This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
SSHD without password permission denied
- To: <cygwin at cygwin dot com>
- Subject: SSHD without password permission denied
- From: "Anatol Studler" <studler at ise dot ch>
- Date: Mon, 27 Aug 2001 10:57:15 +0200
- Cc: "Andreas Bischoff" <bischoff at ise dot ch>
- Organization: ISE Integrated Systems Engineering AG
Hi
I installed the latest cygwin (1.3.2) downloaded @ 27.8.2001 an windows 2000
server sp2.
I did:
modified the system variable "CYGWIN=ntea ntsec title strip_title"
mkpasswd -d > /etc/passwd
mkgroup -d > /etc/group
iu-config (for telnet)
inetd --install-as-service
ssh-host-config (configured sshd as service and with option "ntsec tty")
After that sshd was running fine as a service with the default settings.
After changing the settings to our needs:
IgnoreRhosts no
StrictModes yes
RhostsAuthentication yes
RhostsRSAAuthentication yes
RSAAuthentication yes
PasswordAuthentication no
modified /etc/hosts.equiv
added host antares /etc/ssh_known_hosts (copied ssh_know_hosts from another
host)
I got a PERMISSION DENIED.
Here is the sshd log:
--------------------------
$ /usr/sbin/sshd -d
debug1: Seeding random number generator
debug1: sshd version OpenSSH_2.9p2
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: Bind to port 22 on 192.168.90.153.
Server listening on 192.168.90.153 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.90.43 port 33271
debug1: Client protocol version 1.5; client software version OpenSSH_2.9p1
debug1: match: OpenSSH_2.9p1 pat ^OpenSSH
debug1: Local version string SSH-1.99-OpenSSH_2.9p2
debug1: Rhosts Authentication disabled, originating port not trusted.
debug1: Sent 768 bit server key and 1024 bit host key.
debug1: Encryption type: 3des
debug1: Received session key; encryption turned on.
debug1: Installing crc compensation attack detector.
debug1: Attempting authentication for studler.
debug1: Trying rhosts with RSA host authentication for client user studler
debug1: temporarily_use_uid: 11107/10513 (e=10500)
debug1: restore_uid
debug1: Rhosts RSA authentication: canonical host antares.ise.ch
debug1: temporarily_use_uid: 11107/10513 (e=10500)
debug1: restore_uid
debug1: Rhosts with RSA host authentication denied: unknown or invalid host
key
Failed rhosts-rsa for studler from 192.168.90.43 port 33271 ruser studler
debug1: temporarily_use_uid: 11107/10513 (e=10500)
debug1: restore_uid
Failed rsa for studler from 192.168.90.43 port 33271
Connection closed by 192.168.90.43
debug1: Calling cleanup 0x415ec4(0x0)
--------------------------
What is the problem ? Wy do we get
Rhosts Authentication disabled, originating port not trusted.
Here is also the ssh client log:
--------------------------
[antares] /home/admin/documentation/win2000 > ssh -v nt115t
OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 20885 geteuid 0 anon 1
debug1: Connecting to nt115t [192.168.90.153] port 22.
debug1: temporarily_use_uid: 20885/100 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 20885/100 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: identity file /home/studler/.ssh/identity type 0
debug1: identity file /home/studler/.ssh/id_rsa type 1
debug1: identity file /home/studler/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9p2
debug1: match: OpenSSH_2.9p2 pat ^OpenSSH
debug1: Local version string SSH-1.5-OpenSSH_2.9p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'nt115t' is known and matches the RSA1 host key.
debug1: Found key in /home/studler/.ssh/known_hosts:1
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
debug1: Remote: Accepted for antares.ise.ch [192.168.90.43] by
/etc/hosts.equiv.
debug1: Remote: Your host key cannot be verified: unknown or invalid host
key.
debug1: Server refused our rhosts authentication or host key.
debug1: Trying RSA authentication with key 'studler@NT115T'
debug1: Server refused our key.
Permission denied.
debug1: Calling cleanup 0x8064ea0(0x0)
--------------------------
Thanks in advance for any help
./Anatol
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/