This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Question about cygwin sshd and StrictModes


I have a question about the /etc/sshd_config file under cygwin.  I have cygwin v1.5.5 and openssh 

Cygwin Package Information
Package                 Version
cygwin                  1.5.5-1
cygwin-doc              1.3-6

openssh                 3.7.1p2-1
openssl                 0.9.7c-1
openssl-devel           0.9.7c-1
openssl096              0.9.6j-1

What is the recommended technique to allow for ssh without passwords?  Here is my procedure:
  1)  on the server, ssh-host-config
  2)  on the server, ssh-keygen -d (no passkey e.g. blank)
  3)  on the server, net start sshd

  4)  on the client, ssh-keygen -d (no passkey e.g. blank)
  5)  on the client, scp ~/.ssh/id_dsa.pub qar50s1:

  6)  on the server, cat id_dsa.pub >> .ssh/authorized_keys2

All of this works just fine until I change the /etc/sshd_config file to set StrictModes to yes

[sshd_config]
StrictModes yes


What do I have to do to make this work?  Here is the debug output:

OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to qar50s1 [10.11.50.1] port 22.
debug1: Connection established.
debug1: identity file /home/mberney/.ssh/identity type -1
debug1: identity file /home/mberney/.ssh/id_rsa type -1
debug1: identity file /home/mberney/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.7.1p2
debug1: match: OpenSSH_3.7.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'qar50s1' is known and matches the RSA host key.
debug1: Found key in /home/mberney/.ssh/known_hosts:85
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/mberney/.ssh/identity
debug1: Trying private key: /home/mberney/.ssh/id_rsa
debug1: Offering public key: /home/mberney/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
root@qar50s1's password:

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]