Problem with 20050215 snapshot and ssh-agent forwarding
Jean-Sebastien Trottier
jst1@email.com
Sat Feb 19 14:18:00 GMT 2005
On Fri, Feb 18, 2005 at 01:41:14PM -0500, Christopher Faylor wrote:
> On Fri, Feb 18, 2005 at 09:21:56AM -0800, David Rothenberger wrote:
> >On 2/18/2005 6:30 AM, Jean-Sebastien Trottier wrote:
> >>On Wed, Feb 16, 2005 at 11:23:03AM -0800, David Rothenberger wrote:
> >>
> >>>I'm having a problem with the 20050215 snapshot (and the 20050131 as
> >>>well). My ssh-agent connection is not being forwarded by ssh. This is
> >>>working fine with the 20041119 snapshot.
> >>>
> >>Have you tried " ssh -A `hostname` " instead... just to make sure the
> >>ssh actually forwards the agent?
> >>
> >>If this works (and it should), add "ForwardAgent yes" to your
> >>~/.ssh/config file. see "man ssh_config" for details
> >
> >Yeah, I know about configuring ssh. As I mentioned in my original email,
> >this is working fine for me with the 20041119 snapshot. So, I do have
> >things configured correctly. But, I did try it with the -A switch and
> >had the same result.
>
> I still can't duplicate this. Sorry.
>
I'm able to reproduce it here...
With "current" cygwin1.dll version:
inside the ssh session, $SSH_AUTH_SOCK points to:
% ls -l $SSH_AUTH_SOCK
srwxrwxrwx 1 SYSTEM root 51 Feb 18 14:52 /tmp/ssh-rsSRvl3964/agent.3964=
% getfacl $SSH_AUTH_SOCK
# file: /tmp/ssh-rsSRvl3964/agent.3964
# owner: SYSTEM
# group: root
user::rwx
group::rwx
mask:rwx
other:rwx
ssh client is able to use this socket for further public key verfification
With 20050215 snapshot:
inside the ssh session, $SSH_AUTH_SOCK points to:
% ls -l $SSH_AUTH_SOCK
ls: /tmp/ssh-fHDEinn252/agent.252: Permission denied
% getfacl $SSH_AUTH_SOCK
getfacl: Permission denied
ssh client is *NOT* able to use this socket.
With both versions, the permissions on the socket's directory are
exactly the same:
% ls -ld /tmp/ssh-rsSRvl3964
drwx------+ 2 SYSTEM root 0 Feb 18 14:52 /tmp/ssh-rsSRvl3964
% getfacl /tmp/ssh-rsSRvl3964
# file: /tmp/ssh-rsSRvl3964
# owner: SYSTEM
# group: root
user::rwx
group::---
mask:rwx
other:---
default:user::rwx
default:group::---
default:other:---
I hope this helps... at least it should give you a clue
Note: I've got sshd running as a SYSTEM service. Running is in
non-detached or debug mode works fine, obviously.
Sebastien
> cgf
>
> --
> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> Problem reports: http://cygwin.com/problems.html
> Documentation: http://cygwin.com/docs.html
> FAQ: http://cygwin.com/faq/
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://cygwin.com/pipermail/cygwin/attachments/20050219/31bdb24b/attachment.sig>
More information about the Cygwin
mailing list