delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2018/05/23/15:44:35

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:to:from:subject:message-id:date:mime-version
:content-type:content-transfer-encoding; q=dns; s=default; b=udN
QO2PpszcHFZ2TbrVTR5FUVGZRMzoQ0sQUD+8T6hNdxlMCWMpNK479SIYNVPqcCHp
8cBk/PT+UwSOZ0X+TQwwhKHmEBXP6+AzIJ/VvDQrGN1TvZVms32mt8bMksllqh2s
tYkN4zdoAkycQgzmwdDfxI3vuvDZQpx3fNPz8c5I=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:to:from:subject:message-id:date:mime-version
:content-type:content-transfer-encoding; s=default; bh=1f45gXK/u
IyjSEwi8Rb8SUOUHKc=; b=vzj02RayJgMQ38NHttZrUN1gmHbSvIpQRG0PX1Iru
jh5B6ubWEAfSNQG8wvMq8rpwdOomIy9jcsvOP+r7b90oRFTeCl524gubTnOGYZ8z
ZreYoI+6GflSflU3HVeQzoenwLcYT2JXQLAkp0EvNjWkYO2SW57AFc2yJJXcmBmK
oE=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.9 required=5.0 tests=BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_NONE autolearn=no version=3.3.2 spammy=kein, percentage, 8:ha, 8:gs
X-HELO: mout.kundenserver.de
To: cygwin AT cygwin DOT com
From: Stefan Baur <X2Go-ML-1 AT baur-itcs DOT de>
Subject: Numeric group IDs for system groups
Openpgp: preference=signencrypt
Autocrypt: addr=X2Go-ML-1 AT baur-itcs DOT de; prefer-encrypt=mutual; keydata= xsBNBFLfOiwBCACzIiDVwWVRvuMzgSAvXRFRaPaZOSB8s84PG1oGLfmqhwzF44vj1Xv4tcKD mvu0TsLTksOkvop8WwGYeeU8lDaxEG1zyN8SOu1WU/FPEKw2jITRox8yIrSkUsMkWYuxdjv/ 9XcAh9qaPsHP7E1jD6/wVZuYZkuX6W41Nxt06VsvDGCfrbQh4ya7w1IiSnoQeIHNNQVN9f3j xcHLj5S5YriSCThtbFCdr3AJXfF5iMolu8kLgAXM0bH1C7PxAjM/pQjWmdMVN/Y+uXXzcMO8 8aQ0f0q3QeGWxCAP2xwBapUfP6LHDRPp/tV7P7ji8wKlabrSGdv0M9Qd9pn/YCYQE0ZdABEB AAHNJlN0ZWZhbiBCYXVyIDxwb3N0bWFzdGVyQHN0ZWZhbmJhdXIuZGU+wsCCBBMBAgAsAhsj BQkJZgGABwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AFAlNGc+ECGQEACgkQbt30GM2+URlB /Af+MbRrzRMTzSg7N6MUob1MXDpnuUjtzMWddfuHpL7/D2VuY4AaYGkChrD2sdl2C+UIaCXv t0P/QU6Fm+yMTr023pioaBy74heCiusBZI7GufqKMsOcQUgpGZaaHwCijUceJR0lrq4Hy3dF tgrv+gLjlqDy/cqWBfoohd8JAINk0gHIWFJIm8El1bEvr1sxQ5Bw5zdshD/C0GEI8zsdI6GW uZ+tpBB6BA+k19CU0tW/BFoUJ8MyRk4m75UtwLmBMmVji6coGAnXKwud30OsCnmbSreBFpw7 xS3coC/PHMT02YR1UAEuRJ6NCzpHfQT4qXjU3wQSj/5VSJOlG+qBNht4/87ATQRS3zosAQgA 4KPXmGU1XE8CTRJ/4m/f8MTri3JfEvGJTerWwC2hBuXHGWrSBmmRNAdJHzNTvq5IoR9tQ6Cb Nrqxf6alr/v34Vr2bUg0s+jlK9TWOkVLAFoz6zytm/2BrRBIZ5So6Ymfc6efwsScsHOI++wi pzqELkpluqtXysb13RsBVLxBdp5TZCVPjCc9pLWjudfjEagQt2oJgtO2WndasrKvoZYkfRi6 oSCK9B84YjNJoRF00LdK3n7K3SBvj4UPSl+ygzLVaD+3ZdIlbhX+bfn/Vp/10xdJ+/U8Fr7l 7umrBKr17D8eO3mRYMGY9w1qc+pfNGOR76GIbPWj2tPVaBD9nmUaowARAQABwsBlBBgBAgAP BQJS3zosAhsMBQkJZgGAAAoJEG7d9BjNvlEZ77YIAJViZTXJ5V0OOUQIYxzQIOao2nkASHeE AHT0/sq/H26z9ak9G4JsUwYF7jWg2V3MNI0jDhkIs9tZMHlT/BQxT8oM/UfIzPwjfhrWK41p QPnaDT8AB/nJl9p+IOt9NvPfMIL7iO7a+/au2hpHbX3p85vXR1oqquHmAaMls67a3uCkTHUW 8+ilwfXleF8+9AOLV1Ys5ue1d8kh3+2VM7tE9f0wt2N8akFTBXJg/gIKH2YCc8xoOxhl0bv3 +If4QjOPBUxb6+ge5IThHtVWI5K5Wr9ORnjcS00v2P7Zf02R5FTEq8nCFr+CeAOin8WlTtWs bzi9QGo4aIv+5+HKkfVEC34=
Message-ID: <9aea99de-91ae-7d1e-5633-bfc551af4e81@baur-itcs.de>
Date: Wed, 23 May 2018 21:44:15 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
X-UI-Out-Filterresults: notjunk:1;V01:K0:EoVH5UizAOM=:sC+4Kg5Z98sOBeZSls6+8p IDGL6ZO4/JlpvtMHeP3WjbhVb9R0hgDVRu/L8MlNgCU7AR8ozBcUdGMGFEiQXr3qhAw584ra8 cDk08yK+a/pvYZFQ3PJCWHHUzvkxweZ9cTOtsXgfKIksokLR6EDCoot0ZwbKkmHHQ4ckiGcBA bslAZCh9rKpP22O6FEalp9j2fFP1SkpRg44XWyKlu0QeJMsJTsA12CT34t8D206qIkSz6Mn5q NbEntvi6XIDPB8gNpIbdehCslMwKYUUmZL0Gtx9j836VbPhwkj1SOmUUFPJx3DYa1FMhdQ61p 89EXGSJPVWdIJ1NU5avrsWdyky7zBhLcR31IQDkK7O+yi12j+ykvZ3ohQVuNOBB1YdUh/KRht 3m7o698gKcp9ANOLOd38MXI34oa0YyndH/LxdicUI/R2JW1qZj+lJcKqrbGRYpKuG3xy/fRqL SJGK7DpyMYyztsU7uDtdR00eOFcx8Ww4qj70VRBauyNFe1lUVacIg1rm34BYYZcCeGrUWahKG 1ORDDefryURKqBOhcbPFD1JFImwmY6vCLakl7uE0nQdviF5ammalyyP4SztTTMYaZB3u6QsTU Pn3cN8LLk/um07mZDYsjw3YxPHPs6UR0iaCwm0TOmnSxJc3/SuLU6K85/NKIa/lBmxyKlpoLC 4vNj0+/o2EA0CJABdwsp7BNAannNXAHRC+EMJceLFhLK0EO3b+vGfDNe34uvmTR7sWLBRzODx /qOp5IUXrrgybQnh
X-IsSubscribed: yes 

