reason.

> Well, what I mean is that it is strange that sshd-7.1p1-1 accepts
> a connection from ssh-3.9p1, upon announcing that the "key type ssh-dss
> [is] not in PubkeyAcceptedKeyTypes," and lets the user in having accepted
> the password,

Likely explanation is that you've tried to connect using private DSA key,
which server rejected and subsequently asked for a password.

> yet rejects connection from ssh-6.8p1-1 not even allowing
> for the presentation of a password, and claims that "seteuid operation
> [is] not permitted." 

This is a different issue, judging from the error message.
Without more data from both sides it is impossible to tell for certain, whats
going on.
A verbose log of the same connection from both server and client may help.

> Why was the operation permitted when the key was not in
> PubkeyAcceptedKeyTypes?

> This seems to me to be a security bug.

More like you are not telling us a whole story.

> And I still wonder how to configure sshd to allow normal connections
> with accepted key types, any documentation out there that would help?

Sorry, what? It do work like that out of the box.


-- 
With best regards,
Andrey Repin
Monday, September 7, 2015 00:33:31

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]