Harig, Mark A. wrote:
Thanks to mention this thread, but this can't fix the problem of windows shared home directories:You might try reading a recent thread of messages in the mailing list archive with the subject line: "Is RSA authentication on SSH still broken?" It started back on 5 November 2002.
i.e.:
You have your home directory on a SGI UNIX host called anyhost.
You set permissions of your home directory to 700, you set permissions of your .ssh directory to 700
you hide all files of .ssh (600).
Your entry in passwd might be:
the_king::1:1:Elvis Presley,U-STILLHERE\elvis,S-1-5-21-1234-5678-9012-1000:://anyhost/the_king:/bin/bash
Now you are a windows shared user and permissions of all your shared files and folders give read permission to anyone:
permissions of your .ssh on UNIX host anyhost:
-rw------- 1 mk group 545 Nov 20 08:48 authorized_keys
-rw------- 1 mk group 546 Nov 20 08:48 authorized_keys2
-rw------- 1 mk group 887 Nov 19 13:44 id_rsa
-rw------- 1 mk group 218 Nov 19 13:44 id_rsa.pub
-rw------- 1 mk group 523 Nov 19 13:44 identity
-rw------- 1 mk group 327 Nov 19 13:44 identity.pub
-rw------- 1 mk group 1442 Nov 20 11:50 known_hosts
-rw------- 1 mk group 512 Nov 20 11:50 random_seed
permissions of your .ssh inside ssh session on Windows host:
-rw-r--r-- 1 mk Domain U 545 Nov 20 08:48 authorized_keys
-rw-r--r-- 1 mk Domain U 546 Nov 20 08:48 authorized_keys2
-rw-r--r-- 1 mk Domain U 887 Nov 19 13:44 id_rsa
-rw-r--r-- 1 mk Domain U 218 Nov 19 13:44 id_rsa.pub
-rw-r--r-- 1 mk Domain U 523 Nov 19 13:44 identity
-rw-r--r-- 1 mk Domain U 327 Nov 19 13:44 identity.pub
-rw-r--r-- 1 mk Domain U 1442 Nov 20 11:50 known_hosts
-rw-r--r-- 1 mk Domain U 512 Nov 20 11:52 random_seed
Thus ssh demon must reject your identity file because it is readable by anyone!
I would like to setup CYGWIN to hide all user files all others but to have access to all local files and folders of Windows host according to security settings of the files.
Doe's anyone knows?
-----Original Message-----
From: Manfred Köhler [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 20, 2002 11:34 AM
To: Harig, Mark A.
Cc: [EMAIL PROTECTED]
Subject: Re: sshd: server refused our key
Mark,
I think we can't solve the problem, because my home is a windows share.
Every windows share is mounted with permission 755! Therefore sshd rejects the files ins ~/.ssh which should be private.
So I'm prompted for password.
Please refer http://sources.redhat.com/ml/cygwin/2001-10/msg01011.html
Manfred
Harig, Mark A. wrote:
Please keep all replies on the cygwin mailing-----------
list. This helps you because more people are
able to diagnose your problem. It helps
others because they are able to search the
mailing list archives for useful information.
1. In your reply below, you list the following
for your home directory:
drwxr-xr-x 138 mk group 24576 Nov 20 11:48 .Try:
chmod 750 ~
chgrp SYSTEM ~
2. And for your ~/.ssh directory:
drwxr-xr-x 2 mk group 4096 Nov 19 13:44 .sshTry:
chmod 700 ~/.ssh
Please change both ~ and ~/.ssh. It is not enough to only
change one.
If these changes do not fix your problem, then please
include the output of the 'mount' command in your
reply.
-----Original Message-----
From: Manfred Köhler [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 20, 2002 5:58 AM
To: Harig, Mark A.
Subject: Re: RE: sshd: server refused our key
"Harig, Mark A." <[EMAIL PROTECTED]> schrieb am 19.11.02 17:11:23:
As requested at http://cygwin.com/bugs.html:ssh-host-config -y
o Please describe how to reproduce the problem,
including a test case, if possible.
In your case, please list the commands that you ran
to set up sshd on your Cygwin machine.
...set cygwin to defaults
chmod 755 /var/empty
mkgroup -l -d domain>/etc/group
mkpasswd -l -d domain>/etc/passwd
o Please include at least the version number of thePlease refer attached file.
Cygwin release you are using along with the operating system name and its version number,
for example, "cygwin v1.3.13 under NT 4.0".
o Most of the information about your Cygwin environmentPlease refer attached file
is listed by running 'cygcheck -s -v -r > cygcheck.txt'.
