[Samba] Trouble in ssh into Windows machines in the Windows/Samba Domain

Sun Apr 11 10:24:04 UTC 2021

On 11/04/2021 10:44, Nicola Mingotti via samba wrote:
>
> On the windows release the story is different. If I write my public 
> key into
> authorized_keys the ssh process bombs out.

Using the standard Win10 ssh, it works for myself

>
> these logs migth be relevat. They are related do Windows SSHD.
>
>
>
> ==== connection with public key defined in authorized_keys 
> ================
>
> -----ssh -v
>
>
>
> debug1: pledge: network

I got exactly the same result to here.

>
> packet_write_wait: Connection to 172.16.3.53 port 22: Broken pipe

But, from here I got this:

debug1: client_input_global_request: rtype hostkeys-00 at openssh.com 
want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_GB.UTF-8

samdom\username at W10PRO C:\Users\username>

This is /etc/ssh/ssh_config on the client:

    PasswordAuthentication yes
    SendEnv LANG LC_*
    HashKnownHosts yes

Everything else is commented out.

sshd_config on the win10 server contains this:

PasswordAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys
Subsystem       sftp        sftp-server.exe

I used scp to copy the key to the Win10 computer and then put it into 
C:\Users\username\.ssh\authorized_keys

There are two ways of doing passwordless ssh and every link you have 
posted seems to be conflating them. You either copy the users key and 
put it into their authorized_keys file and do not use GSSAPI, or you 
don't use a key and use GSSAPI instead (the latter may be problematical, 
as far as I can see ssh on Windows doesn't have GSSAPI, unless you can 
point me to documentation that says otherwise).

Rowland