I have successfully set up ssh and sshd under cygwin to allow myself to login from A to B and B to A (both A and B are Vista machines).

To do this, I have had to set StrictModes no in my /etc/sshd_config.

If I set StrictModes to yes, key-based login is bypassed, and ssh(d) prompts for a password (which then works). In the event log, I get this message:

sshd: PID 3684: Authentication refused: bad ownership or modes for file /home/brent/.ssh/authorized_keys

I have two sub-questions:

1. Is there any point in using StrictModes yes under cygwin/Vista? (I imagine that under a true Unix this will provide additional security.)

2. Assuming yes, precisely what ownership and mode should I be using? The current listing for the authorized_keys is:

   -rwxrwxrwx 1 Administrators None 847 Sep 5 14:38 .ssh/authorized_keys

After a little more research:

It looks like /home/brent/, /home/brent/.ssh/, and /home/brent/.ssh/authorized_keys all need to meet the following criteria:

• Not group- or world-writable (minimum chmod 755)
• Owner: brent (in this case) -- I don't know whether this means "this user" or "any user with certain status or privileges" or "the user who installed cygwin" or "the user who ran sshd-host-config".

So it works, but I'd still appreciate precise comments on why, and on whether it's correct.