This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: 1.7 Public Key Authentication problem

On 2010/02/03 10:07 PM, shane fenton wrote:
> Hi,
> First time poster - so hopefully will get it right :)
> Cygwin 1.7 installed on approx 10 machines - XP /2008
> domain cyg_server user created
> Added above user to Quotas/create token/replace token & log on as
> service & local admins on pc's
> added cyg_server to passwd file
> ssh-host-config (found above user and used it and did the right perms
> on /var/empty & /var/log/sshd.log )
> added domain user accounts to passwd  & domain users group  > group

You didn't mention whether you set up the LSA authentication package
(with /usr/bin/cyglsa-config), or used 'passwd -R' for each user. Did
you try either of those?

The Cygwin User Guide goes into great detail about the methods of
changing user context, in this chapter:

The gist of that chapter is this: If you want to be able to login via
ssh as a user that is not running the sshd daemon, you have basically
two options:

(1) Provide a valid Windows password to the sshd daemon, either
interactively (which you obviously don't want to do, since you're
attempting public key auth), or stored statically in the registry via
'passwd -R'.

(2) Use the LSA authentication package. Bear in mind that if you use
this option to avoid giving sshd your password entirely, I believe that
certain privileges are withheld from the logged in user. [I don't
remember exactly what privs are missing in this case... access to
network resources maybe?]

Hope this helps,

Problem reports:
Unsubscribe info:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]