This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: sshd refuses ssh connections
If the mode of the host keys is readable by other, sshd won't start.
/var/log/sshd.log
chmod g+r ssh_host_dsa_key
chmod g+r ssh_host_rsa_key
chmod g+r ssh_host_key
-rwxr-xr-x 1 SYSTEM None 1159 Oct 19 14:42 ssh_config
-rw------- 1 SYSTEM None 668 Oct 19 00:43 ssh_host_dsa_key
-rw-r--r-- 1 SYSTEM None 603 Oct 19 00:43 ssh_host_dsa_key.pub
-rw------- 1 SYSTEM None 528 Oct 19 00:43 ssh_host_key
-rw-r--r-- 1 SYSTEM None 332 Oct 19 00:43 ssh_host_key.pub
-rw------- 1 SYSTEM None 883 Oct 19 00:43 ssh_host_rsa_key
-rw-r--r-- 1 SYSTEM None 223 Oct 19 00:43 ssh_host_rsa_key.pub
-rw-r--r-- 1 SYSTEM None 2807 Oct 19 14:42 sshd_config
/usr/sbin/sshd -D -dd
debug2: load_server_config: filename /etc/sshd_config
debug2: load_server_config: done config len = 187
debug2: parse_server_config: config /etc/sshd_config len 187
debug1: sshd version OpenSSH_3.9p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
/var/empty must be owned by root and not group or world-writable.
Like this, ssh starts.
when you run ssh-host-config, if the keys already exist, it leaves them as
is, which is fine.
netstat -abn -> b is not a vaild option
p4-3000:marcj:{/etc}227 % netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:22 0.0.0.0:0 LISTENING
TCP 127.0.0.1:22 127.0.0.1:1286 TIME_WAIT
TCP 192.168.1.204:22 192.168.1.204:1290 TIME_WAIT
sshd is running again.
The password file is correct for W2K, according to
/usr/share/doc/Cygwin/login.README
p4-3000:marcj:{/etc}224 % ps -ef
UID PID PPID TTY STIME COMMAND
marcj 2016 1 0 14:54:21 /usr/bin/bash
marcj 1580 2016 0 14:54:32 /usr/bin/sh
marcj 2032 1580 0 14:54:34 /usr/X11R6/bin/XWin
marcj 320 1580 0 14:54:39 /usr/X11R6/bin/wmaker
marcj 1212 320 0 14:54:40 /usr/X11R6/bin/wmaker
marcj 2156 1212 ? 14:55:12 /usr/bin/xterm
marcj 2168 2156 1 14:55:13 /usr/bin/tcsh
marcj 2236 1 1 14:55:20 /usr/bin/xterm
marcj 2252 2236 2 14:55:20 /usr/bin/tcsh
marcj 2288 1 1 14:55:27 /usr/bin/xterm
marcj 2332 2288 3 14:55:28 /usr/bin/tcsh
SYSTEM 1156 1 ? 15:04:57 /usr/bin/cygrunsrv
SYSTEM 1716 1156 ? 15:04:57 /usr/sbin/sshd
marcj 284 2252 2 16:04:22 /usr/bin/ps
I have turned off the firewall.
ssh marcj@127.0.0.1
ssh_exchange_identification: Connection closed by remote host
p4-3000:marcj:{/etc}211 % ssh localhost
ssh_exchange_identification: Connection closed by remote host
ssh marcj@192.168.1.204
ssh_exchange_identification: Connection closed by remote host
p4-3000:marcj:{/etc}225 % ssh -vvv localhost
OpenSSH_3.9p1, OpenSSL 0.9.7e 25 Oct 2004
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/marcj/.ssh/identity type -1
debug1: identity file /home/marcj/.ssh/id_rsa type -1
debug1: identity file /home/marcj/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
p4-3000:marcj:{/etc}226 % ssh -vvv marcj@192.168.1.204
OpenSSH_3.9p1, OpenSSL 0.9.7e 25 Oct 2004
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.204 [192.168.1.204] port 22.
debug1: Connection established.
debug1: identity file /home/marcj/.ssh/identity type -1
debug1: identity file /home/marcj/.ssh/id_rsa type -1
debug1: identity file /home/marcj/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
This not good:
ssh_exchange_identification: Connection closed by remote host
Marc
----- Original Message -----
From: "René Berber" <rberber@prodigy.net.mx>
To: <cygwin@cygwin.com>
Sent: Wednesday, October 19, 2005 2:51 PM
Subject: Re: sshd refuses ssh connections
Marc Jourdeuil wrote:
[snip]
> Could not load host key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_dsa_key
This is because of...
> -rw------- 1 SYSTEM None 668 Oct 19 00:43 ssh_host_dsa_key
> -rw------- 1 SYSTEM None 528 Oct 19 00:43 ssh_host_key
> -rw------- 1 SYSTEM None 883 Oct 19 00:43 ssh_host_rsa_key
this, "rw SYSTEM", so nothing strange here.
> inetd is not running, should it? I have ssh in /etc/services. I have no
> /etc/inetd.conf file. Should I?
No.
> I wasn't running any firewall before. I restarted zonealarm, but that
> doesn't seem to be a factor right now.
> It might be later, when I try from another PC.
It will.
>>>ssh: connect to host localhost port 22: Connection refused
There are few possibilities for this, either sshd is not running or the
firewall
prevents the connection... or your user doesn't exist for sshd (see end of
message).
>>> SYSTEM 728 1 ? 00:48:33 /usr/bin/cygrunsrv
>>> SYSTEM 480 728 ? 00:48:33 /usr/sbin/sshd
This looks fine.
>>> Proto Local Address Foreign Address State
>>> TCP 0.0.0.0:22 0.0.0.0:0 LISTENING
Also this, but just to be sure run "netstat -abn" and see if it really is
sshd
(the PID will not match because it is a Windows PID).
>>>I can't edit
>>>/etc/ssh_config file using cygwin or win2k even though I have admin
rights
This is strange, but you don't need to edit it. Look at /etc/passwd, user
marcj
should have group 513 (or the same group as Administrator, I'm not sure if
this
changes from Windows version). BTW did you set your passwd and group files
as
per /usr/share/doc/Cygwin/login.README?
HTH
--
René Berber
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/