Re: Disable passwords in SSHD Cygwin
- From: Peter <Retrodog@xxxxxxxxxxx>
- Date: Tue, 27 Dec 2005 17:03:05 -0000
ok followup time
I changed the sshd_config file so that the # comment symbol was not
infront of the passwordauthentication no line and tried it again
$ ssh localhost
i get an error now that says permission denied (public key , keyboard
interactive)
I know my keys are in the right place because if i change that line in
sshd_config back to passwordauthentication yes i can log in but not have
to enter a password. if i remove the keys to a dummy directory and try
to log in the server asks me for a password.
so in short the host knows and uses my public key when passwords are set
to yes
if keys are missing then host falls back to asking the password.
if the sshd_config file is set to not allow passwords it all fails no
matter if i have proper keys in the correct directory or not.
i feel like im missing something very fundamental to what im trying to do
but have not stumbled onto it yet. this config file seems very plain to
understand but the things i ask it to do just cause it to choke.
i have read a little about openssh and was wondering if there are any
experts out there and can vouch for it and or point to a good
configuration site. cygwin has me 99% of the way there but this last 1%
is driving my nuts. i would hate to jump ship on it now after all i have
learned but im tired of the brute force attacks on my host.
thanks again
Peter <retrodog@xxxxxxxxxxx> wrote in
news:Xns9734742E74ACAretrodoghotmailcom@xxxxxxxxxxxx:
> I am running the Cygwin SSHD server on a machine and have been seeing
> lots of attacks lately from all over the globe. so i generated a
> public / private key set and applied them correctly and now i connect
> properly using these new keys. i then went into the file "cygwin\etc
> \sshd_config" and set the following lines
>
> # To disable tunneled clear text passwords, change to no
> here! #PasswordAuthentication no
> #PermitEmptyPasswords no
>
> the attacks continued so i tried a test. i moved the keys i just
> generated to a dummy folder and then tried to connect to the machine
> hosting the server
>
> $ ssh localhost
>
> to my surprise it asked for a password
>
> so i went back to the file "cygwin\etc\sshd_config" and sure enough i
> find this
>
> # To disable tunneled clear text passwords, change to no
> here! #PasswordAuthentication yes <-------its still set to
> yes? #PermitEmptyPasswords no
>
> so i then looked at the folder holding the file and found that there
> are now 2 files "cygwin\etc\sshd_config" and "cygwin\etc\sshd_config~"
> the one with the ~ char at the end is owned by the loged in user and
> the one without the ~ char is owned by the system. the one owned by
> the system is the one where the password is still set to yes. every
> time i edit and save the file it creates a new file with more and more
> ~ chars at the end. what in the world is going on? i made sure to
> chmod 777 the file to edit it then chmoded it back to 644. nothing
> seems to work and in the mean time im getting massive attacks in the
> night from IP's all over the world. I have hardend my password and
> there not succeeding but it still is unnerving to see your security
> logs fill up like that
>
> am i going about it the wrong way trying to edit my "cygwin\etc
> \sshd_config" file? is there a command i need to run to make this
> change permenant?
>
> thanks in advance for the help
.
- References:
- Disable passwords in SSHD Cygwin
- From: Peter
- Disable passwords in SSHD Cygwin
- Prev by Date: Logout in the dark of the night
- Next by Date: Re: restrict ssh access
- Previous by thread: Re: Disable passwords in SSHD Cygwin
- Next by thread: Core dumping for sshd
- Index(es):
Relevant Pages
|
