On Wed, Feb 7, 2024 at 3:26 AM Frank-Ulrich Sommer via Cygwin <cygwin@cygwin.com> wrote: > On 06.02.2024 22:22, Brian Inglis via Cygwin wrote: > > On 2024-02-05 18:36, Eliot Moss via Cygwin wrote: > >> On 2/5/2024 8:28 PM, Frank-Ulrich Sommer via Cygwin wrote: > >>> On 05.02.2024 00:53, Frank-Ulrich Sommer via Cygwin wrote: > >>>> I'm trying to run cygsshd on my PC with Windows 11 and connect from a > >>>> linux machine. I have added the public key to > >>>> /cygdrive/c/Users/xxx/.ssh/authorized_keys and created a symbolic link > >>>> from /cygdrive/c/Users/xxx/.ssh to /home/xxx/.ssh. As usual I checked > >>>> the access rights and mode of the .ssh directory (700 and belongs to > >>>> user xxx) and the authorized_keys file (600 and also belongs to user > >>>> xxx) and also of the home directory (had to change ownership).
> The problem seems to be that OpenSSH does not even arrive at checking the > home diretory or the .ssh directory. It starts checking every directory in > the path and fails already at "/cygdrive/c/Users". Now that I know how to get > the sources I added debug output to the error message. OpenSSH sees this > directory as belonging to user with UID 18 and it has mode 4750. Mode ist > checked not to contain 0022 which is fine here. Then it checks that the owner > is the correct system user and the only criteria is that the UID must be > zero. Only for AIX and HPUX the user "bin" with UID 2 is also accepted. So > this check fails and OpenSSH assumes that the directory does not belong to > the correct privileged system user. > > I think the only way to fix this with the current OpenSSH is disabling strict > mode, but normally I'm quite reluctant to do something like that.2 > what is the issue on using /home/USER/.ssh folder ? I prefer to leave the Cygwin Home and the Windows Home well separated to avoid this ACL collision $ set | grep -i ^home HOME=/home/matzeri HOMEDRIVE=C: HOMEPATH='\Users\matzeri' -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