Please include cygcheck.txt *AS AN ATTACHMENT* to your
report. It is important that you include it as an
attachment so that searches of the mailing-list archives
give fewer false matches.
Some things to check (that is, email back to this mailing list):drwxr-xr-x 138 mk group 24576 Nov 20 11:48 .
The permissions and ownership of:
- your home directory
- your home/.ssh directorydrwxr-xr-x 2 mk group 4096 Nov 19 13:44 .ssh
- your home/.ssh filesseen on UNIX:
-rw-r--r-- 1 mk group 545 Nov 20 08:48 authorized_keys
-rw-r--r-- 1 mk group 546 Nov 20 08:48 authorized_keys2
-rw------- 1 mk group 887 Nov 19 13:44 id_rsa
-rw-r--r-- 1 mk group 218 Nov 19 13:44 id_rsa.pub
-rw------- 1 mk group 523 Nov 19 13:44 identity
-rw-r--r-- 1 mk group 327 Nov 19 13:44 identity.pub
-rw-r--r-- 1 mk group 1442 Nov 20 11:50 known_hosts
-rw------- 1 mk group 512 Nov 20 11:50 random_seed
seen inside ssh session:
-rw-r--r-- 1 mk Domain U 545 Nov 20 08:48 authorized_keys
-rw-r--r-- 1 mk Domain U 546 Nov 20 08:48 authorized_keys2
-rw-r--r-- 1 mk Domain U 887 Nov 19 13:44 id_rsa
-rw-r--r-- 1 mk Domain U 218 Nov 19 13:44 id_rsa.pub
-rw-r--r-- 1 mk Domain U 523 Nov 19 13:44 identity
-rw-r--r-- 1 mk Domain U 327 Nov 19 13:44 identity.pub
-rw-r--r-- 1 mk Domain U 1442 Nov 20 11:50 known_hosts
-rw-r--r-- 1 mk Domain U 512 Nov 20 11:52 random_seed
I do not know why private files become readable for everyone. There is also a samba server
running to mount files on Windows.
Hopefully these informations will help you to solve the problem.
-------------------------------------------------------------
Cygwin Win95/NT Configuration DiagnosticsGenuineIntel'
Current System Time: Tue Nov 05 17:34:00 2002
Windows 2000 Professional Ver 5.0 Build 2195 Service Pack 3
Path: C:\cygwin\usr\local\bin
C:\cygwin\bin
C:\cygwin\bin
c:\WINNT\system32
c:\WINNT
c:\WINNT\System32\Wbem
c:\WINNT\system32\nls
c:\WINNT\system32\nls\English
c:\Programme\Gemeinsame Dateien\Adaptec Shared\System
c:\Programme\Rational\ClearCase\bin
c:\Programme\TclTk\bin
Z
.
Y
.
X
.
C:\cygwin\usr\X11R6\bin
SysDir: C:\WINNT\System32
WinDir: C:\WINNT
HOME = `C:\cygwin\home\weberr'
MAKE_MODE = `unix'
PWD = `/home/weberr'
USER = `weberr'
ALLUSERSPROFILE = `C:\Dokumente und Einstellungen\All Users'
APPDATA = `C:\Dokumente und Einstellungen\weberr\Anwendungsdaten'
CLEARCASE_PRIMARY_GROUP = `pars'
COMMONPROGRAMFILES = `C:\Programme\Gemeinsame Dateien'
COMPUTERNAME = `XTERM1192'
COMSPEC = `C:\WINNT\system32\cmd.exe'
HOMEDRIVE = `C:'
HOMEPATH = `\'
LOGONSERVER = `\\XTERM1192'
MANPATH = `:/usr/ssl/man'
NUMBER_OF_PROCESSORS = `1'
NWLANGUAGE = `DEUTSCH'
NWUSERNAME = `weberr'
OLDPWD = `/usr/bin'
OS2LIBPATH = `C:\WINNT\system32\os2\dll;'
OS = `Windows_NT'
PATHEXT = `%PATHEXT%;.tcl'
PROCESSOR_ARCHITECTURE = `x86'
PROCESSOR_IDENTIFIER = `x86 Family 15 Model 2 Stepping 4,
PROCESSOR_LEVEL = `15'v2\/usr/bin
