I am attempting to get key based auth working on OpenSSH on Windows Server 2019. Currently we installed Open SSH according to the Microsoft docs and can login using our AD logins using password auth but when following instructions for key based authentication the following errors start to pop up.
On the client side we get this:
client_loop: send disconnect: Connection reset
Google results seem to think this is a timeout of some sort but its happening instantaneously before we get a prompt.
On the host side we are seeing the following in the event viewer:
sshd: fatal: fork of unprivileged child failed
Google results for this suggest processes are being used up but that seems unlikely in our situation.
Our setup is standard following the documentation found here, the only change made to the sshd config is to enable key authentication, everything else is default post installation. Happy so supply any additional information, unsure what else might be relevant.
EDIT: Did a little more digging and with a verbose output it looks like the public key is accepted but it closes the connection immedeiatly after:
Authenticated to <ip> ([<ip>]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
debug1: ENABLE_VIRTUAL_TERMINAL_INPUT is supported. Reading the VTSequence from console
debug1: ENABLE_VIRTUAL_TERMINAL_PROCESSING is supported. Console supports the ansi parsing
client_loop: send disconnect: Connection reset
Its now attempting key based auth even when I dont supply a key with -i which is odd.
답변1
I don't know if this sill applies but back when we set up OpenSSH for Windows, Microsofts documentation and out of the box features were not working.
We used these sources and instructions to set it up properly:
regarding configuration our sshd_config contains among other things:
AuthorizedKeysFile .ssh/authorized_keys
Subsystem sftp sftp-server.exe
Match Group administrators
AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys
sftp settings because we use it mainly to move files (please don't ask why).