Hi,
Not knowing anything about SSH I didn't realise openssh-3.0.2p1-4 (and former) versions shouldn't have been asking for a password with the correct keys at either end. I assumed I'd got something in a mess. It appears not. In the end I compiled openssh so I could get a bit more information on the failure. <snippet auth.c> int secure_filename(FILE *f, const char *file, struct passwd *pw, char *err, size_t errlen) { uid_t uid = pw->pw_uid; char buf[MAXPATHLEN], homedir[MAXPATHLEN]; char *cp; struct stat st; int zzz; if (realpath(file, buf) == NULL) { snprintf(err, errlen, "realpath %s failed: %s", file, strerror(errno)); return -1; } if (realpath(pw->pw_dir, homedir) == NULL) { snprintf(err, errlen, "realpath %s failed: %s", pw->pw_dir, strerror(errno)); return -1; } log("realpath=[%s][%s]",buf,homedir); /* check the open file to avoid races */ zzz = fstat(fileno(f), &st); log("st_uid=[%d] pw_uid=[%d]",st.st_uid,uid); if ((zzz < 0) || (st.st_uid != 0 && st.st_uid != uid) || (st.st_mode & 022) != 0) { snprintf(err, errlen, "bad ownership or modes for file %s", buf); return -1; } <snippet /auth.c> When run as a service sshd is emitting... The description for Event ID ( 0 ) in Source ( /usr/sbin/sshd.exe ) could not be found. It contains the following insertion string(s): /usr/sbin/sshd.exe : Win32 Process Id = 0x1B0 : Cygwin Process Id = 0x1B0 : debug1: temporarily_use_uid: 500/513 (e=18). The description for Event ID ( 0 ) in Source ( /usr/sbin/sshd.exe ) could not be found. It contains the following insertion string(s): /usr/sbin/sshd.exe : Win32 Process Id = 0x1B0 : Cygwin Process Id = 0x1B0 : realpath=[/home/Administrator/.ssh/authorized_keys][/home/Administrator]. The description for Event ID ( 0 ) in Source ( /usr/sbin/sshd.exe ) could not be found. It contains the following insertion string(s): /usr/sbin/sshd.exe : Win32 Process Id = 0x1B0 : Cygwin Process Id = 0x1B0 : st_uid=[18] pw_uid=[500]. The description for Event ID ( 0 ) in Source ( /usr/sbin/sshd.exe ) could not be found. It contains the following insertion string(s): /usr/sbin/sshd.exe : Win32 Process Id = 0x1B0 : Cygwin Process Id = 0x1B0 : Authentication refused: bad ownership or modes for file /home/Administrator/.ssh/authorized_keys. Seems to think authorized_keys is owned by SYSTEM:18 but it isn't. Stopping sshd as a service and running from within bash "sshd -d" works fine and emits... debug1: temporarily_use_uid: 500/513 (e=500) debug1: trying public RSA key file /home/Administrator/.ssh/authorized_keys realpath=[/home/Administrator/.ssh/authorized_keys][/home/Administrator] st_uid=[500] pw_uid=[500] debug1: restore_uid Accepted rsa for Administrator from 192.168.0.1 port 2446 ...which isn't the end of it. I fired up a bash shell, launched from a service with SYSTEM authority expecting a failure... debug1: temporarily_use_uid: 500/513 (e=18) debug1: trying public key file /home/Administrator/.ssh/authorized_keys realpath=[/home/Administrator/.ssh/authorized_keys][/home/Administrator] st_uid=[500] pw_uid=[500] ...but it worked, both as "sshd -d" and as a straight "sshd" (so it forked in case that was it). fstat will only fail when sshd is running as a service as SYSTEM. The only viable approach I can think of at this point is to attach gdb to the process forked by sshd and I can't for the life of me figure out how to do that. I hope this info is useful to you folks with more intimate knowledge 'cos I'm stuck! :-| -- [EMAIL PROTECTED] -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/