RE: Win2003 problems exchanging keys, but not with password cygwin/openssh

Hi,

I had the same problem and didn't get any answer from this list yet (guess
we aren't to many of us using 2003 yet:-). But after three full days of
trial and error I got it working by:

 - starting the sshd service under another user than the "Local System
account" with
   password (I use an acount with Administrator privileges but don't know if
it is needed).

 - chown the following files to that user:
     chown <user> /etc/ssh_host*
     chown <user> /var/empty
     chown <user> /var/log/sshd.log

I think that was all, hope it helps!

/Olle

> To all,
>
> I have a win2003 enterprise server running cygwin 1.5.0/openssh (current
> version). I generated keys for my systems and put them in my
> ~/.ssh/authorized_keys file. I have 2 systems WinXP and Win2003
> Enterprise
> server, both running same version of cygwin and openssh. Locally on the
> win2003 server I can ssh localhost and it asks me for a password and I can
> login, as well as any other user that is created with a password. What I
> cannot do is login with my SSH keys. If I try to authenticate
> with SSH KEY
> it kicks me out only after saying it excepted my KEY. When I executed ssh
> -vvv localhost (using KEY) I can see where it excepted my KEY but in the
> event viewer it gives me some error message about SETUID
> permission denied.
> Forgive me if I don't have the exact verbage, but if someone needs I can
> probably get it. I set in my environment variables "CYGWIN=ntsec
> tty", but
> still no luck in getting the keys to work. Any ideas? The
> permissions look
> good and Im assuming maybe has something to do with win2003 server and its
> new security features. Is there maybe something I have to enable in order
> for the KEYS to work?
>
> Todd C. Bowden
> E-mail: Todd.Bowden@atosorigin.com
>
> --
> List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
> List Archives: http://erdelynet.com/archive/ssh-l/
> To Unsubscribe: Go to
http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and enter your email
address at the bottom to "Edit Options". If you don't know your password,
have it emailed to you. Then unsubscribe.

--
List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
List Archives:    http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Go to http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and enter your email address at the bottom to "Edit Options". If you don't know your password, have it emailed to you. Then unsubscribe.