CODEWITHSUNDEEP
windowssshopensshsshd
ManuBIG
ManuBIG

Reputation: 43

Windows 10 OpenSSH authorized keys error with sshd

after a lot of support from reading the great posts here my first question:

I try to set up ssh with keys between a Mac and Windows 10 (20H2). What I did until now:

...
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.2.157 ([192.168.2.157]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
client_loop: send disconnect: Broken pipe

Manu

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

#HostKey __PROGRAMDATA__/ssh/ssh_host_rsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_dsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_ecdsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile  .ssh/authorized_keys

#AuthorizedPrincipalsFile none

# For this to work you will also need host keys in %programData%/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#PermitUserEnvironment no
ClientAliveInterval 60
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem   sftp    sftp-server.exe

# Example of overriding settings on a per-user basis
#Match User anoncvs
#   AllowTcpForwarding no
#   PermitTTY no
#   ForceCommand cvs server

#Match Group administrators
#      AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys

Upvotes: 4

Views: 4540

Answers (1)

VonC
VonC

Reputation: 1323035

in case I stop the sshd on Win10 and start it not as a service, just with c:>sshd.exe

  • In one case, sshd is run as a service, possibly with the LocalSystem account
  • In the other, from comand-line, you are running sshd as you (your Windows account).

The environment would not be the same, especially for the "authorized_keys" file.
As mentioned in the documentation:

In Windows, sshd reads configuration data from %programdata%\ssh\sshd_config by default, or a different configuration file may be specified by launching sshd.exe with the -f parameter.
If the file is absent, sshd generates one with the default configuration when the service is started.

Activate the logs when running the ssh daemon as a Windows service, as seen here:

Open an admin powershell prompt and run:

notepad C:\ProgramData\ssh\sshd_config

Find the "# Logging" section and add in these 2 lines.

SyslogFacility LOCAL0
LogLevel DEBUG3

Run services.msc and restart the service if its running, or start it if it's stopped.
Make sure it is set to run as the system account.

Upvotes: 2

Related Questions