This is the mail archive of the cygwin@sources.redhat.com mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

Re: sshd and RSA Authentication

To: Kevin Wright <kevin at wright dot org>
Subject: Re: sshd and RSA Authentication
From: Kim Lee <kim at bulletproof dot net dot au>
Date: Mon, 19 Feb 2001 17:03:24 +1100
CC: cygwin at cygwin dot com
References: <000601c09a0d$260f1970$7074aa40@holstein-mobile.ASPECTDV.COM>

Kevin Wright wrote:
> 
> Kim,
> 
> I have you looked in /usr/doc? Here's a list of files there:
> 
> bzip2-1.0.1.README      jbigkit-1.2.README      ncurses-5.2.README
> vim-5.7.README
> crypt.README            jpeg-6b.README          openssh-2.3.0p1.README
> wget-1.6.README
> cvs-1.11.0.README       libpng-1.0.9.README     perl-5.6.1.README
> xpm-4.0.0.README
> gdbm-1.8.0.README       login.README            readline-4.1.README
> zip-2.3.README
> gettext-0.10.35.README  mt.README               tiff-3.5.5.README
> zlib-1.1.3.README
> inetutils-1.3.2.README  ncftp-3.0.2.README      unzip-5.41.README
> 
> check out the files for login, inetutils, openssh to begin with. And if you
> still have a problem. Search the mailing list:
> 
> http://cygwin.com/ml/cygwin/

Hi Kevin,

Actually I did... 

BUT

<red faced>
I was running an old version of sshd.exe in \winnt but I can't explain
why on earth typing in sshd -d called the old version when it was in
\d\winnt ie not in the path

This will teach me to use full paths where possible when testing!
</red faced>

Thanks! :)

