Mail Archives: cygwin/2001/10/26/12:15:28
Password authentication *truly* authenticates you, but ssh (without a
password) uses NtCreateToken, which creates an authentication token
without the need for a password. Unfortunately, this token is not
unique- it cannot be, because it isn't generated with a unique
username/password combination. So the rights that you have when you use
password authentication are very slightly different when you use
RSAAuthentication.
How did you install sshd- "sshd --install-as-service"? Which user is
running the sshd service- SYSTEM, or another user? You can check the
mailing list archives to confirm this, but AFAIK there are limitations
to ssh when you do not use password authentication, specifically with
intricacies of user rights and accessing network shares.
HTH,
Peter
Peter Fales wrote:
> I'm currently trying to get sshd access to our Cygwin/Win2000 machine.
> Currently it works well using password authentication, but I can't get
> it to use RSAAuthentication - it seems to be accepting the key, but
> then exits right away and creates a windows event log entry:
>
> 10/26/2001 9:51:38 AM 1 0 0 sshd NT AUTHORITY\SYSTEM EXPNOVE sshd : Win32 Process Id = 0x470 : Cygwin Process Id = 0x470 : fatal: setuid 1000: Not owner
>
> I know something like this has been discuseed before, and I've tried to
> follow all the steps I can find documented:
>
> - I've added "CYGWIN=ntsec tty" to the system environement
> - I've added these rights for the user that is running cygrunsrv
> and the SYSTEM account:
> "Act as part of operating system"
> "Replace a process level token"
> "Increase quotas"
>
> I'm at a loss to understand why this isn't working, particularly since
> it seems like password authentication would be doing pretty much the same
> thing. Can anyone suggest what to try next?
>
>
--
--
Your mouse has moved.
Windows NT must be restarted for the change to take effect.
Reboot now? [OK]
--
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -