RE: Antwort: RE: how to get openssh-3.4 working on w2k?

["Harig, Mark A." <maharig at idirect dot net>]

>From your attached 'cygcheck' output, you appear to
be running Cygwin 1.3.14 on Win2K, on a drive (C:)
that is using the NTFS filesystem.  Because 1.3.14
turns on 'ntsec' by default, you should be able
to manipulate the UNIX-like file permissions.

try:

  $ ls -ld $HOME
  $HOME should have its permissions set to 700
  (only you need access to your home directory)

  $ cd $HOME
  $ ls -ld .ssh
  ~/.ssh permissions should be set to 700, but
  I've seen versions of ssh that required this
  to be 755.

  $ cd .ssh
  $ ls -l authorized_keys*
  Your authorized_keys file(s) permissions should
  be set to 600.

  $ ls -l identity id_rsa id_dsa
  Your private-key file(s) permissions should be
  set to 600

  $ ls -l identity.pub id_rsa.pub id_dsa.pub
  Your public-key files should be readable (+r).

Also, consider deleting your ~/.ssh/known_hosts
file and letting ssh regenerate it to fix the 
warning message that you are getting.

> -----Original Message-----
> From: Ralf.Weber@bgt.de [mailto:Ralf.Weber@bgt.de]
> Sent: Tuesday, November 05, 2002 11:42 AM
> To: Harig, Mark A.
> Subject: Antwort: RE: how to get openssh-3.4 working on w2k?
> 
> 
> 
> 
> Thank you for your advice.
> You're right I installed 'openssh-3.4p1-5'.
> I tried 'ssh -v ip_address' and got the following:
> 
>      OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
>      debug1: Reading configuration data /etc/ssh_config
>      debug1: Rhosts Authentication disabled, originating port 
> will not be
> trusted.
>      debug1: ssh_connect: needpriv 0
>      debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
>      debug1: Connection established.
>      debug1: identity file /home/weberr/.ssh/identity type -1
>      debug1: identity file /home/weberr/.ssh/id_rsa type 1
>      debug1: identity file /home/weberr/.ssh/id_dsa type 2
>      debug1: Remote protocol version 1.99, remote software version
> OpenSSH_3.4p1
>      debug1: match: OpenSSH_3.4p1 pat OpenSSH*
>      Enabling compatibility mode for protocol 2.0
>      debug1: Local version string SSH-2.0-OpenSSH_3.4p1
>      debug1: SSH2_MSG_KEXINIT sent
>      debug1: SSH2_MSG_KEXINIT received
>      debug1: kex: server->client aes128-cbc hmac-md5 none
>      debug1: kex: client->server aes128-cbc hmac-md5 none
>      debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
>      debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>      debug1: dh_gen_key: priv key bits set: 121/256
>      debug1: bits set: 1606/3191
>      debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>      debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>      @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>      @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
>      @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>      IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
>      Someone could be eavesdropping on you right now 
> (man-in-the-middle
> attack)!
>      It is also possible that the RSA host key has just been changed.
>      The fingerprint for the RSA key sent by the remote host is
>           ..:..:..:..:..:.
>      Please contact your system administrator.
>      Add correct host key in /home/weberr/.ssh/known_hosts to 
> get rid of
> this message.
>      Offending key in /home/weberr/.ssh/known_hosts:1
>      RSA host key for 127.0.0.1 has changed and you have 
> requested strict
> checking.
>      Host key verification failed.
>      debug1: Calling cleanup 0x419440(0x0)
> 
> 
> The attatchement holds the output of 'cygcheck -s -v -r'
> 
> Thanks,
> Ralf
> 
> (See attached file: cygcheck.txt)
>

Attachment: cygcheck.txt
Description: cygcheck.txt

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/