Issue
I am having issues setting up OpenSSH for Windows, using public key authentication.
I have this working on my local desktop and can ssh with a key from Unix machines or other OpenSSH for Windows machines.
I have replicated the build onto a server, I can get password authentication working fine, but when I use the keys I get the following issue:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /cygdrive/c/sshusers/jsadmint2232/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
Connection closed by 127.0.0.1
So for the purposes of testing, I have been just trying to SSH to localhost, but even when tried remotely I get the same issue.
Even more strange, is that when I have both password and public key enabled in sshd_config
, it will only attempt to use keys and then bomb out with the above message and won't even try to use password.
Here are the steps I have taken:
- Install OpenSSH for Windows
mkgroup -l >>..\etc\group
(added local groups)mkgroup -d >>..\etc\group
(added domain groups)mkpasswd -L -u openssh >>..\passwd
(added my local user)mkpasswd -D -u jsadmint2232 >>..\passwd
(added my domain user)- Edited the homedir in file passwd to point to c:\sshusers%USER% - where %USER% is the user name
- Enabled password authentication, disabled key authentication
- Created SSH keys for both jsadmint2232 / OpenSSH and ensured that the files were created in home directories
- Added authorized_keys files into .ssh directories for each user and added keys for incoming connecting users
net stop opensshd
/net start opensshd
- Test if password authentication works both locally and remotely
- Updated sshd_config, to enabled key auth - restart opensshd
- Test connection and get above error. Also, it doesn't even try password authentication.
- Updated sshd_config, to disable password authentication completely - restart opensshd
- Test connection and still get above error
It appears the server is killing the connection for some reason.
Solution
I have solved the issue...
It is related to the account that started the service - it was using the Local System account - this was stopping it accessing the public key and authorized_keys file.
Once I stopped the service and started as the user I was trying to connect into, it worked!
So basically, you need to start with a service account and then external users connect in as that user.
Answered By - Cambolie Answer Checked By - Willingham (WPSolving Volunteer)