| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:mime-version:content-type:message-id:date:from | |
| :reply-to:to:subject; q=dns; s=default; b=m33kwHoq8/gfSxtc0xH7bm | |
| fOY/wWcKUu8jiq9MCbWbEZ41dMz8mBOkQJ1CNjS1OVn2F4afTBEhZND63fT57mXQ | |
| DKVR2HNsyGANWKYjVDM3Zwgni2yE6b211W4rP5o10ay0t0c8COCYQG57zUxTQm/Q | |
| Eap3YK2tsHvul4XCM2VSI= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:mime-version:content-type:message-id:date:from | |
| :reply-to:to:subject; s=default; bh=eHeAHrsPWQMDY56xO3hGZg0ZUBQ=; b= | |
| B//20WQS/K0KP0bp9Rgwqv9czPnNBxEe256WpI97yy8kmc2YfcPfN7e4yBsuDH9U | |
| NXyi+pcJSH7Jou5sAtduSNSc53sBOHg8fb1Cw6r659xZOrK6uczQHYfc8lLn8sN+ | |
| YFrTftL6vZqxluKsKmWqc+QjYMN2LAXZ7y/HZOb5Zcs= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=1.2 required=5.0 tests=AWL,BAYES_50,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.2 spammy=Jeffrey, H*r:8.16.0, H*r:ip*8.16.0.17, U*Stromeko |
| X-HELO: | imta-38.everyone.net |
| X-Eon-Originating-Account: | cnlRuMe66fQGrz1T5vdN2JD1uiD48-NNM3fJ6qjhDeJ-BQDQ46ewB5YV1vDc8nn3 |
| X-Eon-Dm: | m0094771.ppops.net |
| MIME-Version: | 1.0 |
| Message-Id: | <20160906131619.CCAE583B@m0086238.ppops.net> |
| Date: | Tue, 6 Sep 2016 13:16:19 -0700 |
| From: | "Jeffrey Lightner" <jclightner AT copper DOT net> |
| Reply-To: | <jclightner AT copper DOT net> |
| To: | <Stromeko AT nexgo DOT de>, <cygwin AT cygwin DOT com> |
| Subject: | Re: ssh to Cygwin sshd - command with bat file fails when trust established but works with password authentication |
| X-Eon-Sig: | AQLeMdBXzyQTs44znwEAAAAC,dc20221bc050925f912161bd98086c8b |
| X-Proofpoint-Virus-Version: | vendor=fsecure engine=2.50.10432:,, definitions=2016-09-06_08:,, signatures=0 |
| X-Proofpoint-Spam-Details: | rule=notspam policy=default score=0 spamscore=0 suspectscore=7 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1604210000 definitions=main-1609060310 |
| X-IsSubscribed: | yes |
Thanks again. The user reports the bat file worked without issue after I did the "passwd -R" and re-established the trust. --- jclightner AT copper DOT net wrote: From: "Jeffrey Lightner" <jclightner AT copper DOT net> To: "Achim Gratz" <Stromeko AT nexgo DOT de> Cc: <cygwin AT cygwin DOT com> Subject: Re: ssh to Cygwin sshd - command with bat file fails when trust established but works with password authentication Date: Tue, 6 Sep 2016 11:39:01 -0700 Thanks. I've done the passwd -R and re-established the trust. Once the user retests with the trust I'll let you know how it goes. The comment in the article about only System users being able to list the registry entries doesn't mean it will ignore the "passwd -R" done for a non-Administrative user (by an Administrative account of course) does it? At present the remote Windows user is a local Administrative user but of course we plan to lock that down some after other testing pans out. --- Stromeko AT nexgo DOT de wrote: From: Achim Gratz <Stromeko AT nexgo DOT de> To: cygwin AT cygwin DOT com Subject: Re: ssh to Cygwin sshd - command with bat file fails when trust established but works with password authentication Date: Tue, 06 Sep 2016 19:59:47 +0200 Jeffrey Lightner writes: > The weirdness is that this failure only occurs when we call it using > ssh trust to make the connection. If we make the connection without a > trust so that it prompts for the OS level password the bat file then > executes correctly including its application level login. That most likely means that this application needs network access. If you log in via public key and don't have a password stored in registry via 'passwd -R' and cygserver running to use it, then you won't have any access rights to non-local resources. https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview If all you need is indeed to run one script, you might alternatively be able to set up a service that starts under a network user and just runs that script when triggered by your remote user login in via ssh. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ Factory and User Sound Singles for Waldorf Q+, Q and microQ: http://Synth.Stromeko.net/Downloads.html#WaldorfSounds -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |