- Oct 9, 2019
- 2
- 0
- 10
I'm failing getting keybased login to work. In sshd, using debug mode (sshd -ddd) I see the following:
With
Although wmic is showing something else for user sshd (weird?)
Still, it seems clear that something is wrong with the permissions for user sshd, right? Well, I tried almost every possible thing with the permissions and still it is failing to work...
I also disabled inheritance and tried setting permissions using the command line:
These are my current (non-working) permissions, but, as said, I've already tried many more combinations... Suggestions are very welcome
Code:
debug3: Bad permissions. Try removing permissions for user: S-1-5-80-3847866527-469524349-687026318-516638107-1125189541 on file C:/Users/m4st4/.ssh/authorized_keys.
Authentication refused.With
Code:
C:\Users\m4st4\Desktop>PsGetsid64.exe S-1-5-80-3847866527-469524349-687026318-516638107-1125189541
PsGetSid v1.45 - Translates SIDs to names and vice versa
Copyright (C) 1999-2016 Mark Russinovich
Sysinternals - www.sysinternals.com
Account for I7\S-1-5-80-3847866527-469524349-687026318-516638107-1125189541:
Well Known Group: NT SERVICE\sshdAlthough wmic is showing something else for user sshd (weird?)
Code:
C:\Users\m4st4\Desktop>wmic useraccount get name,sid
Name SID
Administrator S-1-5-21-315302166-1028895185-691776241-500
DefaultAccount S-1-5-21-315302166-1028895185-691776241-503
Guest S-1-5-21-315302166-1028895185-691776241-501
m4st4 S-1-5-21-315302166-1028895185-691776241-1001
ReadOnly S-1-5-21-315302166-1028895185-691776241-1006
sshd S-1-5-21-315302166-1028895185-691776241-1007
WDAGUtilityAccount S-1-5-21-315302166-1028895185-691776241-504Still, it seems clear that something is wrong with the permissions for user sshd, right? Well, I tried almost every possible thing with the permissions and still it is failing to work...
Code:
PS C:\Users\m4st4\.ssh> Repair-AuthorizedKeyPermission C:\Users\m4st4\.ssh\authorized_keys
[*] C:\Users\m4st4\.ssh\authorized_keys
'NT SERVICE\sshd' now has Read access to 'C:\Users\m4st4\.ssh\authorized_keys'.
Repaired permissionsI also disabled inheritance and tried setting permissions using the command line:
Code:
C:\Users\m4st4\Desktop>icacls %USERPROFILE%\.ssh\authorized_keys /grant "NT SERVICE\sshd":(R)
processed file: C:\Users\m4st4\.ssh\authorized_keys
Successfully processed 1 files; Failed processing 0 files
C:\Users\m4st4\Desktop>icacls %USERPROFILE%\.ssh\authorized_keys /grant "i7\m4st4":(F)
processed file: C:\Users\m4st4\.ssh\authorized_keys
Successfully processed 1 files; Failed processing 0 filesThese are my current (non-working) permissions, but, as said, I've already tried many more combinations... Suggestions are very welcome
Code:
PS C:\Users\m4st4\.ssh> (Get-Acl).Access
FileSystemRights : FullControl
AccessControlType : Allow
IdentityReference : NT AUTHORITY\SYSTEM
IsInherited : False
InheritanceFlags : ContainerInherit, ObjectInherit
PropagationFlags : None
FileSystemRights : FullControl
AccessControlType : Allow
IdentityReference : I7\m4st4
IsInherited : False
InheritanceFlags : ContainerInherit, ObjectInherit
PropagationFlags : None
FileSystemRights : Read, Synchronize
AccessControlType : Allow
IdentityReference : I7\sshd
IsInherited : False
InheritanceFlags : ContainerInherit, ObjectInherit
PropagationFlags : None
PS C:\Users\m4st4\.ssh> (Get-Acl .\authorized_keys).Access
FileSystemRights : FullControl
AccessControlType : Allow
IdentityReference : NT AUTHORITY\SYSTEM
IsInherited : False
InheritanceFlags : None
PropagationFlags : None
FileSystemRights : FullControl
AccessControlType : Allow
IdentityReference : I7\m4st4
IsInherited : False
InheritanceFlags : None
PropagationFlags : None
FileSystemRights : Read, Synchronize
AccessControlType : Allow
IdentityReference : NT SERVICE\sshd
IsInherited : False
InheritanceFlags : None
PropagationFlags : None
Facebook
Twitter
Instagram