Mail Archives: cygwin/2016/01/29/09:44:23

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2016/01/29/09:44:23

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:in-reply-to:references:from:date

:message-id:subject:to:content-type; q=dns; s=default; b=clbfqfU

I2dO9mfI7fiwL7bRbll8cioi+iPSLHNyMZsQs5oQh4n1DlCgTQ0oFP1bKTNHfD5S

38SzpskkE5yafm6Jvdbm4265/lB7G5wIwqOjlAweG7MTWrvhaZrICu6nO5fMICgg

le4Si9UG4XtWaSuBJSBlQDnYaswr4nWnUZCQ=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:in-reply-to:references:from:date

:message-id:subject:to:content-type; s=default; bh=r+9lME1JjI1S8

toqPGb0jCnseYM=; b=fJe+6c3sA0LujChPExA0QNjgpCzmxBKjVjgxc8soOfgkq

EzshqTQ8fDTyydREnGknK0BCvRYCY7yVdk63bTwRSQu0ZGQRDd9feAMkjT+bJCWi

vjWrzC60JFPE0Bx9ccm2Jslm3BxHjchTxVthnbKF+Fgy2g8OXCb9PZKvJnqIMg=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=2.6 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=drives, purchased, glenn, Glenn

X-HELO: mail-lb0-f177.google.com

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; bh=MBs1bopJe1UoOcjJAvI9xC+faJlQiKyJvnP3TfKoeEM=; b=C/3b/+Il4CtBozzrzQOg5/hrY5WM1sGESXEOL5Xvh/67JP5fm2SsR5yBb+8K5xZyIH dNeJnYSNSDPAk0IKpJN/uEya9VdqRRnS9H1MrRcNiNCrDzzoxpirCoHpxA8XETJ3oXCw 9mQC3ZOAqoeOWhjTCLe9bagpRN+HH46k0lr9A+5UBhrHLUwTZJgjO6CpszvRzqAFU4A7 UykZArVkwm5mBF4/QiXc2BA6qLDVbgHMLB1pv5Ll2brkdgV6yRtZjFhi5nEFnbAQDC78 xX4fMBDhhuV7EuZtUqrAvPZVA9gCAZdVP0v9nE7lvCodSqSlrhvuSdbdcEJovBwcK1nX 9FLw==

X-Gm-Message-State: AG10YOTWNKVgAZnc7it1WQyv0CFB7gT0KlHtb3LCjc2nvk/T7OukBCdck514QMXjYp7PdOvaSf4H3KeXpqjE+w==

X-Received: by 10.112.161.10 with SMTP id xo10mr3386395lbb.131.1454078639507; Fri, 29 Jan 2016 06:43:59 -0800 (PST)

MIME-Version: 1.0

In-Reply-To: <BLUPR14MB01932E673DC59866097E12ECA1DB0@BLUPR14MB0193.namprd14.prod.outlook.com>

References: <CANwy9RQ2XE-HWGDrkfnkeZH3iuDOhpOo5pGtxu2afRBxLZKJJw AT mail DOT gmail DOT com> <BLUPR14MB01932E673DC59866097E12ECA1DB0 AT BLUPR14MB0193 DOT namprd14 DOT prod DOT outlook DOT com>

From: Tom Moore <moortom AT gmail DOT com>

Date: Fri, 29 Jan 2016 09:43:40 -0500

Message-ID: <CANwy9RTqZmC62DJ224KaM+cE4QLwxe79kkUYfuG_yD1d0LDoqA@mail.gmail.com>

Subject: Re: OpenSSH access to join the "Local Account" group

To: Glenn G <gluszcz55 AT hotmail DOT com>, cygwin AT cygwin DOT com

X-IsSubscribed: yes

On Thu, Jan 28, 2016 at 10:44 PM, Glenn G <gluszcz55 AT hotmail DOT com> wrote:
> Very strange. You could log in as the user, regenerate the keys and try porting it over again.  User id shouldn't have anything to do with this though.  Sounds like impersonation is messed up for sshd user on machine b.
>
>
> Sent from my iPad
>
>> On Jan 28, 2016, at 2:11 PM, Tom Moore <moortom AT gmail DOT com> wrote:
>>
>> Hi,
>>
>> I have a couple of Windows 7 machines set up as OpenSSH servers.  Both are
>> current with windows updates.   Both machines have identical cygwin
>> versions (2.0.4-1).  I have tried to make the sshd configuration identical
>> on these two machines, following the instructions on
>> http://www.howtogeek.com/howto/41560/how-to-get-ssh-command-line-access-to-windows7-using-cygwin
>>
>>
>> I have set up the client machines, generated rsa keys, and copied the
>> public keys into the authorized_keys file on the server.  Now I can log in
>> to both machines without providing a password.  So far so good.
>>
>> When I ssh log in to machine A and check the id that I am logged in with, I get:
>>
>> uid=197608(User) gid=197121(None) groups=197121(None),114(Local account and
>> member of Administrators
>> group),544(Administrators),545(Users),4(INTERACTIVE),66049(CONSOLE
>> LOGON),11(Authenticated Users),15(This Organization),113(Local
>> account),4095(CurrentSession),262154(NTLM Authentication),405504(High
>> Mandatory Level)
>>
>> which is what I need in order to interact with some other resources on the
>> system.
>>
>> When I ssh log in to machine B and check the id I get:
>>
>> uid=197608(Owner) gid=197121(None) groups=197121(None),11(Authenticated
>> Users),66048(LOCAL),66049(CONSOLE LOGON),4(INTERACTIVE),15(This
>> Organization),545(Users),4095(CurrentSession),544(Administrators),405504(High
>> Mandatory Level)
>>
>> However, if on my local client if I remove the private key from the .ssh
>> directory and ssh login again, this time having to specify a password, my
>> session will join the "Local account" group as I want.
>>
>> Is there a configuration that I am missing in order to get machine B to
>> join the "Local account" group when I log in using an rsa key?  What could
>> be different between the two machines?
>>
>> Cheers,
>>
>> Tom

To be clear, the sole administrator account on machine A that I am
logging in with has a user name of 'User', and the sole administrative
account on machine B that I am logging in with has a user name of
'Owner'.  I have correctly set up the rsa keys for me AT client on both
of these hosts.  The different account names are the way that these
machines (purchased at different times) were set up by the vendor.  I
don't know if there any other subtle differences.

Also, on machine A I must mount additional disk drives every time I
remotely log in by adding "net use" statements in to the
.bash_profile.  However, on machine B on the second and subsequent
remote log in after a reboot the disk will already be mounted and I
will get an error message "The local device name is already in use".

What do you mean by sshd impersonation?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:content-type; q=dns; s=default; b=clbfqfU
	I2dO9mfI7fiwL7bRbll8cioi+iPSLHNyMZsQs5oQh4n1DlCgTQ0oFP1bKTNHfD5S
	38SzpskkE5yafm6Jvdbm4265/lB7G5wIwqOjlAweG7MTWrvhaZrICu6nO5fMICgg
	le4Si9UG4XtWaSuBJSBlQDnYaswr4nWnUZCQ=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:content-type; s=default; bh=r+9lME1JjI1S8
	toqPGb0jCnseYM=; b=fJe+6c3sA0LujChPExA0QNjgpCzmxBKjVjgxc8soOfgkq
	EzshqTQ8fDTyydREnGknK0BCvRYCY7yVdk63bTwRSQu0ZGQRDd9feAMkjT+bJCWi
	vjWrzC60JFPE0Bx9ccm2Jslm3BxHjchTxVthnbKF+Fgy2g8OXCb9PZKvJnqIMg=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=2.6 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=drives, purchased, glenn, Glenn
X-HELO:	mail-lb0-f177.google.com
X-Google-DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; bh=MBs1bopJe1UoOcjJAvI9xC+faJlQiKyJvnP3TfKoeEM=; b=C/3b/+Il4CtBozzrzQOg5/hrY5WM1sGESXEOL5Xvh/67JP5fm2SsR5yBb+8K5xZyIH dNeJnYSNSDPAk0IKpJN/uEya9VdqRRnS9H1MrRcNiNCrDzzoxpirCoHpxA8XETJ3oXCw 9mQC3ZOAqoeOWhjTCLe9bagpRN+HH46k0lr9A+5UBhrHLUwTZJgjO6CpszvRzqAFU4A7 UykZArVkwm5mBF4/QiXc2BA6qLDVbgHMLB1pv5Ll2brkdgV6yRtZjFhi5nEFnbAQDC78 xX4fMBDhhuV7EuZtUqrAvPZVA9gCAZdVP0v9nE7lvCodSqSlrhvuSdbdcEJovBwcK1nX 9FLw==
X-Gm-Message-State:	AG10YOTWNKVgAZnc7it1WQyv0CFB7gT0KlHtb3LCjc2nvk/T7OukBCdck514QMXjYp7PdOvaSf4H3KeXpqjE+w==
X-Received:	by 10.112.161.10 with SMTP id xo10mr3386395lbb.131.1454078639507; Fri, 29 Jan 2016 06:43:59 -0800 (PST)
MIME-Version:	1.0
In-Reply-To:	<BLUPR14MB01932E673DC59866097E12ECA1DB0@BLUPR14MB0193.namprd14.prod.outlook.com>
References:	<CANwy9RQ2XE-HWGDrkfnkeZH3iuDOhpOo5pGtxu2afRBxLZKJJw AT mail DOT gmail DOT com> <BLUPR14MB01932E673DC59866097E12ECA1DB0 AT BLUPR14MB0193 DOT namprd14 DOT prod DOT outlook DOT com>
From:	Tom Moore <moortom AT gmail DOT com>
Date:	Fri, 29 Jan 2016 09:43:40 -0500
Message-ID:	<CANwy9RTqZmC62DJ224KaM+cE4QLwxe79kkUYfuG_yD1d0LDoqA@mail.gmail.com>
Subject:	Re: OpenSSH access to join the "Local Account" group
To:	Glenn G <gluszcz55 AT hotmail DOT com>, cygwin AT cygwin DOT com
X-IsSubscribed:	yes