Mail Archives: cygwin/2009/05/11/04:08:41
On May 11 00:10, Dave Korn wrote:
> Andrew DeFaria wrote:
>
> >> So to recap: I'd like to provide pre-shared key ssh access to a
> >> particular username. I cannot, however, use an SMB shared home directory
> >> for that user without encountering problems with ssh and permissions.
> >>
> >> If the above statement is not true and you have any ideas on how to
> >> achieve these objectives then let me know.
> >>
> > Anybody care to comment or at least acknowledge this issue?
>
> The above statement is, unfortunately, true. IIUC, until you can use 1.7
> with the lsa auth plugin (or perhaps this password caching feature, I'm not
> familiar with it), any user logging in by ssh key does not really log in as
> the actual windows user they are trying to be, but impersonates (after some
> fashion - it might not actually be token impersonation in the win32 api sense
> of the word) that user, while actually really being the ssh user underneath.
>
> I could be wrong. I hope someone will jump in if I've seriously mis-spoke,
> but I think at least I'm pointing you in the right ball-park.
It's basically correct but it's a bit more complicated for a weird reason
which has to do with how Windows handles logon sessions. Reading
http://cygwin.com/1.7/cygwin-ug-net/ntsec.html#ntsec-nopasswd1 might
sched some light.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -