sshd client can't access remote shares

Steve Briggs zzybaloobah@yahoo.com
Sat Jan 21 22:53:00 GMT 2006


--- Igor Peshansky <pechtcha@cs.nyu.edu> wrote:
> On Fri, 20 Jan 2006, Steve Briggs wrote: 
> > I can't access network shares when I connect via sshd.

> >   bash>cygrunsrv -I sshd -p /usr/sbin/sshd -A -d
>                                              ^^^^^
> I hope this is a typo (though your sshd output indicates that it isn't).
> First off, the options should be "-a -D" (otherwise sshd will detach, and
> won't be under cygrunsrv's control).  Also, the "-d" option will cause
> sshd to exit after the first connection.
The "-A" is a typo, should be "-a".  I tried both the "-D" (normally
used option) and also "-d" during testing to get the additional
debugging info.

> >   bash>cygrunsrv -S sshd
> > then login as Steve via sshd using password authentication
> > (I have NOT set up authentication with keys), it says:
> >   "debug1: permanently_set_uid 14896/544"
> > It lets me login as Steve with my password, but
> >   bash>"net use s: '\\rem_mach\rem_share'" immedidately gives:
> >   "System error 1312 has occured."
> 
> "net helpmsg 1312" shows that this error means that "A specified logon
> session does not exist. It may already have been terminated."
> 
> > This also happens with
> >   bash>net use s: '\\rem_mach\rem_share' /user:Steve
> > but
> >   bash>net use s: '\\rem_mach\rem_share' '/user:FDE\Steve' mypassword
> > works (seems to be the only combination that does work).
> > It doesn't seem to matter if I ssh in from a remote machine or locally
> > (bash>ssh localhost).
> 
> You should also be able to issue a "net use s: '\\rem_mach\rem_share'
> /user:Steve '*'", which will prompt you for a password.
I tried that, it immediately responds with the 1312 error; does not
prompt for a password (or if it does, it doesn't wait for a response...)

BTW, if I login via ssh and try
bash>cd //different_rem_mach/different_rem_share
I get a "permission denied" error

> > I thought that if I used password authentication with sshd, that the
> > process had all the correct user tokens to access shares on the domain?
> 
> This should be correct.

> I wonder if this is related to the recent WindowStation changes in
> Cygwin's fhandler_console...
> 
> > I've attached the output of "cgycheck -svr".
> 
> Which looks normal, BTW -- the only weird thing is that the userid for
> "Steve" is 4896, not 14896 as you indicated in your /etc/passwd quote
> above.
Yes, let me explain.  For some odd reason, the mkpasswd script
added 10000 to the Win RIDs of 4896/544 to generate a UID/GID of 14896/
10544 in the /etc/passwd file.  When my ssh login problems started, I
manually edited the passwd file to make the UID/GID 4896/544 to agree
with the SID entry in /etc/passwd.  I've tried both ways (UID=4896 and
UID=14896, with reboots in between), the error is the same.

I assume that as far as user authentication is concerned, it's the 
SID in /etc/passwd and the user-supplied password that matters, not 
the UNIX UID?

> If you're willing to build Cygwin from CVS, try commenting out lines
> 149-151 of fhandler_console.cc and see if that makes your problem go away.
> That should tell us if my guess is correct and the WindowStation changes
> were the culprit.
Thanks, I may try that later in the week.

Steve


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



More information about the Cygwin mailing list