Sshd and key based authentication
Andrea Venturoli
ml@netfence.it
Mon Nov 18 07:59:00 GMT 2013
Hello.
I'm trying to set up sshd on a Windows 2003 domain controller.
Everything works with password authentication; however I need this for a
script, so, in order to get non-interactive login, I must use keys.
Tried as hard as I could, but I could not achieve this: I'm always asked
for a password.
I read several posts which say I need to use local accounts, not domain
accounts; however, the machine being a DC, I don't have Local security
policy or Local users in Control panel or Administrative tool.
So, this is the fragment from my /etc/passwd:
> sshd:unused:2259:513:sshd privsep,U-MYDOMAIN\sshd,S-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXX:/var/empty:/bin/false
> cyg_server:unused:2265:513:cyg_server,U-MYDOMAIN\cyg_server,S-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXXX-XXXX:/home/cyg_server:/bin/bash
"ssh -vvv" suggest the key is presented to the server, but key
authentication does not succeed anyway. Nothing special is logged
server-side and ssh moves on to password authentiation.
On with the questions...
Is this supposed to work? Several posts say so, but no one mentions a
domain controller... Does it bring in anything special?
Are the above users correct? Any problem with it?
What are correct ownership and permissions of /home, /home/myuser,
/home/myuser/.ssh and /home/myuser/.ssh/authorized_keys?
According to some how-tos, ssh-host-confing should have prompted with
"CYGWIN=" and I should have replied "tty ntsec", but this did not
happen. Other how-tos suggest putting this variable in the environment.
Is this information current or obsolete? I tried and it didn't seem to
matter...
Any other hint?
bye & Thanks
av.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list