Cygwin OpenSSH Windows

bilbonvidia · May 6, 2008, 4:11am

Hi all, I am just enjoying my first experience with UNIX type stuff but I am completely stumped with syntax etc. I have installed OpenSSH on my windows machine which is a working nicley and I can gain access using putty. I am however trying to set up public key authentication and turn off passwords but am not having much luck. I have managed to turn password authentication off in the sshd_config file and key auth is enabled for rsa and dsa. I kind of need a setp by step guide. At the moment I am just being told key refused.

I have tried creating some keys with the keygen util within cygwin which get created in my home\.ssh folder and converting the private key into putty format using puttygen and using that in putty. I am not sure about an authorized_keys file, how to create it and where it should go I think this maybe where I am going wrong. I have also tried generating both keys with puttygen but get the same message.

Another thing I would like to know how to do is to be able to look at the log which shows logon attempts but I have no idea how to do this?

Any help would be greatly appreciated!

bilbonvidia · May 6, 2008, 4:06pm

I have been following these instructions:

Using putty with OpenSSH

This is my config file in c:\cygwin\etc:

# $OpenBSD: sshd_config,v 1.77 2008/02/08 23:24:07 djm Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/bin:/usr/sbin:/sbin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

Port 40101
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh_host_rsa_key
#HostKey /etc/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin no
StrictModes yes
MaxAuthTries 3

RSAAuthentication no
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
IgnoreUserKnownHosts yes
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no

# Change to no to disable s/key passwords
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no

#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none

# no default banner path
Banner /etc/banner.txt

# override default of no subsystems
Subsystem sftp /usr/sbin/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server

I keep getting "Server refused our key"

Any Ideas?

Regards

kowy · November 20, 2008, 1:51pm

Hi guys, sorry if my spelling is not the best, but english is not my mother tongue.

This is my first experience with Linux. I have Windows server 2003 enterprise x64, sith SP 2 in english, and I have to setup a SFTP, that authenticates with a public password. I choose to use OpenSSH which i think it is the best option fot SFTP with a public key authentication.

I have tried to follow some pages, like... Setting up a SFTP Server on Windows but I can get it running.

Im going to describe what i did, step by step, as best as posible, hopping that somebody can tell me where my mistake is.

1.- Downloaded a zip file from here: Setting up a SFTP Server on Windows

2.- I tried to follow this guide: http://www.cs.bham.ac.uk/~smp/projects/ssh-windows/, and i made it till the point where it says:

 <q>
     Assign the server users account (sshd) the appropriate rights:
           ntrights +r SeAssignPrimaryTokenPrivilege -u sshd
</q>

When I type the ntrights, the comand line shows:

<q>
'ntrights' is not recognized as an internal or external command, operable program or batch file.
</q>

And after that i haven�t been able to move on.

Can somebody help me please... thanks