This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sshd authorized_keys fails from network directory


Christopher,

Your theory is apparently correct.

One workaround you might try is allowing the sshd service to interact with
the desktop (by checking the appropriate box) and mounting the share as
the logged-on user.  What others reported as a "security problem" (that a
user can access other users' shares through Cygwin) could be a solution
for you.
	Igor

On Fri, 7 Mar 2003, Christopher Hammack wrote:

> (Please cc: me if you would on any replies)
>
> I would appreciate some insight on this problem, as it would
> be great to be able to do what we're attempting:
>
> If I create a domain user and add it to the sshd password file,
> and it's home directory is on a file server \\my_server\my_user,
> and set up an authorized_keys file, it will not work (I can log in,
> but I am prompted for a password).
>
> However, if I move the home directory to /cygdrive/c/test and set up
> the authorized_keys file, it works fine.
>
> Similarly, I can map Z: to \\my_server\my_user as the current logged in
> user (on the console--a Windows 2000 machine), and then set Z:\ as my home
> directory and this will not work either.
>
> Note that I can both ssh and scp in and use this directory normally if
> I actually provide a password.  However, it is absolutely necessary to
> use rsa authentication for this application.
>
> My theory is that the sshd server is running as a system process uid (my
> terminology may not be exactly right--more familiar with unix) at the time
> it is looking for authorized_keys, and windows doesn't usually let you look
> at network directories you don't mount as that user (?).
>
> If it makes a difference, I'm running samba as the file server, and I have
> strict checking turned off (and I've tried it with it on as well).
>
> Thanks for any help.
> -cnh

-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha at cs dot nyu dot edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor at watson dot ibm dot com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

Oh, boy, virtual memory! Now I'm gonna make myself a really *big* RAMdisk!
  -- /usr/games/fortune


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]