Cygwin ssh and Windows authentication

Jarek yaro_29@hotmail.com
Tue Jul 21 14:30:00 GMT 2015 


On 2015-07-21 02:25, Andrey Repin wrote:
> Greetings, Jarek!
Hey Andrey.
>> So why are they not needed as your comment doesn't really explain that
> Read 1.7.35 changelog.
> In short, username resolution was completely reworked, thanks to Corinna, and
> Cygwin now directly address domain controllers for it.
OK so it addresses DCs to check some settings or priviliges. I don't 
suppose it just asks 'hey DS, can contoso\johnd access sshd on server1?' 
to which the DC is like 'dude, what the heck is sshd?' :) I now have the 
cygwin service running in domain context so now I would somehow need to 
let the DC know whe is allowed to ssh to my server1. My domain account, 
although in local admins on the server is now failing authentication 
when trying to ssh. Which gets us back to the question what do I need 
for a DC to authenticate me?
>
>> and how exactly did I screwed up my setup if I can actually access the
>> server with a domain user account no problem?
> On that, I'm surprized.

Maybe a bug then?
>
>> Perhaps it's not how it works but it somehow works so again would be good to
>> know why. It's only domain groups that don't work. Even if I set the service
>> account to run under a domain account how would this fix my problem with
>> group access assuming in current setup it works for domain users but not for
>> groups?
>> Again if not the /etc/passwd or /etc/group files then what controls the
>> access?
> /etc/passwd/group has nothing to do with "access control".
> The files were only used to convert Windows to Cygwin names (and supply other
> Cygwin-specific information), on the presumption that there will never be too
> much of it. This is now done on the fly, allowing to deploy Cygwin in large
> domains.
>
> P.S.
> I would appreciate, if you don't top-post.
>
Yeah, sorry for my bad formatting. Working on that. Hope I'm not 
top-posting again.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list