PROCESSOR_REVISION = `0204'
PROGRAMFILES = `C:\Programme'
PROMPT = `$P$G'
PS1 = `\[\033]0;\w\007
\033[32m\]\u@\h \[\033[33m\w\033[0m\]
$ '
SHLVL = `1'
SYSTEMDRIVE = `C:'
SYSTEMROOT = `C:\WINNT'
TEMP = `c:\DOKUME~1\weberr\LOKALE~1\Temp'
TERM = `cygwin'
TMP = `c:\DOKUME~1\weberr\LOKALE~1\Temp'
USERDOMAIN = `XTERM1192'
USERNAME = `weberr'
USERPROFILE = `C:\Dokumente und Einstellungen\weberr'
WINDIR = `C:\WINNT'
WINDOWS_LOGIN = `0'
_ = `/usr/bin/cygcheck'
HKEY_CURRENT_USER\Software\Cygnus Solutions
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\mounts v2
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\Program Options
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2
(default) = `/cygdrive'
cygdrive flags = 0x00000022
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/
(default) = `C:\cygwin'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts
(default) = `C:\cygwin/bin'v2\/usr/lib
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts
(default) = `C:\cygwin/lib'v2\/usr/X11R6/lib/X11/fonts
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts
(default) = `C:\cygwin\usr\X11R6\lib\X11\fonts'system binmode
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\Program Options
a: fd N/A N/A c: hd NTFS 76316Mb 4% CP CS UN PA FC XTERM1192
d: cd N/A N/A e: cd N/A N/A f: hd NTFS 76316Mb 1% CP CS UN PA FC Datenträger
g: net MVFS 1000Mb 50% CP CS CCase
i: net NWFS 43373Mb 97% CP VOL2
k: net NWFS 800Mb 74% CP SYS
l: net NWFS 15477Mb 99% CP VOL1
m: net MVFS 1000Mb 50% CP CS CCase
p: net NWFS 33809Mb 97% CP VOL1
r: net NWFS 208352Mb 95% CP VOL1
u: net NWFS 43373Mb 97% CP VOL2
x: net NWFS 43373Mb 97% CP VOL2
y: net NWFS 800Mb 74% CP SYS
z: net NWFS 15477Mb 99% CP VOL1
C:\cygwin /
C:\cygwin/bin /usr/binsystem binmode
C:\cygwin/lib /usr/libsystem binmode
C:\cygwin\usr\X11R6\lib\X11\fonts /usr/X11R6/lib/X11/fontssystem binmode
. /cygdriveuser binmode,cygdrive
Found: C:\cygwin\bin\bash.exeimg=1.0 sys=4.0
Found: C:\cygwin\bin\cat.exe
Found: \bin\cat.exe
Warning: C:\cygwin\bin\cat.exe hides \bin\cat.exe
Not Found: cpp (good!)
Found: C:\cygwin\bin\find.exe
Not Found: gcc
Not Found: gdb
Not Found: ld
Found: C:\cygwin\bin\ls.exe
Not Found: make
Found: C:\cygwin\bin\sh.exe
58k 2002/05/07 C:\cygwin\bin\cygbz2-1.dll - os=4.0 img=1.0 sys=4.0
"cygbz2-1.dll" v0.0 ts=2002/5/7 8:33
625k 2002/08/09 C:\cygwin\bin\cygcrypto.dll - os=4.0
"cygcrypto.dll" v0.0 ts=2002/8/9 22:20img=1.0 sys=4.0
45k 2001/04/25 C:\cygwin\bin\cygform5.dll - os=4.0 img=1.0 sys=4.0
"cygform5.dll" v0.0 ts=2001/4/25 7:28
35k 2002/01/09 C:\cygwin\bin\cygform6.dll - os=4.0 img=1.0 sys=4.0
"cygform6.dll" v0.0 ts=2002/1/9 7:03
19k 2002/02/20 C:\cygwin\bin\cyggdbm.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm.dll" v0.0 ts=2002/2/20 4:05
17k 2001/06/28 C:\cygwin\bin\cyghistory4.dll - os=4.0
