Friday, October 7, 2022

[SOLVED] Setting up OpenSSH for Windows using public key authentication

Issue

I am having issues setting up OpenSSH for Windows, using public key authentication.

I have this working on my local desktop and can ssh with a key from Unix machines or other OpenSSH for Windows machines.

I have replicated the build onto a server, I can get password authentication working fine, but when I use the keys I get the following issue:

debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /cygdrive/c/sshusers/jsadmint2232/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
Connection closed by 127.0.0.1

So for the purposes of testing, I have been just trying to SSH to localhost, but even when tried remotely I get the same issue.

Even more strange, is that when I have both password and public key enabled in sshd_config, it will only attempt to use keys and then bomb out with the above message and won't even try to use password.

Here are the steps I have taken:

  1. Install OpenSSH for Windows
  2. mkgroup -l >>..\etc\group (added local groups)
  3. mkgroup -d >>..\etc\group (added domain groups)
  4. mkpasswd -L -u openssh >>..\passwd (added my local user)
  5. mkpasswd -D -u jsadmint2232 >>..\passwd (added my domain user)
  6. Edited the homedir in file passwd to point to c:\sshusers%USER% - where %USER% is the user name
  7. Enabled password authentication, disabled key authentication
  8. Created SSH keys for both jsadmint2232 / OpenSSH and ensured that the files were created in home directories
  9. Added authorized_keys files into .ssh directories for each user and added keys for incoming connecting users
  10. net stop opensshd / net start opensshd
  11. Test if password authentication works both locally and remotely
  12. Updated sshd_config, to enabled key auth - restart opensshd
  13. Test connection and get above error. Also, it doesn't even try password authentication.
  14. Updated sshd_config, to disable password authentication completely - restart opensshd
  15. Test connection and still get above error

It appears the server is killing the connection for some reason.


Solution

I have solved the issue...

It is related to the account that started the service - it was using the Local System account - this was stopping it accessing the public key and authorized_keys file.

Once I stopped the service and started as the user I was trying to connect into, it worked!

So basically, you need to start with a service account and then external users connect in as that user.



Answered By - Cambolie
Answer Checked By - Willingham (WPSolving Volunteer)