This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: SSH and Remote Key authentication


Larry Hall writes:
> 
> At 03:43 PM 2/15/2004, Norman Vine you wrote:
> >Larry Hall writes:
> >> 
> >> At 03:25 PM 2/15/2004, Norman Vine you wrote:
> >> >Hi all
> >> >
> >> >I am trying to use SSH remote key authentication  
> >> >It appears as if the remote $HOST does not like 
> >> >the permissions on my home dir
> >> >
> >> >Any guidance appreciated
> >> >
> >> >$ ssh -v $USER@$HOST
> >
> >> >debug1: Remote: Authentication refused: bad ownership or modes for directory /home/$USER
> >> >                ^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >> > 
> >> 
> >> Sounds like a simple permissions problem on ~/.ssh/identity.  Your best
> >> bet is to read up on openssh docs so that you're sure you get everything 
> >> configured correctly
> >
> >AFAICT I have the correct permissions on ~/.ssh/identity
> >and the permissions on the $HOST files are identical to 
> >those that admin@$HOST uses to connect from a remote Linux machine
> >
> >$ cd ~
> >$ ls -la .ssh/identity
> >-rw-------    1 $USER      None          525 Feb 12 14:51 .ssh/identity
> 
> OK then.  I agree, that looks fine.  So since this is all the information
> you've given, besides a possible implication that you can ssh to the $HOST
> machine from a Linux machine, I can't really help much.  

I do appreciate your help, and hopefully I have included enough info this time :-)

> If you can ssh in
> from a Linux machine, try comparing all differences between that machine
> and the problem "box" and see if you can find what's missing.  

Note I can ssh in using password authrntication from my Cygwin box 
hence the subject line 
but you are correct I should have explicitly stated this.

> You could 
> also turn on debugging on the server to help, though I think the message
> you got already is pretty clear about what it thinks the problem is.  Check
> the permissions real close (use 'getfacl' if you need to), 

I too am reasonably sure this is a 'local permissions' problem 
i.e. The remote sshd daemon does not believe my identity file is secure

My problem is that I do not know what the proper permissions should be, and 
AFAIK these are the permissions set by the the Cygwin install proceedure as
I do not believe I have touched them

$ ls -ld /
drwxrwxr-x+  20 admins   Administ 14520320 Feb 10 16:27 /

$ ls -ld /home
drwxrwxr-x+   8 admins   Administ     4096 Nov  3  2001 /home

$ ls -ld /home/nhv
drwxr-xr-x+  21 nhv      None        32768 Feb 13 06:29 /home/nhv

$ ls -ld /home/nhv/.ssh
drwx------+   3 nhv      None         4096 Feb 12 13:49 /home/nhv/.ssh

$ ls -ld /home/nhv/.ssh/identity
-rw-------    1 nhv      None          525 Feb 12 14:51 /home/nhv/.ssh/identity

attached find the result of 
 cygcheck -s -v -r > cygcheck.out

Thanks again

Norman

Attachment: cygcheck.out
Description: Binary data

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]