This is the mail archive of the
mailing list for the Cygwin project.
Re: How do I run sshd as a particular user?
On Fri, Apr 11, 2008 at 8:22 PM, Alfred von Campe <firstname.lastname@example.org> wrote:
> On Apr 11, 2008, at 11:48, I wrote:
> > Well, I spoke a little too soon. I got this working on two systems, but
> can not get it to work on a third. The ssh daemon appears to start (neither
> cygrunsrv -S nor starting it from the Services Panel gives an error), but it
> really does not.
> I managed to solve this by rebooting the system and re-running
> ssh-host-config (and then changing permissions, etc.). I now have all three
> build systems working as expected.
> Thanks again for all the help,
I'm a bit late to this discussion.. I set this up a while ago and one
interesting thing that I noticed is that you can:
net use \\whatever /user:domain\user
net use x: \\whatever /user:domain\user
(ie: without specifying a drive letter).
If you don't specify a drive letter then it works even when you are
logged in without a password. Taking this one step further, you can
make a symlink
ln -s '\\whatever' /remotefilesystem
and then just access files in /remotefilesystem instead of /cygdrive/X
This pretty much solved the issue of accessing network drives when
logged in without a password.
Later a requirement was introduced that we run sshd as an unprivileged
user and so I switched to having a service that logs in with a
password as you are now doing.
In order to run sshd as an unprivileged user I had to use a nasty
hexedit hack on the sshd.exe file to replace the seteuid() call (which
fails / returns -1 without admin privileges and causes sshd to exit)
with a call to isalpha() which has (almost) the same function
prototype, but always returns 0 unless your userid 'is an alphanumeric
If you run without admin privileges sshd can't actually verify
passwords for passworded logins, but ssh keys seemed to work just fine
which is what we wanted anyway. Obviously you can only log in as that
one user that's running ssh, but again this was acceptable.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html