This is the mail archive of the
mailing list for the Cygwin project.
Re: Cygwin ssh and Windows authentication
- From: Jarek <yaro_29 at hotmail dot com>
- To: cygwin at cygwin dot com
- Date: Mon, 20 Jul 2015 20:59:30 +0200
- Subject: Re: Cygwin ssh and Windows authentication
- Authentication-results: sourceware.org; auth=none
- References: <BLU436-SMTP39AE7DD48809E802CE4DAE9E860 at phx dot gbl> <1301881165 dot 20150720013859 at yandex dot ru>
So why are they not needed as your comment doesn't really explain that
and how exactly did I screwed up my setup if I can actually access the
server with a domain user account no problem? Perhaps it's not how it
works but it somehow works so again would be good to know why. It's only
domain groups that don't work. Even if I set the service account to run
under a domain account how would this fix my problem with group access
assuming in current setup it works for domain users but not for groups?
Again if not the /etc/passwd or /etc/group files then what controls the
On 2015-07-20 00:38, Andrey Repin wrote:
I'm still quite new to Cygwin. I'm using the most recent version to
install the ssh component on Server 2012R2 member server since it
happened to become a requirement for certain users. The problem I have
is to understand how to allow access for domain groups. I read the new
version doesn't even need the /etc/passwd and /etc/group files any more
but I couldn't see any explanation as to how to allow users or groups
permission to ssh to the cygwin sshd server.
Short version is that you need SSH server running under domain user.
Which needs to be created prior to starting ssh-host-config.
Running ssh-host-config answering yes to all questions except the one for
using other user than the cyg_server I set up the ssh daemon. Not knowing
any other way I created the /etc/passwd file with $mkpasswd -l > /etc/passwd
These files no longer need, but in your specific case, you actually just
screwed your setup.
which dumped all local users into the file. I successfully added a domain user
with $mkpasswd -u [domain_user] -D [domain] >> /etc/passwd.
That's not how it works.
This worked just fine creating the /home/[user] folder I think although
I haven't checked if it didn't get created earlier since I installed
Cygwin under that user account. No idea though how to get this working
without the use of /etc/passwd file. I then created the /etc/group file
and added my selected domain user group to it. Unfortunately in this
case members of the group cannot connect via ssh. I don't know if there
is a way to list all users including group members with access
permissions. $net user lists only users. I tried $net group but this
seems to be limited to DCs only which I have no access to. Could someone
please explain how can this be set up and what tellls Cygwin who can
connect and who can't?
It was there all the time.
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple