Never ending SSHD story: offering public key terminates connection

[Ilya Dogolazky <ilya dot dogolazky at nokia dot com>]

Hello !

Using information posted provided by PolarStorm 
(https://www.cygwin.com/ml/cygwin/2014-12/msg00205.html) I managed to 
start the SSH daemon. As usual I started with a virgin virtual machine, 
installed Windows
OS from DVD image, downloaded setup-x86_64.exe from cygwin.com, started 
it, added openssh package to the default set of packages, didn't change 
any package version. After the installer finished, I right clicked the 
terminal icon and started the Admin shell.  The transcript from this 
shell is attached as "log". The output of "cygcheck -s -v -r" is 
attached as well.

The SSHD kinda works now, but not properly. Let's see what does it mean.
First I tried to connect to my own cygwin host:

ilya@w9 ~ $ ssh localhost /bin/echo BLAH
ilya@localhost's password: [ *** typing my password here *** ]
BLAH
ilya@w9 ~ $

So... the connection, password authentication and remote execution work 
fine.

Now I want to create a key pair first, and later try to use this pair to 
log in without typing my password. So let's create it:

ilya@w9 ~ $ ssh-keygen.exe
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ilya/.ssh/id_rsa): [ *** 
pressing ENTER here *** ]
Enter passphrase (empty for no passphrase): [ *** pressing ENTER here *** ]
Enter same passphrase again: [ *** pressing ENTER here *** ]
Your identification has been saved in /home/ilya/.ssh/id_rsa.
Your public key has been saved in /home/ilya/.ssh/id_rsa.pub.
[ *** cut away key fingerprint and randomart image *** ]

Great, now we have a key pair, but the public part is not copied yet to 
the .ssh/autorized_keys file, therefore the next connection should first 
try to offer the key, the key must be rejected as not autorized and 
after that the next authentication method must be the password again, so 
let's try it:

ilya@w9 ~ $ ssh localhost /bin/echo BLAH
Connection closed by ::1
ilya@w9 ~

Oops, this is a surprize! Nobody asked for the password, the server just 
closed the connection. Let's try to be more verbose:

ilya@w9 ~ $ ssh -v localhost /bin/echo BLAH
OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014
   [ *** I removed 37 boring lines from here, see attachment for the 
full transcript *** ]
debug1: Authentications that can continue: 
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ilya/.ssh/id_rsa
Connection closed by ::1
ilya@w9 ~

So, now let's try to avoid key usage:

ilya@w9 ~ $ ssh localhost -o PubkeyAuthentication=no /bin/echo BLAH
ilya@localhost's password:
BLAH
ilya@w9 ~

This works perfectly.

The last game is to copy the public part into the autorized_keys file:

ilya@w9 ~ $ cp .ssh/id_rsa.pub .ssh/autorized_keys && chmod 600 
.ssh/autorized_keys
ilya@w9 ~ $ ssh localhost  /bin/echo BLAH
Connection closed by ::1

The summary: a client offering a key is a reason enough for the server 
just to say goodbye and terminate the connection.  The file 
/var/log/sshd.log is present on my system, but it is empty. I tried to 
increase the log level in sshd_config file, but it doesn't work: the log 
file is always empty, so I don't have a clue what's happening on the 
server side.  Neither can I start the sshd manually with the '-d' flag, 
because of some permission error I don't understand.

Any help is appreciated!

Does anyone use the cygwin SSHD with a key pair nowadays?

Happy new year to everyone again.

Ilya Dogolazky

Attachment: log
Description: Text document

Attachment: cygcheck.out
Description: Text document

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple