On Mon, Nov 11, 2002 at 10:57:22AM -0500, Harig, Mark A. wrote:
> > Harig, Mark A. <[EMAIL PROTECTED]> wrote:
> I have been using option 1. My question comes from the fact
> that Corinna Vinschen recommended that ~/.ssh be set to 700
> (which is what 'set-keygen' sets it to) and that she had
> poi
On Mon, 11 Nov 2002, Harig, Mark A. wrote:
> > >chmod 700 ~ && \
> > ^^^
> > This is your problem. By setting home and .ssh to 700 you
> > disallow sshd to
> > stat() ~/.ssh. Cygwin has two chances to retrieve
> > information about a file
> > or directory, by either call
>
> Harig, Mark A. <[EMAIL PROTECTED]> wrote:
> > OK. So, it appears that Cygwin users
> > of openssh have one of two options:
> >
> > 1. chmod 700 ~
> >chgrp 18 ~/.ssh
> >chmod 750 ~/.ssh
> >
> > or
> >
> > 2. chmod 755 ~
> >chmod 700 ~/.ssh
> >
> > Do you have a recommendation on wh
Harig, Mark A. <[EMAIL PROTECTED]> wrote:
> OK. So, it appears that Cygwin users
> of openssh have one of two options:
>
> 1. chmod 700 ~
>chgrp 18 ~/.ssh
>chmod 750 ~/.ssh
>
> or
>
> 2. chmod 755 ~
>chmod 700 ~/.ssh
>
> Do you have a recommendation on which of
> these two options is m
> >chmod 700 ~ && \
> ^^^
> This is your problem. By setting home and .ssh to 700 you
> disallow sshd to
> stat() ~/.ssh. Cygwin has two chances to retrieve
> information about a file
> or directory, by either calling FindFileFirst() or by trying
> to open the
> file a
On Fri, Nov 08, 2002 at 11:37:11AM -0500, Harig, Mark A. wrote:
>chmod 700 ~ && \
^^^
This is your problem. By setting home and .ssh to 700 you disallow sshd to
stat() ~/.ssh. Cygwin has two chances to retrieve information about a file
or directory, by either calling Find
Harig, Mark A. <[EMAIL PROTECTED]> wrote:
>> On Thu, Nov 07, 2002 at 06:54:48PM -0500, Harig, Mark A. wrote:
>>> I must be missing a piece of information. Setting the
>>> permissions of ~/.ssh to 700 causes ssh to require me
>>> to enter a password, that is, the encryption-key processing
>>> is f
>
> On Thu, Nov 07, 2002 at 06:54:48PM -0500, Harig, Mark A. wrote:
> > I must be missing a piece of information. Setting the
> > permissions of ~/.ssh to 700 causes ssh to require me
> > to enter a password, that is, the encryption-key processing
> > is failing. Setting the permissions of ~/.ss
On Thu, Nov 07, 2002 at 06:54:48PM -0500, Harig, Mark A. wrote:
> I must be missing a piece of information. Setting the
> permissions of ~/.ssh to 700 causes ssh to require me
> to enter a password, that is, the encryption-key processing
> is failing. Setting the permissions of ~/.ssh to 750 (if
>
> First, the directory permission doesn't restrict the access for SYSTEM
> due to the standard "Bypass traverse checking" setting on NT.
> So setting
> the .ssh permissions to 0700 is perfectly fine.
>
I must be missing a piece of information. Setting the
permissions of ~/.ssh to 700 causes
On Thu, Nov 07, 2002 at 11:51:16AM -0500, Harig, Mark A. wrote:
> Thank you for the clarification!
>
> This presents an interesting situation.
> Users who run 'ssh-keygen' (either directly,
> or indirectly using 'ssh-host-config'),
> find that they are not able to run ssh
> because of the permissi
Thank you for the clarification!
This presents an interesting situation.
Users who run 'ssh-keygen' (either directly,
or indirectly using 'ssh-host-config'),
find that they are not able to run ssh
because of the permissions of ~/.ssh/
(and, later, ~/.ssh/authorized_keys*), even
though their permis
On Wed, Nov 06, 2002 at 07:19:40PM -0500, Harig, Mark A. wrote:
> >
> > chmod 755 $HOME/.ssh
> > chmod 644 $HOME/.ssh/authorized_keys*
> >
> > I had $HOME set to 700 and authorized_keys* to 600 before and that
> > somehow broke RSA authentication - it is odd that stricter permissions
> > would ca
>
> chmod 755 $HOME/.ssh
> chmod 644 $HOME/.ssh/authorized_keys*
>
> I had $HOME set to 700 and authorized_keys* to 600 before and that
> somehow broke RSA authentication - it is odd that stricter permissions
> would cause that. I suppose this is because the SYSTEM or
> sshd user need
> to read
one of these).
>
> $ chmod 600 identity (or id_rsa or id_dsa, etc.)
>
>
> > -Original Message-
> > From: Antonio Bemfica [mailto:antonio@;axolotl.ic.gc.ca]
> > Sent: Tuesday, November 05, 2002 5:32 PM
> > To: [EMAIL PROTECTED]
> > Subject:
ca]
> Sent: Tuesday, November 05, 2002 5:32 PM
> To: [EMAIL PROTECTED]
> Subject: Is RSA authentication on SSH still broken?
>
>
> Hello
>
> Could someone clarify whether RSA authentication is still not possible
> when running SSH as the SYSTEM user? I have Cygwin
-Original Message-
> From: Antonio Bemfica [mailto:antonio@;axolotl.ic.gc.ca]
> Sent: Tuesday, November 05, 2002 5:32 PM
> To: [EMAIL PROTECTED]
> Subject: Is RSA authentication on SSH still broken?
>
>
> Hello
>
> Could someone clarify whether RSA authentication i
Hello
Could someone clarify whether RSA authentication is still not possible
when running SSH as the SYSTEM user? I have Cygwin 1.3.14-1 and OpenSSH
3.4p1-5 and can only login via password authentication (I am familiar
with the process to effect RSA authentication under Unix). I have also
tightene
18 matches
Mail list logo
