This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: SSHD under SYSTEM account (was: Re: cygwin & opensshd on .net enterprise server)


Prentis schrieb:

>  I think these docs are out of date.  this is fixed now, since I am
> doing it.

Ok. PublicKey is working, I figured out to set it up with PublicKey Auth
only and using my DSA key and only allowed protocol was SSH2.  I know
that and that is the reason why I'm still trying to figure out how to
use both (RSA & DSA over pubkey auth).

As I added 'RSAAuthentication yes' to the config it stops working and
I don't understand why.  My collegue has just some RSA keys and was
angry if I asked him to get some DSA keys too, so I tried to use both,
SSH1 & SSH2 and RSA & DSA with no passwords, only pubkey.

It seems to be tricky...

Well we have options, I could make some RSA keys and we would both use
RSA or he makes some DSA keys.  But now I have tasted blood (we say
in Germany: Blut geleckt...), I want to use both with our existing keys
just like we do at a Linux box we are both accessing where it works
well.


> On Thu, 16 May 2002, Gerrit P. Haase wrote:

>> Inc) schrieb:
>> 
>> >>I did copy him on the original note so he would be aware of the issue,
>> >>but at this point I have completely removed his version (including
>> >>deleting registry keys) and installed the cygwin environment. It appears
>> >>that all of cygwin works when run in a system owned command window, but
>> >>nothing works from an administrator account.
>> 
>> > Can you please acknowledge whether or not you read openssh*.README so that
>> > we know whether you've missed the obvious user rights settings necessary for
>> > the administrator account?
>> 
>> I read it and still have similar problems and there is this:
>> 
>>   "The system account does of course own that user rights by default."
>> 
>> That means SYSTEM is ok and it is the default if I let the
>> ssh-host-config do the service setup.  So I expect no problems here.
>> More:
>> 
>>   Unfortunately, if you choose that way, you can only logon with
>>   NT password authentification and you should change
>>   /etc/sshd_config to contain the following:
>> 
>>     PasswordAuthentication yes
>>     RhostsAuthentication no
>>     RhostsRSAAuthentication no
>>     RSAAuthentication no
>> 
>> 
>> Wow this is like a hammer.  That means I cannot use PublicKey
>> Authentication?  If I cannot use public key authentication, the whole
>> benefit (besides transfering passwords encrypted) is futsch...
>> 
>> If I let them try to guess my password several days there will be at
>> least one intruder every month...
>> 
>> Is this true that PublicKey auth isn't working? (I cannot believe it).
>> 
>> 
>> Gerrit
>> 



-- 
=^..^=


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]