"cyghistory4.dll" v0.0 ts=2001/1/7 5:34img=1.0 sys=4.0
20k 2002/10/10 C:\cygwin\bin\cyghistory5.dll - os=4.0
"cyghistory5.dll" v0.0 ts=2002/10/10 19:28img=1.0 sys=4.0
929k 2002/06/24 C:\cygwin\bin\cygiconv-2.dll - os=4.0
"cygiconv-2.dll" v0.0 ts=2002/6/24 20:24img=1.0 sys=4.0
22k 2001/12/13 C:\cygwin\bin\cygintl-1.dll - os=4.0
"cygintl-1.dll" v0.0 ts=2001/12/13 10:28img=1.0 sys=4.0
28k 2002/09/20 C:\cygwin\bin\cygintl-2.dll - os=4.0
"cygintl-2.dll" v0.0 ts=2002/9/20 5:13img=1.0 sys=4.0
21k 2001/06/20 C:\cygwin\bin\cygintl.dll - os=4.0 img=1.0 sys=4.0
"cygintl.dll" v0.0 ts=2001/6/20 19:09
81k 2000/12/05 C:\cygwin\bin\cygitcl30.dll - os=4.0
"cygitcl30.dll" v0.0 ts=2000/11/26 2:43img=1.0 sys=4.0
35k 2000/12/05 C:\cygwin\bin\cygitk30.dll - os=4.0 img=1.0 sys=4.0
"cygitk30.dll" v0.0 ts=2000/11/26 2:43
119k 2002/02/09 C:\cygwin\bin\cygjpeg6b.dll - os=4.0
"cygjpeg6b.dll" v0.0 ts=2002/2/9 6:19img=1.0 sys=4.0
26k 2001/04/25 C:\cygwin\bin\cygmenu5.dll - os=4.0 img=1.0 sys=4.0
"cygmenu5.dll" v0.0 ts=2001/4/25 7:27
20k 2002/01/09 C:\cygwin\bin\cygmenu6.dll - os=4.0 img=1.0 sys=4.0
"cygmenu6.dll" v0.0 ts=2002/1/9 7:03
156k 2001/04/25 C:\cygwin\bin\cygncurses++5.dll - os=4.0
"cygncurses++5.dll" v0.0 ts=2001/4/25 7:29img=1.0 sys=4.0
175k 2002/01/09 C:\cygwin\bin\cygncurses++6.dll - os=4.0
"cygncurses++6.dll" v0.0 ts=2002/1/9 7:03img=1.0 sys=4.0
226k 2001/04/25 C:\cygwin\bin\cygncurses5.dll - os=4.0
"cygncurses5.dll" v0.0 ts=2001/4/25 7:17img=1.0 sys=4.0
202k 2002/01/09 C:\cygwin\bin\cygncurses6.dll - os=4.0
"cygncurses6.dll" v0.0 ts=2002/1/9 7:03img=1.0 sys=4.0
15k 2001/04/25 C:\cygwin\bin\cygpanel5.dll - os=4.0
"cygpanel5.dll" v0.0 ts=2001/4/25 7:27img=1.0 sys=4.0
12k 2002/01/09 C:\cygwin\bin\cygpanel6.dll - os=4.0
"cygpanel6.dll" v0.0 ts=2002/1/9 7:03img=1.0 sys=4.0
40k 2001/11/21 C:\cygwin\bin\cygpcre.dll - os=4.0 img=1.0 sys=4.0
"cygpcre.dll" v0.0 ts=2001/11/21 23:15
39k 2001/11/21 C:\cygwin\bin\cygpcreposix.dll - os=4.0
"cygpcreposix.dll" v0.0 ts=2001/11/21 23:15img=1.0 sys=4.0
175k 2002/07/22 C:\cygwin\bin\cygpng10.dll - os=4.0 img=1.0 sys=4.0
"cygpng10.dll" v0.0 ts=2002/7/22 17:51
22k 2002/06/09 C:\cygwin\bin\cygpopt-0.dll - os=4.0
"cygpopt-0.dll" v0.0 ts=2002/6/9 7:45img=1.0 sys=4.0
108k 2001/06/28 C:\cygwin\bin\cygreadline4.dll - os=4.0
"cygreadline4.dll" v0.0 ts=2001/1/7 5:34img=1.0 sys=4.0
127k 2002/10/10 C:\cygwin\bin\cygreadline5.dll - os=4.0
"cygreadline5.dll" v0.0 ts=2002/10/10 19:28img=1.0 sys=4.0
159k 2002/08/09 C:\cygwin\bin\cygssl.dll - os=4.0 img=1.0 sys=4.0
"cygssl.dll" v0.0 ts=2002/8/9 22:20
390k 2000/12/05 C:\cygwin\bin\cygtcl80.dll - os=4.0 img=1.0 sys=4.0
"cygtcl80.dll" v0.0 ts=2000/11/26 2:39
5k 2000/12/05 C:\cygwin\bin\cygtclpip80.dll - os=4.0
10k 2000/12/05 C:\cygwin\bin\cygtclreg80.dll - os=4.0img=1.0 sys=4.0
"cygtclreg80.dll" v0.0 ts=2000/11/26 2:39- os=4.0 img=1.0 sys=4.0
