Mail Archives: cygwin/2004/04/18/06:18:27
On Apr 16 19:49, Pierre A. Humblet wrote:
> At 12:08 AM 4/17/2004 +0200, Corinna Vinschen wrote:
> >On Apr 16 15:44, Peter Kok wrote:
>
> >> Q2: Could nontsec work with public key authentication? I have granted
> >> the account with several local user rights, "create token object,
> >> logon
> >> as a service' and 'replace a process level token'
> >
> >Did you give the SYSTEM account the right to read your ~/.ssh directory
> >and the files in it? Does the service know about nontsec (set CYGWIN
> >in global windows environment or through cygrunsrv)? Is StrictModes set
> >to no in /etc/sshd_config?
>
> >From Peter's question it's not clear if his sshd is running as SYSTEM.
> If it is, then granting the privileges to the user should not be
> necessary, but that doesn't explain the problem.
>
> I can reproduce on an NT system, with sshd running as SYSTEM,
> but I can't explain it. Part of the debug output of ssh is given
> below, with and without ntsec. The difference is in the last few
> lines.
It's a problem with the ntsec specific test in OpenSSH itself. The
test requires ntsec to be turned on for switching user context w/o
password. This isn't required anymore for a while but the test in
OpenSSH still insists on ntsec for pubkey auth.
I've send a patch to the portable OpenSSH developers list which hopefully
makes it into 3.8.1p1, which is due RSN.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Co-Project Leader mailto:cygwin AT cygwin DOT com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -