Mail Archives: cygwin/2009/05/10/18:59:52

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2009/05/10/18:59:52

X-Recipient: archive-cygwin AT delorie DOT com

X-SWARE-Spam-Status: No, hits=-2.4 required=5.0 tests=AWL,BAYES_00,SPF_PASS

X-Spam-Check-By: sourceware.org

Message-ID: <4A075F01.2080103@gmail.com>

Date: Mon, 11 May 2009 00:10:57 +0100

From: Dave Korn <dave DOT korn DOT cygwin AT googlemail DOT com>

User-Agent: Thunderbird 2.0.0.17 (Windows/20080914)

MIME-Version: 1.0

To: cygwin AT cygwin DOT com

Subject: Re: ssh, smbntsec, mounted home directory - is it possible

References: <gu0hcm$dc4$1 AT ger DOT gmane DOT org> <gu6scm$o1f$1 AT ger DOT gmane DOT org>

In-Reply-To: <gu6scm$o1f$1@ger.gmane.org>

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Andrew DeFaria wrote:

>> So to recap: I'd like to provide pre-shared key ssh access to a
>> particular username. I cannot, however, use an SMB shared home directory
>> for that user without encountering problems with ssh and permissions.
>>
>> If the above statement is not true and you have any ideas on how to
>> achieve these objectives then let me know.
>>   
> Anybody care to comment or at least acknowledge this issue?

  The above statement is, unfortunately, true.  IIUC, until you can use 1.7
with the lsa auth plugin (or perhaps this password caching feature, I'm not
familiar with it), any user logging in by ssh key does not really log in as
the actual windows user they are trying to be, but impersonates (after some
fashion - it might not actually be token impersonation in the win32 api sense
of the word) that user, while actually really being the ssh user underneath.

  I could be wrong.  I hope someone will jump in if I've seriously mis-spoke,
but I think at least I'm pointing you in the right ball-park.

    cheers,
      DaveK

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status:	No, hits=-2.4 required=5.0 tests=AWL,BAYES_00,SPF_PASS
X-Spam-Check-By:	sourceware.org
Message-ID:	<4A075F01.2080103@gmail.com>
Date:	Mon, 11 May 2009 00:10:57 +0100
From:	Dave Korn <dave DOT korn DOT cygwin AT googlemail DOT com>
User-Agent:	Thunderbird 2.0.0.17 (Windows/20080914)
MIME-Version:	1.0
To:	cygwin AT cygwin DOT com
Subject:	Re: ssh, smbntsec, mounted home directory - is it possible
References:	<gu0hcm$dc4$1 AT ger DOT gmane DOT org> <gu6scm$o1f$1 AT ger DOT gmane DOT org>
In-Reply-To:	<gu6scm$o1f$1@ger.gmane.org>
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com