This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Is RSA authentication on SSH still broken?

From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
To: cygwin at cygwin dot com
Date: Fri, 8 Nov 2002 18:58:44 +0100
Subject: Re: Is RSA authentication on SSH still broken?
References: <BADF3C947A1BD54FBA75C70C241B0B9E90B9CE@ex02.idirect.net>
Reply-to: cygwin at cygwin dot com

On Fri, Nov 08, 2002 at 11:37:11AM -0500, Harig, Mark A. wrote:
>        chmod 700 ~ && \
         ^^^^^^^^^^^
This is your problem.  By setting home and .ssh to 700 you disallow sshd to
stat() ~/.ssh.  Cygwin has two chances to retrieve information about a file
or directory, by either calling FindFileFirst() or by trying to open the
file and calling various Win32 access functions.

FindFileFirst() requires to have read permissions on the parent directory,
opening the file/dir requires read permissions on it.  If home as well
as .ssh are 700, sshd has neither of these rights ==> The check for .ssh
fails.

Qed,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

References:
- RE: Is RSA authentication on SSH still broken?
  - From: Harig, Mark A.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]