When I upgraded my Cygwin installation from 1.7.33 to 1.7.34, I started to get a “bad owner or permission” error message when I'd start a SSH connection. I searched the web for a couple of days but every website that I went to said to do:
cd .ssh chmod 600 config chmod 600 id_rsa
Unfortunately, every time I'd execute that, the permissions would not change and I see this for the directory listing:
user@LAPTOP:~/.ssh $ dir total 72K d---rwx---+ 1 user Domain Users 0 Feb 1 18:46 . d---rwx---+ 1 user Domain Users 0 Jan 31 20:57 .. ----rwx---+ 1 user Domain Users 1.5K Oct 29 18:13 config ----rwx---+ 1 user Domain Users 1.7K May 18 2013 id_github ----rwx---+ 1 user Domain Users 1.5K Aug 6 2014 id_github.ppk ----rwx---+ 1 user Domain Users 1.7K Feb 17 2013 id_host1 ----rwx---+ 1 user Domain Users 1.5K Aug 6 2014 id_host1.ppk ----rwx---+ 1 user Domain Users 1.7K May 5 2014 id_host2 ----rwx---+ 1 user Domain Users 1.7K May 18 2013 id_host3 ----rwx---+ 1 user Domain Users 1.7K Mar 8 2011 id_host4 ----rwx---+ 1 user Domain Users 883 Jan 14 2013 id_rsa ----rwx---+ 1 user Domain Users 8.7K Feb 1 14:15 known_hosts
I finally came across a mailing list post talking about how the new version of Cygwin took ACLs into account when calculating permissions. This turned out to be the answer and directed me toward the solution:
setfacl --s user::rw-,group::---,other::---,mask::--- config setfacl --s user::rw-,group::---,other::---,mask::--- id_github setfacl --s user::rw-,group::---,other::---,mask::--- id_host1 setfacl --s user::rw-,group::---,other::---,mask::--- id_host2 setfacl --s user::rw-,group::---,other::---,mask::--- id_host3 setfacl --s user::rw-,group::---,other::---,mask::--- id_host4 setfacl --s user::rw-,group::---,other::---,mask::--- id_rsa
which then gave me the correct permissions:
user@LAPTOP:~/.ssh $ dir total 72K d---rwx---+ 1 user Domain Users 0 Feb 1 18:46 . d---rwx---+ 1 user Domain Users 0 Jan 31 20:57 .. -rw------- 1 user Domain Users 1.5K Oct 29 18:13 config -rw------- 1 user Domain Users 1.7K May 18 2013 id_github ----rwx---+ 1 user Domain Users 1.5K Aug 6 2014 id_github.ppk -rw------- 1 user Domain Users 1.7K Feb 17 2013 id_host1 ----rwx---+ 1 user Domain Users 1.5K Aug 6 2014 id_host1.ppk -rw------- 1 user Domain Users 1.7K May 5 2014 id_host2 -rw------- 1 user Domain Users 1.7K May 18 2013 id_host3 -rw------- 1 user Domain Users 883 Mar 8 2011 id_host4 -rw------- 1 user Domain Users 1.7K Jan 14 2013 id_rsa ----rwx---+ 1 user Domain Users 8.7K Feb 1 14:15 known_hosts
After this, SSH worked the same as when Cygwin 1.7.33 was installed. I'm not sure if SSH was upgraded during upgrade so it may have been the result of a newer version of OpenSSH. Checking the version indicates that the binary was most likely part of the upgrade:
user@LAPTOP:~/ $ ssh -V OpenSSH_6.7p1, OpenSSL 1.0.1k 8 Jan 2015