Connection closed message when trying to connect with sftp using public key authentication to OpenSSH 3.7.1p2 on Windows 2003 Server
Fri Jun 24 14:57:00 GMT 2005
I have downloaded and tested 4.1p1-1 and all is now working just fine.
The key lessons for me were:
1. Yes, use privilege separation as that seems to work just fine. It
creates a user called sshd to run the non-privileged operations.
2. If you want to use a pre-existing user to own the sshd service,
ensure that it has the following privileges:
* Adjust memory quotas for a process
* Create a token object
* Logon as a service
* Replace a process level token
These privileges should be set using the "Domain Controller Security
Settings" utility (go to Local Policies -> User Rights Assignment).
The user must also have Administrator rights on the server. It should
also have ownership of the following files:
Many thanks for your help.
From: Larry Hall [mailto:email@example.com]
Sent: 15 June 2005 15:51
To: Cygwin List; Des Atkinson; firstname.lastname@example.org
Subject: Re: Connection closed message when trying to connect with sftp
using public key authentication to OpenSSH 3.7.1p2 on Windows 2003
At 10:39 AM 6/15/2005, you wrote:
>At 10:14 AM 6/15/2005, you wrote:
>>I have been trying to connect to OpenSSH on my Windows 2003 Server
system using public key authentication. I have tried using both sftp and
ssh. In both cases the verbose output shows that the authentication
succeeded okay, but the session itself just seems to die with an "Exit
status 255" message (followed by "Connection closed" for sftp).
>>Is there some additional configuration I need to attempt on my server
to make this all work? I am running the CYGWIN sshd service under the
Local System account on the server.
>The Local System account does not have the permissions necessary to
>pubkey authentication to work on W2K3. Did you install with
>and ssh-user-config? ssh-host-config will ask you if you want to
>"sshd_server" user that will have the proper permissions to permit
>authentication. See 'usr/share/doc/Cygwin/openssh.README' for more
I should also point out that OpenSSH 3.7.1p2 is very old now. The
version is 4.1p1-1. It may be that ssh-host-config doesn't have the
to create the "sshd_server" user in that version. I don't remember. If
does not, all the more reason to upgrade. ;-)
Larry Hall http://www.rfk.com
RFK Partners, Inc. (508) 893-9779 - RFK Office
838 Washington Street (508) 893-9889 - FAX
Holliston, MA 01746
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
More information about the Cygwin