253k 2002/02/10 C:\cygwin\bin\cygtiff3.dll - os=4.0 img=1.0 sys=4.0
"cygtiff3.dll" v0.0 ts=2002/2/10 9:34
623k 2000/12/05 C:\cygwin\bin\cygtk80.dll - os=4.0 img=1.0 sys=4.0
"cygtk80.dll" v0.0 ts=2000/11/26 2:43
50k 2002/03/12 C:\cygwin\bin\cygz.dll - os=4.0 img=1.0 sys=4.0
"cygz.dll" v0.0 ts=2002/3/12 5:38
905k 2002/10/24 C:\cygwin\bin\cygwin1.dll - os=4.0 img=1.0 sys=4.0
"cygwin1.dll" v0.0 ts=2002/10/24 16:48
Cygwin DLL version info:
DLL version: 1.3.14
DLL epoch: 19
DLL bad signal mask: 19005
DLL old termios: 5
DLL malloc env: 28
API major: 0
API minor: 62
Shared data: 3
DLL identifier: cygwin1
Mount registry: 2
Cygnus registry name: Cygnus Solutions
Cygwin registry name: Cygwin
Program options name: Program Options
Cygwin mount registry name: mounts v2
Cygdrive flags: cygdrive flags
Cygdrive prefix: cygdrive prefix
Cygdrive default prefix: Build date: Thu Oct 24 10:48:11 EDT 2002
Shared id: cygwin1S3
41k 2002/05/14 C:\cygwin\usr\X11R6\bin\cygPropList-0.dll
"cygPropList-0.dll" v0.0 ts=2002/5/14 5:13Einstellungen\weberr\Eigene Dateien\CygWin
Cygwin Package Information
Last downloaded files to: C:\Dokumente und
Last downloaded files from:http://ftp-stud.fht-esslingen.de/pub/Mirrors/sources.redhat.com/cygwin
Package Version WindowMaker 0.80.0-2 XFree86-base 4.2.0-1 XFree86-bin 4.2.0-2 XFree86-doc 4.2.0-1 XFree86-etc 4.2.0-1 XFree86-f100 4.2.0-2 XFree86-fcyr 4.2.0-2 XFree86-fenc 4.2.0-2 XFree86-fnts 4.2.0-2 XFree86-fscl 4.2.0-2 XFree86-fsrv 4.2.0-1 XFree86-html 4.2.0-1 XFree86-jdoc 4.2.0-1 XFree86-lib 4.2.0-3 XFree86-man 4.2.0-1 XFree86-nest 4.2.0-1 XFree86-prog 4.2.0-1 XFree86-prt 4.2.0-1 XFree86-ps 4.2.0-1 XFree86-startup-scripts4.2.0-3 XFree86-vfb 4.2.0-1 XFree86-xserv 4.2.0-15 Xaw3d 1.5-1 _update-info-dir 00078-1 ash 20020731-1 base-files 1.0-1 base-passwd 1.0-1 bash 2.05b-5 bzip2 1.0.2-2 cgoban 1.9.12-1 clear 1.0-1 crypt 1.0-1 cygrunsrv 0.95-1 cygutils 1.1.2-1 cygwin 1.3.14-1 cygwin-doc 1.2-1 diff 1.0-1 diffutils 2.8.1-1 file 3.37-1 fileutils 4.1-1 findutils 4.1.7-4 fvwm 2.4.7-2 gawk 3.1.1-5 gdbm 1.8.0-4 gettext 0.11.5-1 gnugo 3.2-1 grep 2.5-1 groff 1.17.2-1 gzip 1.3.3-4 inetutils 1.3.2-19 jpeg 6b-7 less 374-1 lesstif 0.93.18-3 libPropList 0.10.1-3 libbz2_1 1.0.2-2 libiconv2 1.8-2 libintl 0.10.38-3 libintl1 0.10.40-1 libintl2 0.11.5-1 libncurses5 5.2-1 libncurses6 5.2-8 libpng10 1.0.14-2 libpopt0 1.6.4-4 libreadline4 4.1-2 libreadline5 4.3-2 login 1.4-4 man 1.5g-2 ncurses 5.2-8 newlib-man 20020801 openbox 0.99.1-3 openssh 3.4p1-5 openssl 0.9.6g-1 patch 2.5-3 pcre 3.7-1 readline 4.3-2 sed 3.02-1 sh-utils 2.0-2 tar 1.13.25-1 tcltk 20001125-1 termcap 20020930-1 terminfo 5.2-3 texinfo 4.2-4 textutils 2.0.21-1 tiff 3.5.7-1 time 1.7-1 units 1.77-1 vim 6.1-2 wget 1.8.2-1 which 1.5-1 x2x 1.27-2 zlib 1.1.4-1
Use -h to see help about each section
-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/