delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2013/05/18/23:29:27

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:message-id:date:from:reply-to:mime-version:to
:subject:references:in-reply-to:content-type
:content-transfer-encoding; q=dns; s=default; b=rcM0SI+2rztpGmx1
HELQaaUW6Gor4jQxSQ50c8lceBvAEqiwIluLAB/yNjVJMId0ei+csOlcup4cYfFR
PgOa0cbuJi10R69aPcp6wQW4xpmAgzR8mnN69fAqk3mFIFMlW7CpjmMM83lcg2h3
xK4eY4eaSwbqOmysWIikuAWdotM=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:message-id:date:from:reply-to:mime-version:to
:subject:references:in-reply-to:content-type
:content-transfer-encoding; s=default; bh=EVZ11Q0j9dMzVjH/0XhGFN
0vmNQ=; b=FmVlzrdmit58VSW/FKLGwo74UxScy0IOtrAzhERhwZSFzTjSVkKCFW
9K9jZlLZd6Q55laYHpnSdKkoTkYCAXalGGJnYyt7/Ip98il3ez+78YYnTXATHwMW
F69qzSwztYAk6zbBbXnYbTzWsJHWxFFG5qj6wCJgl+BdZJa5ttCt4=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
X-Spam-SWARE-Status: No, score=3.0 required=5.0 tests=AWL,BAYES_20,BOTNET,KHOP_THREADED,RCVD_IN_DNSWL_NONE,RCVD_IN_HOSTKARMA_NO,RCVD_IN_HOSTKARMA_YE autolearn=no version=3.3.1
Message-id: <519846F8.6000606@cygwin.com>
Date: Sat, 18 May 2013 23:28:56 -0400
From: "Larry Hall (Cygwin)" <reply-to-list-only-lh AT cygwin DOT com>
Reply-to: cygwin AT cygwin DOT com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6
MIME-version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: Public key authentication not working when I do "ssh localhost"
References: <CAO6Meo_rcDOdU_41k0BQOq5J2Tk0RWpvvSiLMi5bSWWHnB9X0Q AT mail DOT gmail DOT com>
In-reply-to: <CAO6Meo_rcDOdU_41k0BQOq5J2Tk0RWpvvSiLMi5bSWWHnB9X0Q@mail.gmail.com> 

On 5/18/2013 10:59 PM, Naveen Narayanan wrote:
<snip>
> There are a couple of issues as well: - The group is displayed as
> mkgroup. - The user "navenara" does not exist in the localhost, I
> guess. It was not displayed in "net user sshd". "navenara" is a Domain
> account. Could this be causing the public key authentication issue?
<snip>

Yes.  Public key authentication requires switching the user context,
which requires the user running 'sshd', 'cyg_server' in this case, to have
certain Windows privileges to do this.  But this user, created by
ssh-host-config, is a local user, not a domain.  So it can't switch
to the domain user context.  Your choices are create a local account
and use that, create a domain account with privileges to run 'sshd',
or don't use public key authentication.  If you're interested in learning
more about how the Windows security model is used in Cygwin, see this
section in the Users Guide:

<http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview>

If you'd like to remove 'mkgroup' as your group, run
'mkgroup -l -d >/etc/group'.  That should grab your domain groups
so that you see the proper one for your user.

-- 
Larry

_____________________________________________________________________

A: Yes.
 > Q: Are you sure?
 >> A: Because it reverses the logical flow of conversation.
 >>> Q: Why is top posting annoying in email?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019