3
I have successfully set up ssh and sshd under cygwin to allow myself to login from A to B and B to A (both A and B are Vista machines).
To do this, I have had to set StrictModes no
in my /etc/sshd_config.
If I set StrictModes
to yes
, key-based login is bypassed, and ssh(d) prompts for a password (which then works). In the event log, I get this message:
sshd: PID 3684: Authentication refused: bad ownership or modes for file /home/brent/.ssh/authorized_keys
I have two sub-questions:
- Is there any point in using
StrictModes yes
under cygwin/Vista? (I imagine that under a true Unix this will provide additional security.) Assuming yes, precisely what ownership and mode should I be using? The current listing for the authorized_keys is:
-rwxrwxrwx 1 Administrators None 847 Sep 5 14:38 .ssh/authorized_keys
After a little more research:
It looks like /home/brent/, /home/brent/.ssh/, and /home/brent/.ssh/authorized_keys all need to meet the following criteria:
- Not group- or world-writable (minimum chmod 755)
- Owner: brent (in this case) -- I don't know whether this means "this user" or "any user with certain status or privileges" or "the user who installed cygwin" or "the user who ran
sshd-host-config
".
So it works, but I'd still appreciate precise comments on why, and on whether it's correct.