This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: [1.5] Problem with OpenSSH on Windows Home Server (Win2003)
Thorsten Kampe wrote:
> * Patrick Aikens (Tue, 19 May 2009 07:08:00 -0400)
>> Patrick Aikens wrote:
>>> Patrick Aikens wrote:
>>>> I've installed cygwin 1.5 on my WHS box as Administrator. I've
>>>> opened a cygwin terminal and executed the mkpasswd -l > /etc/passwd
>>>> and mkgroup -l > /etc/group commands, executed ssh-host-setup and
>>>> used privilege separation, and everything seems to have executed
>>>> OK. I can ssh to that machine as Administrator just fine using
>>>> password auth. However, I can't ssh in as any other user on that
>>>> machine using password authentication - I get told that the
>>>> password is incorrect, which I know it isn't. I can use key-based
>>>> auth to login as any user, so I do have a workaround, but I'm
>>>> curious as to why no user but Administrator can use password auth
>>>> to log in? I've logged in via remote desktop as the user I wish to
>>>> SSH as and ran ssh-user-config as that user (that's how I got the
>>>> key-based login working). I haven't done that as Administrator,
>>>> though, and it still lets me log in just fine there.
>>>>
>>>> Sorry if this is a bit rambling, but I've been working on this
>>>> problem for a while and it's getting late where I am...
>>>> cygcheck.out is attached.
>>> So, is this expected behavior then? Is it only possible to log in as
>>> the user that installed the server using password authentication?
>> Is 1.5 not supported anymore? I only see 1.7 questions getting
>> answered, and nobody even tells me to get lost in 4 days... I
>> apologize if I've violated some sort of mailing list rule with my ssh
>> question, I thought I had fulfilled all the requirements of asking a
>> question (including the cygcheck output), but it was late.
>
> I don't think cygcheck will help in this case. Run ssh with -v's and
> sshd with -d's. Check the application eventlog and /var/log/...
>
> Thorsten
>
>
> --
> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> Problem reports: http://cygwin.com/problems.html
> Documentation: http://cygwin.com/docs.html
> FAQ: http://cygwin.com/faq/
>
/var/log/sshd.log is empty
Attached is output from ssh -v to the server from my desktop and output
from 'ls -l /var/log' on the server... I'll try running sshd with -d as
soon as I can and provide that output. It might be later, but maybe
something will jump out at someone with only this data.
Thanks for the reply... this being a home server, it's important to me
that all the user accounts get ssh access. Up until now, I've only
needed to set up single user ssh access to my home Windows machines.
total 584
-rw-r--r-- 1 SYSTEM Administrators 0 May 14 22:55 cygserver.log
----------+ 1 cyg_server Administrators 282348 May 19 07:42 lastlog
-rw-r--r-- 1 duckpuppy None 0 May 19 2009 ls.txt
----rwx---+ 1 Administrator Users 20514 May 14 17:12 setup.log
----rwx---+ 1 Administrator Users 440712 May 14 17:12 setup.log.full
-rw-r--r-- 1 cyg_server None 0 May 14 17:24 sshd.log
Script started on Tue May 19 07:40:05 2009
[32;1m[~/.ssh]$ [0mssh -v speedforce
OpenSSH_5.1p1, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to speedforce [192.168.1.2] port 22.
debug1: Connection established.
debug1: identity file /home/DuckPuppy/.ssh/identity type -1
debug1: identity file /home/DuckPuppy/.ssh/id_rsa type 1
debug1: identity file /home/DuckPuppy/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'speedforce' is known and matches the RSA host key.
debug1: Found key in /home/DuckPuppy/.ssh/known_hosts:4
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/DuckPuppy/.ssh/identity
debug1: Offering public key: /home/DuckPuppy/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: Offering public key: /home/DuckPuppy/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
DuckPuppy@speedforce's password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
DuckPuppy@speedforce's password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
DuckPuppy@speedforce's password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,password,keyboard-interactive).
[32;1m[~/.ssh]$ [0m
[32;1m[~/.ssh]$ [0mexit
Script done on Tue May 19 07:40:36 2009
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/