Peter_Lawrence at belgocontrol.be
2016-Dec-14 15:34 UTC
Seeking assistance with pubkey authentication problem on Windows OS
Hello. I did a bit more digging in the debug information and I have isolated the problem, which looks like it comes directly from the source code.? The ssh-agent.log shows the following entries during my ssh connection attempt from the Linux machine to the Windows machine running a Win64 OpenSSH: 5772 16:13:37 990 debug1: trying public key file C:\Users\LAW/.ssh\authorized_keys 5772 16:13:37 990 debug1: given public key is not mapped to user LAW (profile:C:\Users\LAW) My sshd_config file has been set with the following entry: AuthorizedKeysFile?.ssh\authorized_keys I have noticed that if I was to?either use the line AuthorizedKeysFile %h\.ssh\authorized_keys or AuthorizedKeysFile?C:\Users\LAW\.ssh\authorized_keys the?ssh-agent.log shows a debug entry now saying? trying public key file C:\Users\LAW/C:\Users\LAW\.ssh\authorized_keys Having had a dig around in the source-code for OpenSSH, the culprit is the subroutine expand_authorized_keys in the file auth.c which returns a char pointer called ret given by snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file) You can see here that the formatting?"%s/%s" is causing the insertion of a forward-slash in the?public key filename used in the windows environment; to this extent, the?authorized_keys?file will never be found in the windows environment. Would it suffice if I rebuild the Win64 OpenSSH executables with the correction?snprintf(ret, sizeof(ret), "%s\\%s", pw->pw_dir, file), or should I wait for an official build with this correction? Yours sincerely, Peter. ___________________________________________________________ Dr. Peter E. Lawrence? BSc(Ma & Comp Sc)(Hons) MSc(Ma Sc)(Res) PhD(Ma Sc) Analyst & Software Engineer BELGOCONTROL?(CANAC) Tervuursesteenweg?303 B?-?1820?Steenokkerzeel Tel:?[Office]:? +32?2?206?2588 ?????? [GSM]:? ?+32 4 701 80752 Email: law at belgocontrol.be Web:??www.belgocontrol.be ? Belgocontrol Mail Disclaimer
Manoj K. Ampalam
2016-Dec-14 17:21 UTC
Seeking assistance with pubkey authentication problem on Windows OS
Please file an issue at https://github.com/PowerShell/Win32-OpenSSH. The Windows fork is not part of the main OpenSSH project yet. Otherwise, you may work around your issue by getting rid of this configuration line: AuthorizedKeysFile %h\.ssh\authorized_keys It would default to %userprofile%\.ssh\authorized_keys. On Wed, Dec 14, 2016 at 7:34 AM, Peter_Lawrence at belgocontrol.be < Peter_Lawrence at belgocontrol.be> wrote:> Hello. > > I did a bit more digging in the debug information and I have isolated the > problem, which looks like it comes directly from the source code. > The ssh-agent.log shows the following entries during my ssh connection > attempt from the Linux machine to the Windows machine running a Win64 > OpenSSH: > > 5772 16:13:37 990 debug1: trying public key file > C:\Users\LAW/.ssh\authorized_keys > 5772 16:13:37 990 debug1: given public key is not mapped to user LAW > (profile:C:\Users\LAW) > > My sshd_config file has been set with the following entry: > AuthorizedKeysFile .ssh\authorized_keys > > I have noticed that if I was to either use the line > AuthorizedKeysFile %h\.ssh\authorized_keys > or > AuthorizedKeysFile C:\Users\LAW\.ssh\authorized_keys > the ssh-agent.log shows a debug entry now saying > trying public key file C:\Users\LAW/C:\Users\LAW\.ssh\authorized_keys > > Having had a dig around in the source-code for OpenSSH, the culprit is the > subroutine > expand_authorized_keys > in the file auth.c > which returns a char pointer called ret given by snprintf(ret, > sizeof(ret), "%s/%s", pw->pw_dir, file) > You can see here that the formatting "%s/%s" is causing the insertion of a > forward-slash in the public key filename used in the windows environment; > to this extent, the authorized_keys file will never be found in the windows > environment. > > Would it suffice if I rebuild the Win64 OpenSSH executables with the > correction snprintf(ret, sizeof(ret), "%s\\%s", pw->pw_dir, file), or > should I wait for an official build with this correction? > > > Yours sincerely, > Peter. > > ___________________________________________________________ > > Dr. Peter E. Lawrence BSc(Ma & Comp Sc)(Hons) MSc(Ma Sc)(Res) PhD(Ma Sc) > Analyst & Software Engineer > BELGOCONTROL (CANAC) > Tervuursesteenweg 303 > B - 1820 Steenokkerzeel > Tel: [Office]: +32 2 206 2588 > [GSM]: +32 4 701 80752 > Email: law at belgocontrol.be > Web: www.belgocontrol.be > > > Belgocontrol Mail Disclaimer > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >