Mail Archives: cygwin/2011/09/12/01:00:51

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2011/09/12/01:00:51

X-Recipient: archive-cygwin AT delorie DOT com

X-SWARE-Spam-Status: No, hits=-0.3 required=5.0 tests=AWL,BAYES_40,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD

X-Spam-Check-By: sourceware.org

Message-ID: <COL102-W24D0DF99ACF9F3F3D68DECB5020@phx.gbl>

From: Karl M <karlm30 AT hotmail DOT com>

To: <cygwin AT cygwin DOT com>

Subject: FW: admin privileges when logging in by ssh?

Date: Sun, 11 Sep 2011 22:00:23 -0700

In-Reply-To: <COL102-W5739C711DD0B54BEDED573B5020@phx.gbl>

References: <rg0q679hpajl00ujv34jtmavsanhpb6n2t AT 4ax DOT com>,<jcbq67lml6l3qfvm5ukb6fbtcliq0kb7ee AT 4ax DOT com>,<a3mq67l0qniptng808d8perkarqpeupduc AT 4ax DOT com>,<4E6D677B DOT 6090503 AT cs DOT umass DOT edu>,<COL102-W5739C711DD0B54BEDED573B5020 AT phx DOT gbl>

MIME-Version: 1.0

X-IsSubscribed: yes

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id p8C50k73009972

> Date: Sun, 11 Sep 2011 21:59:23 -0400
> From: moss
> To: cygwin
> Subject: Re: admin privileges when logging in by ssh?
>
> On 9/11/2011 9:07 PM, Andrew Schulman wrote:
> >>> When a user with administrative privileges logs in to sshd, it seems that the user is only granted
> >>> standard user privileges for that session. Is there a way around that? How can I get the admin
> >>> privileges for that session?
> >>
> >> Nevermind. I found the answer from Corinna way back in 2004:
> >> http://cygwin.com/ml/cygwin/2004-09/msg00087.html. "The bottom line is, if you need all the user's
> >> access rights use password authentication. If that doesn't help, you're out of luck."
> >
> > Continuing my conversation with myself...
> >
> > The above is half right. It seems that I have to log in by password
> > authentication, and then authenticate again to UAC, before I get my admin
> > rights.
> >
> > At the console that's how it works: I log in as the backup user, ask for admin
> > rights, authenticate again to UAC, and then, finally, can read or write any file
> > on the system.
> >
> > In sshd, I log in by password authentication, but now I'm stuck because I don't
> > know a command-line program to authenticate to UAC. Without that, I don't have
> > any admin rights.
> >
> > So: Is there a command-line program that will allow me to authenticate to UAC?
> > And do I have this right?
>
> If what you want to do is to run a particular program with elevated
> privileges (which I guess might include cmd.exe), then this web
> page may be of assistance:
>
> http://www.sevenforums.com/tutorials/11949-elevated-program-shortcut-without-uac-prompt-create.html
>
> Other pages I found make the same recommendation.
>
Two other alternatives for elevation:


1) Win 7 (and perhaps Vista) allows to run select programs elevated without UAC. It involves creating
a data base of trusted programs that windows will check. See...
http://www.techrepublic.com/blog/window-on-windows/selectively-disable-uac-for-your-trusted-vista-applications/635


2) Use a program that can handle the elevation for you, such as hstart ot this one...
UAC Trust Shortcut http://www.itknowledge24.com/downloads.html#


For the issue of priv level for the user logged in from ssh, Corinna announced multiple options available with the 1.7
Cygwin release. The password can be saved locally as windows does for services and scheduled tasks or the LSA
can be used. See
http://cygwin.com/cygwin-ug-net/ntsec.html


HTH,

...Karl 		 	   		  

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status:	No, hits=-0.3 required=5.0 tests=AWL,BAYES_40,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD
X-Spam-Check-By:	sourceware.org
Message-ID:	<COL102-W24D0DF99ACF9F3F3D68DECB5020@phx.gbl>
From:	Karl M <karlm30 AT hotmail DOT com>
To:	<cygwin AT cygwin DOT com>
Subject:	FW: admin privileges when logging in by ssh?
Date:	Sun, 11 Sep 2011 22:00:23 -0700
In-Reply-To:	<COL102-W5739C711DD0B54BEDED573B5020@phx.gbl>
References:	<rg0q679hpajl00ujv34jtmavsanhpb6n2t AT 4ax DOT com>,<jcbq67lml6l3qfvm5ukb6fbtcliq0kb7ee AT 4ax DOT com>,<a3mq67l0qniptng808d8perkarqpeupduc AT 4ax DOT com>,<4E6D677B DOT 6090503 AT cs DOT umass DOT edu>,<COL102-W5739C711DD0B54BEDED573B5020 AT phx DOT gbl>
MIME-Version:	1.0
X-IsSubscribed:	yes
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Unsubscribe:	<mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id p8C50k73009972