Re: OpenSSH with Windows issue - please help

Thanks a lot guys,
With all your help and support finally it's working now.

Here are some of the key points that someone needs to take into
account if he/she wants to use the "OpenSSH on Windows 2003". I
removed everything and started all over again.

1. Ran the "OpenSSH for Windows" installer.I installed everything as a
domain user account and i am also the local administrator.

2. OpenSSH package misses a cygintl-2.dll file that needs to be copied
from Cywin installation and thrown into the OpenSSH/bin directory to
make commands like chmod,ls etc work in windows.

3. Like mentioned before,change the OpenSSH service log-on setting to
use a domain user account from the service control panel.

4. Go to "/etc/sshd_config" and change "StrictModes" property to "No".
I will try to make it working with changing that value to "Yes" as
it's important for security reasons.

5. On the client end,generated a public/private key pair using puttygen.

6.Copied the public key under the .ssh directory under the user home
and gave this command in command prompt:
copy /b public_key_name authroized_keys2

7. Changed the permissions as shown below:
chmod 700 .ssh
chmod 600 authorized_keys2
chmod 644 *.pub

8.On the client side,tried to connect using putty and supplied my
private key and it works!!!!

Thanks Again Everybody...appreciate your help.
Mick

On 10/18/07, Welsh, Armand <Armand.Welsh@sscims.com> wrote:
> correct. the chown and chmod are installed. Windows file system
> security is much more robust than the default unix (excluding trusted
> unix), but if you don't know how Cygwin translates the unix simulated
> ACL into the Windows ACL, and back, then it can be very difficult, if
> not impossible, to get the permissions set correctly using the windows
> ACL tools (I used explorer instead of cacl). I recommend using chmod to
> set your permissions as stated in my prior email.
>
> Regards,
> Armand
>
> -----Original Message-----
> From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf Of LQ
> Marshall
> Sent: Wednesday, October 17, 2007 9:34 PM
> To: ssh@erdelynet.com
> Subject: RE: OpenSSH with Windows issue - please help
>
> No mention of what the exact problem error is... Unless I miss it.
>
> But as I recall if the permissions on the key files are not correct the
> service will not start. I seem to recall that windows ACL (cacls
> command I
> think) can be used but I think that chown & chmod are installed along
> with
> the OPENSSH installation (?).
>
> gl
> Q
>
>
> > -----Original Message-----
> > From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf
> > Of Mick Ken
> > Sent: Wednesday, October 17, 2007 7:14 PM
> > To: ssh@erdelynet.com
> > Subject: OpenSSH with Windows issue - please help
> >
> > Friends,
> > I am trying to install SSH on a Windows 2003 server since
> > last 3 days and still no luck.
> >
> > I tried with Cygwin but it was not working,so i tried
> > "OpenSSH for Windows",I have tried literally everything and
> > searched 100s of google pages but I am getting this error.I
> > would greatly appreciate if someone can help me resolve this.
> >
> > Here's the trace from the server end:
> >
> > E:\Program Files\OpenSSH\usr\sbin>sshd -d
> > debug1: sshd version OpenSSH_3.8.1p1
> > debug1: read PEM private key done: type RSA
> > debug1: private host key: #0 type 1 RSA
> > debug1: read PEM private key done: type DSA
> > debug1: private host key: #1 type 2 DSA
> > debug1: Bind to port 22 on 0.0.0.0.
> > Server listening on 0.0.0.0 port 22.
> >
> > debug1: Server will not fork when running in debugging mode.
> > Connection from 10.11.14.113 port 2715
> > debug1: Client protocol version 2.0; client software version
> > PuTTY_Release_0.60
> > debug1: no match: PuTTY_Release_0.60
> > debug1: Enabling compatibility mode for protocol 2.0
> > debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1
> > debug1: list_hostkey_types: ssh-rsa,ssh-dss
> > debug1: SSH2_MSG_KEXINIT sent
> > debug1: SSH2_MSG_KEXINIT received
> > debug1: kex: client->server aes256-ctr hmac-sha1 none
> > debug1: kex: server->client aes256-ctr hmac-sha1 none
> > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
> > debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
> > debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
> > debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
> > debug1: SSH2_MSG_NEWKEYS sent
> > debug1: expecting SSH2_MSG_NEWKEYS
> > debug1: SSH2_MSG_NEWKEYS received
> > debug1: KEX done
> > debug1: userauth-request for user Administrator service
> > ssh-connection method no ne
> > debug1: attempt 0 failures 0
> > debug1: userauth_banner: sent
> > Failed none for Administrator from 10.11.12.13 port 2715 ssh2
> > debug1: userauth-request for user Administrator service
> > ssh-connection method pu blickey
> > debug1: attempt 1 failures 1
> > debug1: test whether pkalg/pkblob are acceptable
> > debug1: temporarily_use_uid: 500/513 (e=500/513)
> > debug1: trying public key file
> > /home/Administrator/OpenSSH/.ssh/authorized_keys
> > debug1: restore_uid: (unprivileged)
> > debug1: temporarily_use_uid: 500/513 (e=500/513)
> > debug1: trying public key file
> > /home/Administrator/OpenSSH/.ssh/authorized_keys2
> >
> > debug1: restore_uid: (unprivileged)
> > Failed publickey for Administrator from 10.11.12.13 port 2715 ssh2
> > debug1: userauth-request for user Administrator service
> > ssh-connection method ke yboard-interactive
> > debug1: attempt 2 failures 2
> > debug1: keyboard-interactive devs
> > debug1: auth2_challenge: user=Administrator devs=
> > debug1: kbdint_alloc: devices ''
> > Failed keyboard-interactive for Administrator from
> > 10.11.12.13 port 2715 ssh2 Received disconnect from
> > 10.11.12.13: 14: No supported authentication methods a vailable
> > debug1: do_cleanup
> >
> > After researching,people mentioned that it looks like a
> > permission issue with either one of the following:
> > E:/Documents and Settings/Administrator/OpenSSH E:/Documents
> > and Settings/Administrator/OpenSSH/.ssh
> > E:/Documents and Settings/Administrator/OpenSSH.ssh/authorized_keys
> >
> > And they say to set 700 or some permissions to them,but how
> > can i do that in Windows ???
> >
> > I have given full control to all these files to the "Administrator"
> > and the "System" account.
> >
> > My /etc/passwd and /etc/group files look proper and also have
> > full control by "Administrator" and "System" accounts.I have
> > also changed the Administrator home to point to
> > /home/Administrator/OpenSSH
> >
> > I have generated my private/public key on the client
> > end(windows box) using puttygen and copied my public key into
> > the E:/Documents and
> > Settings/Administrator/OpenSSH/.ssh/authorized_keys file.
> >
> > Please Please help.
> > Thanks
> > Mick
> >
> > --
> > List Info: http://erdelynet.com/ssh-l/
> > List Archives: http://erdelynet.com/archive/ssh-l/
> > To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com
> >
> >
>
>
> --
> List Info: http://erdelynet.com/ssh-l/
> List Archives: http://erdelynet.com/archive/ssh-l/
> To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com
>
>
>
> --
> List Info: http://erdelynet.com/ssh-l/
> List Archives: http://erdelynet.com/archive/ssh-l/
> To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com
>
>
>

--
List Info:      http://erdelynet.com/ssh-l/
List Archives:  http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com