Cygwin ssh: lost connection after accessing remote host with keys id_rsa, id_rsa.pub
My goal is to copy files programmatically from a remote server to a local one. Both Windows versions with Cygwin (server) and Cygwin 64 computer.
Before generating rsa or dsa keys, I can copy the files by entering the password
But after creating these files I have the message "connection closed by remote host. Lost connection"
I have given the following permissions: "chmod 600.ssh / id_rsa" (on the local machine) and chmod 600 ".ssh / authorized_keys2". What is the problem that can answer me?
$ ssh login@hiddenhost
Connection to hiddenhost closed by remote host.
Connection to hiddenhost closed.
PC003370+procserver@ATMPROCSERVER ~
$ ssh -v login@hiddenhost
OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to hiddenhost [hiddenhost] port 22.
debug1: Connection established.
debug1: identity file /home/procserver/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.1
debug1: match: OpenSSH_7.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to hiddenhost:22 as 'login'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit
> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit
> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:TS6tXfpxXyW/KeIWFnvxCsmEhHy8
8NyoBA3DdOHzjFw
debug1: Host 'hiddenhost' is known and matches the ECDSA host key.
debug1: Found key in /home/procserver/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interacti
ve
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/procserver/.ssh/id_rsa
debug1: Authentication succeeded (publickey).
Authenticated to hiddenhost ([hiddenhost]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: channel 0: free: client-session, nchannels 1
Connection to hiddenhost closed by remote host.
Connection to hiddenhost closed.
Transferred: sent 1944, received 1312 bytes, in 0.0 seconds
Bytes per second: sent 647995.5, received 437330.3
debug1: Exit status -1
PC003370+procserver@ATMPROCSERVER ~
$
source to share
HOORAY!!!!
We have found a solution.
The whole reason was to use / var / empty / folder. We tried to start the server in debug mode ... and then found this article:
"If you are debugging an SSH connection, you may need to start sshd manually (instead of a service) and enable debug output. This allows you to track exactly why the connection fails. However, if you try to start sshd manually, you may get the following message."
% cygrunsrv.exe --stop sshd
% / usr / sbin / sshd.exe -D
Failed to load host key: / etc / ssh_host_ecdsa_key / var / empty must be owned by root, not group, or world writable.
To fix this, force the user to start the sshd service as owner of / var / empty.
% ls -ld / var / empty
drwxr-xr-x + 1 cyg_server root 0 7 May 2010 empty
% chown / var / empty
Now start sshd again.
% / usr / sbin / sshd.exe -D
When you are done debugging and are ready to start sshd again as a service, change the owner of / var / empty to cyg_server.
% chown cyg_server / var / empty
% cygrunsrv.exe --start sshd
Note: you must have administrator rights to run "
source to share
This is the problem for me.
-
Start sshd in debug mode using the following command
/usr/sbin/sshd.exe -D -dd
This gave me the following warnings
> $ /usr/sbin/sshd.exe -D -dd debug2: load_server_config: filename
> /etc/sshd_config debug2: load_server_config: done config len = 285
> debug2: parse_server_config: config /etc/sshd_config len 285 debug1:
> sshd version OpenSSH_7.5, OpenSSL 1.0.2k 26 Jan 2017
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @
> WARNING: UNPROTECTED PRIVATE KEY FILE! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0770 for '/etc/ssh_host_rsa_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_rsa_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @
> WARNING: UNPROTECTED PRIVATE KEY FILE! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0770 for '/etc/ssh_host_dsa_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_dsa_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @
> WARNING: UNPROTECTED PRIVATE KEY FILE! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0770 for '/etc/ssh_host_ecdsa_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_ecdsa_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @
> WARNING: UNPROTECTED PRIVATE KEY FILE! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0770 for '/etc/ssh_host_ed25519_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_ed25519_key sshd: no hostkeys
> available -- exiting.
-
So, I changed the permissions for the above files to 600
$ chmod 0600 / etc / ssh_host *
-
Then run the debug command again.
SHA256: 4yqAb / GiMfMJPmIXfKz + Zw4fWOCVN7E6vUDHEtokdHk / var / empty must be owned by root, not a group, or world writable.
Then change the resolution of this folder to 600.
$ chmod 600 /var/empty
This fixed the problem.
source to share