> --Kevin
> 
> > -----Original Message-----
> > From: cygwin-owner@sources.redhat.com
> > [mailto:cygwin-owner@sources.redhat.com]On Behalf Of Kim Lee
> > Sent: Sunday, February 18, 2001 6:25 PM
> > To: cygwin@cygwin.com
> > Subject: sshd and RSA Authentication
> >
> >
> > Hi there,
> >
> > if there is a step by step document specific to cygwin, sshd and
> > getting RSA authentication to work please point me to it..
> >
> > Please read on anyway...
> >
> > I'm having problems getting w2k server sshd to allow RSA login without
> > a password from another W2k Server box
> >
> > Here are some detail:
> >
> > I'm using latest (as of today) cygwin tools (ran the setup.exe and updated
> > from the internet)
> >
> > /etc/passwd has...
> >
> > Administrator::500:513:,S-1-5-21-3438086697-2421862272-1916658313-
> > 500:/home/Administrator:/bin/sh
> >
> >
> > This is the ssh client machine.
> >
> >
> > administrator@SHRIMP ~
> > $ ssh -v KRILL
> > SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0.
> > Compiled with SSL (0x0090581f).
> > debug: Seeding random number generator
> > debug: ssh_connect: getuid 500 geteuid 500 anon 0
> > debug: Connecting to KRILL [172.16.0.202] port 22.
> > debug: Seeding random number generator
> > debug: Allocated local port 946.
> > debug: Connection established.
> > debug: Remote protocol version 1.5, remote software version 1.2.26
> > debug: no match: 1.2.26
> > debug: Local version string SSH-1.5-OpenSSH_2.3.0p1
> > debug: Waiting for server public key.
> > debug: Received server public key (768 bits) and host key (1024 bits).
> > debug: Host 'krill' is known and matches the RSA host key.
> > debug: Seeding random number generator
> > debug: Encryption type: 3des
> > debug: Sent encrypted session key.
> > debug: Installing crc compensation attack detector.
> > debug: Received encrypted confirmation.
> > debug: Trying RSA authentication with key 'administrator@SHRIMP'
> > debug: Server refused our key.
> > debug: Doing password authentication.
> > administrator@krill's password:  <had to type password in>
> > debug: Requesting pty.
> > debug: Requesting shell.
> > debug: Entering interactive session.
> > Environment:
> >   HOME=/home/Administrator
> >   USER=administrator
> >   LOGNAME=administrator
> >   SHELL=/bin/sh
> >   SSH_CLIENT=172.16.0.201 946 22
> >   SSH_TTY=/dev/tty0
> >   TERM=cygwin
> >
> > \[\033]0;\w\007
> > \033[32m\]\u@\h \[\033[33m\w\033[0m\]
> > $ exit
> > Connection to KRILL closed.
> > debug: Transferred: stdin 0, stdout 247, stderr 29 bytes in 5.8 seconds
> > debug: Bytes per second: stdin 0.0, stdout 42.8, stderr 5.0
> > debug: Exit status 1
> >
> >
> >
> >
> > Here's the server end.
> >
> >
> >
> > administrator@KRILL ~
> > $ sshd -d
> > debug: sshd version 1.2.26 [i586-pc-cygwin32]
> > debug: Initializing random number generator; seed file ssh_random_seed
> > log: Server listening on port 22.
> > log: Generating 768 bit RSA key.
> > Generating p:  ..++ (distance 72)
> > Generating q:  ...................++ (distance 288)
> > Computing the keys...
> > Testing the keys...
> > Key generation complete.
> > log: RSA key generation complete.
> > debug: Server will not fork when running in debugging mode.
> > error: setsockopt IPTOS_LOWDELAY: Invalid argument
> > log: Connection from 172.16.0.201 port 946
> > debug: Client protocol version 1.5; client software version
> > OpenSSH_2.3.0p1
> > debug: Sent 768 bit public key and 1024 bit host key.
> > debug: Encryption type: 3des
> > debug: Received session key; encryption turned on.
> > debug: Installing crc compensation attack detector.
> > debug: Attempting authentication for administrator.
> > debug: RSA authentication for administrator failed.
> > log: Password authentication for administrator accepted.
> > debug: Allocating pty.
> > error: setsockopt IPTOS_LOWDELAY: Invalid argument
> > debug: Forking shell.
> > debug: Entering interactive session.
> > debug: Received SIGCHLD.
> > debug: End of interactive session; stdin 5, stdout (read 242, sent 242),
> > stderr
> > 0 bytes.
> > debug: pty_cleanup_proc called
> > debug: Command exited with status 1.
> > debug: Received exit confirmation.
> > log: Closing connection to 172.16.0.201
> >
> > what is IPTOS_LOWDELAY, there is a rather long pause (10 seconds +) after
> > the "connection is established" before the password prompt pops up.
> >
> > Note: the cygwin ssh client to a unix box with RSA authentication (no
> > password)
> > works fine and there is no delay.
> >
> > Another interesting thing is ssh client to a Windows 2000 Professional
> > (NOT
> > server) sshd doesn't have this delay but RSA authentication still doesn't
> > work.
> >
> > What am I doing wrong? Any ideas or pointers? Thanks :)
> > --
> > Cheers
> > ----------------------------------------------------------------------
> > Kim Lee                         Senior Engineer - Bulletproof Networks
> > ph: +61 (0) 416 212 025                 http://www.bulletproof.net.au/
> >                    "When failure is not an option"
> >
> > --
> > Want to unsubscribe from this list?
> > Check out: http://cygwin.com/ml/#unsubscribe-simple
> >
> >

-- 
Cheers
----------------------------------------------------------------------
Kim Lee                         Senior Engineer - Bulletproof Networks
ph: +61 (0) 416 212 025                 http://www.bulletproof.net.au/
                   "When failure is not an option"

--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple

Follow-Ups:
- RE: sshd and RSA Authentication - General Troubleshooting
  - From: Kevin Wright

References:
- RE: sshd and RSA Authentication
  - From: Kevin Wright

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]