openssh unix dev - Oct 2003 - Key-based auth fails - OpenSSH 3.7.1p2 (cygwin)

Hey all,  Maybe someone has seen my problem before with OpenSSH under 
cygwin.  I'm trying to use key-based authentication and it's failing.

Configuration, permissions and -ddd information is provided in this email.

Thanks,
Brian Hayward

---------- Forwarded message ----------
Date: Thu, 9 Oct 2003 10:12:47 -0500 (CDT)
From: hayward at slothmud.org
To: cygwin at cygwin.com
Subject: Re: Key-based auth fails - OpenSSH 3.7.1p2


More information on file permissions:
ls -ld /
drwxrwxrwt+   9 Administ ????????     4096 Oct  9 08:57 /

ls -ld /home
drwxr-xr-x+   5 Administ SYSTEM          0 Oct  9 10:07 /home

ls -ld /home/hayward
drwx------+   3 hayward  Administ        0 Oct  9 10:07 /home/hayward

ls -altr /home/hayward/.ssh
total 4
-rw-------    1 hayward  Administ      618 Oct  9 09:40 authorized_keys
-rw-r--r--    1 hayward  Administ     1228 Oct  9 09:40 known_hosts
drwx------+   2 hayward  Administ     4096 Oct  9 09:41 .
-rw-------    1 hayward  Administ      618 Oct  9 09:41 authorized_keys2
drwx------+   3 hayward  Administ        0 Oct  9 10:07 ..

Here are the sshd_config params not commented out:

Port 22
StrictModes no
Subsystem sftp /usr/sbin/sftp-server

***
No matter what I do with filesystem permissions, I can't get ssh key-based 
authentication to work.  I have tried both with StrictModes no and yes.

Here is the output of sshd -ddd pertaining to key-based authentication:

debug1: userauth-request for user hayward service ssh-connection method 
publickey
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method publickey
debug1: test whether pkalg/pkblob are acceptable
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED
debug3: mm_request_receive_expect entering: type 21
debug3: mm_request_receive entering
debug3: monitor_read: checking request 20
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 0x100f4158
debug1: temporarily_use_uid: 132690/513 (e=18/544)
debug1: trying public key file /home/hayward/.ssh/authorized_keys
debug1: restore_uid: (unprivileged)
debug1: temporarily_use_uid: 132690/513 (e=18/544)
debug1: trying public key file /home/hayward/.ssh/authorized_keys
debug1: restore_uid: (unprivileged)
debug3: mm_answer_keyallowed: key 0x100f4158 is disallowed
debug3: mm_request_send entering: type 21
debug3: mm_request_receive entering
debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss
Failed publickey for hayward from 10.10.10.10 port 57461 ssh2

Any suggestions?

Thanks,
Brian Hayward

On Thu, Oct 09, 2003 at 10:17:27AM -0500, hayward at slothmud.org
wrote:
> Hey all,  Maybe someone has seen my problem before with OpenSSH under 
> cygwin.  I'm trying to use key-based authentication and it's
failing.
> 
> Configuration, permissions and -ddd information is provided in this email.
> 
> Thanks,
> Brian Hayward
> 
> ---------- Forwarded message ----------
> Date: Thu, 9 Oct 2003 10:12:47 -0500 (CDT)
> From: hayward at slothmud.org
> To: cygwin at cygwin.com
> Subject: Re: Key-based auth fails - OpenSSH 3.7.1p2
> 
> 
> More information on file permissions:
> ls -ld /
> drwxrwxrwt+   9 Administ ????????     4096 Oct  9 08:57 /
> 
> ls -ld /home
> drwxr-xr-x+   5 Administ SYSTEM          0 Oct  9 10:07 /home
> 
> ls -ld /home/hayward
> drwx------+   3 hayward  Administ        0 Oct  9 10:07 /home/hayward
> 
> ls -altr /home/hayward/.ssh
> total 4
> -rw-------    1 hayward  Administ      618 Oct  9 09:40 authorized_keys
> -rw-r--r--    1 hayward  Administ     1228 Oct  9 09:40 known_hosts
> drwx------+   2 hayward  Administ     4096 Oct  9 09:41 .
> -rw-------    1 hayward  Administ      618 Oct  9 09:41 authorized_keys2
> drwx------+   3 hayward  Administ        0 Oct  9 10:07 ..
SYSTEM needs read access to your authorized_keys file.  Try

  setfacl -m u:system:r-- ~ ~/.ssh ~/.ssh/authorized_keys

Corinna

-- 
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.