Proper Windows Permissions for SFTP Users

Oren Elrad elradREMOVETHIS@brandeis.edu
Mon May 5 00:38:00 GMT 2008 

Hi,

Running WinXP Pro, local users only and I find that only admin users can
launched an SFTP session (see below for the precise error message). This
must be a permissions problem since changing a user to admin allows them to
SFTP; change them back to "limited" and they cannot. I tried the following:

(1) Logged on as the user in question, ran cmd (per Cygwin instructions),
logged out
(2) Set permissions for 'Users' on C:\cygwin and C:\Windows to allow "Read
and Execute", "List Folder Contents" and "Read" recursively (replace all
child permissions with these) per recommendation of some other posts on the
mailing list.
(3) chmod 755 /usr/sbin/* /usr/bin/* 
(4) Restarted sshd

I don't know what other directories I should allow. Any insight would be
wonderful.

Thanks in advance, 

Oren

Attached: cygcheck.out (produced by cygcheck -s -v -r)

Appendix: Error Message Received by non-admin users (snipped) produced with
sftp -vv:

debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug2: fd 4 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending subsystem: sftp
debug2: channel 0: request subsystem confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.3 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 53
Connection closed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cygcheck.out
Type: application/octet-stream
Size: 12498 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20080505/998cff95/attachment.obj>
-------------- next part --------------
--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

More information about the Cygwin mailing list