Unable to connect to SSH after generated public key and private key

Can some one help ? I have installed openssh (version OpenSSH_6.8p1) in windows 7 and I have generated the public and private keys, however I'm not able to connect to that SSH. I'm getting an error "Connection closed by 127.0.0.1" if I use the command "ssh localhost" .

However I'm able to connect by skipping the public key authentication via "ssh localhost -o PubkeyAuthentication=no"

Output of the command "ssh -v localhost"

OpenSSH_6.8p1, OpenSSL 1.0.2a 19 Mar 2015
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/Vinoth/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Vinoth/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Vinoth/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Vinoth/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Vinoth/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Vinoth/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Vinoth/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Vinoth/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8
debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr umac-64-etm@openssh.com none
debug1: kex: client->server aes128-ctr umac-64-etm@openssh.com none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:4Lnpmdki8UuIiQtJyZoc2vxu8x9l PVSN4vykW+axilc
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /home/Vinoth/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interacti ve
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/Vinoth/.ssh/id_rsa
Connection closed by 127.0.0.1

List of files under .ssh folder

$ ls -lrt total 7 -rwxrwx--- 1 Vinoth None 519 Jun 11 18:36 known_hosts
-rw-rw---- 1 Vinoth None 1679 Jun 12 00:48 id_rsa
-rw-rw---- 1 Vinoth None 398 Jun 12 00:48 id_rsa.pub
-rw-rw---- 1 Vinoth None 398 Jun 12 23:47 authorized_keys

List of Files under /var/log

$ ls -lrt
total 54101
-rw-r--r-- 1 Vinoth Administrators 35167 Jun 11 15:10 setup.log
-rw-r--r-- 1 Vinoth Administrators 25541 Jun 11 15:10 setup.log.full
-rw----r-- 1 SYSTEM SYSTEM 469 Jun 11 15:43 sshd.log
-rw-r--r-- 1 sshd Administrators 55330520 Jun 13 00:57 lastlog

sshd.log is not updating . lastlog file is not readable

cat sshd.log

Vinoth@Vinoth-HP /var/log $ cat /var/log/sshd.log /var/empty must be owned by root and not group or world-writable.

Vinoth

Posted 2015-06-12T15:27:52.170

Reputation: 41

well $cat sshd.log anyhow and see what it says – barlop – 2015-06-12T17:13:00.267

/var/empty must be owned by root and not group or world-writable. This is the output of cat sshd.log – Vinoth – 2015-06-12T17:13:34.877

ok try the latest update to my answer – barlop – 2015-06-12T17:21:30.677

Answers

The most likely explanation is that you have not set adequately restrictive file permissions on the keys in question. You may wish to set

  chmod 600 id_rsa
  chmod 600 id_rsa.pub
  cat id_rsa.pub >> authorized_keys
  chmod 600 authorized_keys

which is strict enough.

MariusMatutiae

Posted 2015-06-12T15:27:52.170

Reputation: 41 321

still the same error, I have also added the list of files under.ssh folder – Vinoth – 2015-06-12T15:57:58.800

@Vinoth Did you change to 600 the permissions of the directory .ssh too? – MariusMatutiae – 2015-06-12T16:13:01.747

I don't know why .ssh folder is not showing when i do ls -lrt from the home path. But I have change the permission of .ssh to 770. it is visible from the windows explorer and also able to change the permission from the cmd. – Vinoth – 2015-06-12T16:32:24.687

@Vinoth .ssh cannot be seen because it is a hidden file. You can see by means of ls -a. 770 is certainly wrong, it should be 700. Try it. – MariusMatutiae – 2015-06-12T16:56:00.123

still not working after I changed to 700 . Log file is same – Vinoth – 2015-06-12T16:59:05.893

@Vinoth please find error log for the server, not the client: they are in /var/log/ssh* and post them here. – MariusMatutiae – 2015-06-12T17:03:21.927

@Vinoth ls -ld ~/.ssh the -d makes sure it shows the attributes of the directory rather than the files within the directory. 700 for ~/.ssh and 600 for the contents of ~/.ssh – barlop – 2015-06-12T17:05:53.150

@barlop this is the output $ ls -ld ~/.ssh drwx------+ 1 Vinoth None 0 Jun 12 23:59 /home/Vinoth/.ssh – Vinoth – 2015-06-12T17:07:04.533

@MariusMatutiae I have added the list of files under /var/log folder. I have noticed that sshd.log folder is not updating and the lastlog file is not redable – Vinoth – 2015-06-12T17:10:28.833

you write

I'm able to connect by skipping the public key authentication via "ssh localhost -o PubkeyAuthentication=no"

Good

So $ssh-copy-id localhost

(then that should put the pub key from source, to the remote system ~/.ssh/authorized_keys)

exit

then

ssh localhost

and it should go straight in 'cos it'll try pub key first and it should work.

added

ls -l /var/log/sshd.log

see when it was last written too, then cat /var/log/sshd.log

or I think tail /var/log/sshd.log to see the last/most recent entry there

Added-b

cat /var/log/sshd.log gave "/var/empty must be owned by root and not group or world-writable."

Try

$ chown root /var/empty
chown: invalid user: 'root'

You may get that error above. That may be a cygwin/cygwin openssh oddity.

So try

(maybe cygwin being absurd)

as mentioned here
https://www.cygwin.com/ml/cygwin/2008-02/msg00429.html

try $chown SYSTEM /var/empty

And if it sitll doesn't work then cat sshd.log again you may get a new error there, which would be progress.

added c

you could try starting fresh ]you can try re-running ssh-host-config though i've found I had to even remove the sshd service (not just stop it), and delete keys in /etc in order for ssh-host-config to really configure things fresh.

sc stop sshd (or net stop sshd, or cygrunsrv -E sshd)

sc delete sshd (or cygrunsrv -R sshd)

rm /etc/ssh* (these are all files)

that may be enough but you could also do

net user sshd /delete

net user cyg_server /delete

remove any sshd or cyg_server user from /etc/passwd

And i've seen it suggested to remove /var/empty (though I didn't and my reinstall was fine) https://www.cygwin.com/ml/cygwin/2014-03/msg00315.html

You could reinstall cygwin (without uninstalling) it just updates things e.g. when I did it I noticed one command got some more switches. All the things you had installed like openssh should still be ticked.

I don't think I had to reboot

Then open an administrative command prompt and run ssh-host-config ok the defaults and net start sshd

barlop

Posted 2015-06-12T15:27:52.170

Reputation: 18 677

$ ssh-copy-id localhost /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: ERROR: Connection closed by 127.0.0.1 – Vinoth – 2015-06-12T16:00:14.153

@Vinoth see my update to my answer, and try that – barlop – 2015-06-12T17:11:51.030

I have added the output of cat sshd.log – Vinoth – 2015-06-12T17:15:18.357

@Vinoth I have had that one before, try latest update to my answer – barlop – 2015-06-12T17:19:27.727

Yes when I run chown root /var/empty i dot invalid user :'root' error and I tried $chown System /var/empty ,however stll not working and also sshd.log is not updating – Vinoth – 2015-06-12T17:27:06.037

@Vinoth try my latest update "added c" – barlop – 2015-06-12T18:02:51.310

Let us continue this discussion in chat.

– barlop – 2015-06-12T19:20:42.127