Clever Geek Handbook

Cygwin ssh: lost connection after accessing remote host with keys id_rsa, id_rsa.pub

My goal is to copy files programmatically from a remote server to a local one. Both Windows versions with Cygwin (server) and Cygwin 64 computer.

Before generating rsa or dsa keys, I can copy the files by entering the password

But after creating these files I have the message "connection closed by remote host. Lost connection"

I have given the following permissions: "chmod 600.ssh / id_rsa" (on the local machine) and chmod 600 ".ssh / authorized_keys2". What is the problem that can answer me?

    $ ssh login@hiddenhost
    Connection to hiddenhost closed by remote host.
    Connection to hiddenhost closed.

    PC003370+procserver@ATMPROCSERVER ~
    $ ssh -v login@hiddenhost
    OpenSSH_7.2p2, OpenSSL 1.0.2g  1 Mar 2016
    debug1: Reading configuration data /etc/ssh_config
    debug1: Connecting to hiddenhost [hiddenhost] port 22.
    debug1: Connection established.
    debug1: identity file /home/procserver/.ssh/id_rsa type 1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/procserver/.ssh/id_rsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/procserver/.ssh/id_dsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/procserver/.ssh/id_dsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/procserver/.ssh/id_ecdsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/procserver/.ssh/id_ecdsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/procserver/.ssh/id_ed25519 type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/procserver/.ssh/id_ed25519-cert type -1
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_7.2
    debug1: Remote protocol version 2.0, remote software version OpenSSH_7.1
    debug1: match: OpenSSH_7.1 pat OpenSSH* compat 0x04000000
    debug1: Authenticating to hiddenhost:22 as 'login'
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: algorithm: curve25519-sha256@libssh.org
    debug1: kex: host key algorithm: ecdsa-sha2-nistp256
    debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit
    > compression: none
    debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit
    > compression: none
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: Server host key: ecdsa-sha2-nistp256 SHA256:TS6tXfpxXyW/KeIWFnvxCsmEhHy8
    8NyoBA3DdOHzjFw
    debug1: Host 'hiddenhost' is known and matches the ECDSA host key.
    debug1: Found key in /home/procserver/.ssh/known_hosts:1
    debug1: rekey after 134217728 blocks
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: rekey after 134217728 blocks
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password,keyboard-interacti
    ve
    debug1: Next authentication method: publickey
    debug1: Offering RSA public key: /home/procserver/.ssh/id_rsa
    debug1: Authentication succeeded (publickey).
    Authenticated to hiddenhost ([hiddenhost]:22).
    debug1: channel 0: new [client-session]
    debug1: Requesting no-more-sessions@openssh.com
    debug1: Entering interactive session.
    debug1: pledge: network
    debug1: channel 0: free: client-session, nchannels 1
    Connection to hiddenhost closed by remote host.
    Connection to hiddenhost closed.
    Transferred: sent 1944, received 1312 bytes, in 0.0 seconds
    Bytes per second: sent 647995.5, received 437330.3
    debug1: Exit status -1

    PC003370+procserver@ATMPROCSERVER ~
    $
0


source to share


3 answers


HOORAY!!!!

We have found a solution.

The whole reason was to use / var / empty / folder. We tried to start the server in debug mode ... and then found this article:

"If you are debugging an SSH connection, you may need to start sshd manually (instead of a service) and enable debug output. This allows you to track exactly why the connection fails. However, if you try to start sshd manually, you may get the following message."

% cygrunsrv.exe --stop sshd

% / usr / sbin / sshd.exe -D

Failed to load host key: / etc / ssh_host_ecdsa_key / var / empty must be owned by root, not group, or world writable.

To fix this, force the user to start the sshd service as owner of / var / empty.

% ls -ld / var / empty



drwxr-xr-x + 1 cyg_server root 0 7 May 2010 empty

% chown / var / empty

Now start sshd again.

% / usr / sbin / sshd.exe -D

When you are done debugging and are ready to start sshd again as a service, change the owner of / var / empty to cyg_server.

% chown cyg_server / var / empty

% cygrunsrv.exe --start sshd

Note: you must have administrator rights to run "

+1


source


I have the same problem. The root cause is / var / empty is not the correct owner, so I did this: chown $ uid. $ gid / var / empty The problem is fixed.



0


source


This is the problem for me.

  • Start sshd in debug mode using the following command

    /usr/sbin/sshd.exe -D -dd

This gave me the following warnings

> $ /usr/sbin/sshd.exe -D -dd debug2: load_server_config: filename
> /etc/sshd_config debug2: load_server_config: done config len = 285
> debug2: parse_server_config: config /etc/sshd_config len 285 debug1:
> sshd version OpenSSH_7.5, OpenSSL 1.0.2k  26 Jan 2017
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @        
> WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0770 for '/etc/ssh_host_rsa_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_rsa_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @        
> WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0770 for '/etc/ssh_host_dsa_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_dsa_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @        
> WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0770 for '/etc/ssh_host_ecdsa_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_ecdsa_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @        
> WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0770 for '/etc/ssh_host_ed25519_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_ed25519_key sshd: no hostkeys
> available -- exiting.

  1. So, I changed the permissions for the above files to 600

    $ chmod 0600 / etc / ssh_host *

  2. Then run the debug command again.

    SHA256: 4yqAb / GiMfMJPmIXfKz + Zw4fWOCVN7E6vUDHEtokdHk / var / empty must be owned by root, not a group, or world writable.

Then change the resolution of this folder to 600.

$ chmod 600 /var/empty

This fixed the problem.

0


source






More articles:


All Articles