Hi List,

I am the community manager of X2Go, an open-source remote desktop and
remote application solution for Linux servers.  While our server
component only runs on Linux, our client software is available for macOS
and Windows as well.  The Windows version of X2GoClient relies on some
executables available through Cygwin.

On Windows 10, we are encountering the issue mentioned here in the FAQ:
<https://cygwin.com/faq/faq.html#faq.using.ssh-pubkey-stops-working>

Especially, we're getting hit by the fact that Microsoft has changed the
default group for %USERPROFILE% (and all files and directories created
in it) from "None" to <Username>.

This is why the second-to-last suggestion in that FAQ item doesn't help:

chgrp `id -g` ~/.ssh/*

will simply set the default group to the value it already has, and that
doesn't fix the issue.

The last suggestion in that FAQ item suggests using

chgrp None ~/.ssh/*

but also notes that the group name will vary depending on the operating
system language.

chgrp does work with numeric group identifiers, and it seems the "None"
group always gets the numeric id 197121 - so

chgrp 197121 ~/.ssh/*

would fix the issue regardless of the operating system language.

(In our case, it would be

chgrp 197121 %USERPROFILE%/.x2go/etc/ssh_host_key*

because it actually affects the host keys of an sshd running on the
Windows side, which we need for file sharing via sshfs, but you get the
idea.)

Can anyone with authority on the issue confirm that 197121 always
corresponds to the "None" group (whatever it may be called due to the
language setting - in German, it is "Kein", for example)?

Or is this a faulty assumption and merely coincidence that we got that
result on the handful of machines we used for testing?

I'm seriously hoping this id is always the same, similar to the
well-known SIDs in Windows, but would really like a confirmation from
someone knowledgeable before we make the corresponding change in our
code and hose a large percentage of our users' systems once they deploy
the update.

In case it is of relevance, we are calling the executables (ssh-keygen,
sshd, and now chgrp and possibly setfacl as well) directly from a native
Windows application written in Qt and C++, not from a Cygwin bash window
or similar.  In fact, there is no cygwin installation, it's just the
required executables and dlls residing in our own installation
directory.  I can provide more detail or get you in contact with one of
our developers, if needed.

Kind Regards,
Stefan Baur

-- 
BAUR-ITCS UG (haftungsbeschränkt)
Geschäftsführer: Stefan Baur
Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019