Mail Archives: cygwin/2019/02/26/10:08:21

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2019/02/26/10:08:21

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:reply-to:message-id:to:subject

:in-reply-to:references:mime-version:content-type

:content-transfer-encoding; q=dns; s=default; b=R4l/0Iau4ouPgKhb

+hhAKfYLaYY3fRS7BpT2lCzpx7r7TNg3FM9mUvb12pWbxM5U2sNf+HYt4jlMNigl

xOhQy8+8yLhLO5pa3ab1aNzGbeM5HpLF6kE3u5kQScOUZykAk+LRdOOkHBXqqQSZ

6iIj96p0NPc+Puy0RfR578qHVoU=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:reply-to:message-id:to:subject

:in-reply-to:references:mime-version:content-type

:content-transfer-encoding; s=default; bh=hO0st10zABbfQC7wqXwu3K

34OGo=; b=a/kbJpUyOmY4OivmwKkb+ZMBaT8mlIj5AGuP00nxp1V0XY2qJHdIeK

2q1g/PPdVyBeIJvfjeBgOpOmDPnVUOmeLEZO2lR4Y/ELTdysGZLZZYbH9ek3UceJ

6CDAJ9HcPKrQvDxkinDMu3HXBD2kS0/9RWLMiyHA4a7oDo0rk6hq0=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=BAYES_00,FREEMAIL_FROM,KAM_THEBAT,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.2 spammy=HX-Priority:Normal, H*RU:192.168.1.10, yandexru, Hx-spam-relays-external:192.168.1.10

X-HELO: forward103j.mail.yandex.net

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1551193503; bh=ufn/nQoEAlouYpSzy8VcrHv0ZUtuErjXMuvRKQtVDEM=; h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date; b=SOP7AkqNA6wnxCMxeBQ4wf8bgli4AzDfp2nTv1HB6Ib3HeJqLdLPSLpzp3+ZI/pJR u33aV7NejmRDoVd5RRnz1M+So6YCooz6yllSLwa9gTC5xsv0HBiuPakxmS9kihmaC3 LhNXYu9DUJaQcZ+uJYITiMCBBW0Hlqtn+EfQrvUU=

Authentication-Results: mxback16o.mail.yandex.net; dkim=pass header.i=@yandex.ru

Date: Tue, 26 Feb 2019 18:01:18 +0300

From: Andrey Repin <anrdaemon AT yandex DOT ru>

Reply-To: cygwin AT cygwin DOT com

Message-ID: <1359661834.20190226180118@yandex.ru>

To: Maayan Apelboim <Maayan DOT Apelboim AT clarizen DOT com>, cygwin AT cygwin DOT com

Subject: Re: can't access remote shares when using ssh with rsa key - passwd -R / set(e)uid / LogonUser is not working as expected

In-Reply-To: <AM6PR07MB5334474464EB7A737E9B3B7C957B0@AM6PR07MB5334.eurprd07.prod.outlook.com>

References: <AM6PR07MB5334CE88B67F5421BA671C43957B0 AT AM6PR07MB5334 DOT eurprd07 DOT prod DOT outlook DOT com> <AM6PR07MB5334474464EB7A737E9B3B7C957B0 AT AM6PR07MB5334 DOT eurprd07 DOT prod DOT outlook DOT com>

MIME-Version: 1.0

X-IsSubscribed: yes

Greetings, Maayan Apelboim!

> Hi,

> I hope I'm mailing the proper mailing list..
> I am using password-less ssh login using RSA key to login windows servers from linux.
> I've read this article about network shares problems when using RSA key
> instead password and decided method 2 is most suitable for my case:
> https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview

> So I ran passwd -R for the relevant user, but still getting 'permission
> denied' when trying to access network shares.
> Tried restarting the ssh service and rebooting the server but it didn't help.

> I checked the registry as SYSTEM and I can see my user UID set in the right
> location.. (at least I think so, cause it doesn't exists in other servers).
> So it seems to me like the 'set(e)uid' / 'LogonUser' described in the article doesn't work as expected.

> Would appreciate any suggestions.

Please try changing the cygsshd service configuration to run as "SYSTEM" user.

> * Some sensitive data was edited in the cygcheck.out file
> * I don't have cygserver installed as a service - I used administrator user
> and didn't get any errors when running passwd -R


-- 
With best regards,
Andrey Repin
Tuesday, February 26, 2019 17:58:28

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=R4l/0Iau4ouPgKhb
	+hhAKfYLaYY3fRS7BpT2lCzpx7r7TNg3FM9mUvb12pWbxM5U2sNf+HYt4jlMNigl
	xOhQy8+8yLhLO5pa3ab1aNzGbeM5HpLF6kE3u5kQScOUZykAk+LRdOOkHBXqqQSZ
	6iIj96p0NPc+Puy0RfR578qHVoU=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; s=default; bh=hO0st10zABbfQC7wqXwu3K
	34OGo=; b=a/kbJpUyOmY4OivmwKkb+ZMBaT8mlIj5AGuP00nxp1V0XY2qJHdIeK
	2q1g/PPdVyBeIJvfjeBgOpOmDPnVUOmeLEZO2lR4Y/ELTdysGZLZZYbH9ek3UceJ
	6CDAJ9HcPKrQvDxkinDMu3HXBD2kS0/9RWLMiyHA4a7oDo0rk6hq0=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Spam-SWARE-Status:	No, score=-0.7 required=5.0 tests=BAYES_00,FREEMAIL_FROM,KAM_THEBAT,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.2 spammy=HX-Priority:Normal, H*RU:192.168.1.10, yandexru, Hx-spam-relays-external:192.168.1.10
X-HELO:	forward103j.mail.yandex.net
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1551193503; bh=ufn/nQoEAlouYpSzy8VcrHv0ZUtuErjXMuvRKQtVDEM=; h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date; b=SOP7AkqNA6wnxCMxeBQ4wf8bgli4AzDfp2nTv1HB6Ib3HeJqLdLPSLpzp3+ZI/pJR u33aV7NejmRDoVd5RRnz1M+So6YCooz6yllSLwa9gTC5xsv0HBiuPakxmS9kihmaC3 LhNXYu9DUJaQcZ+uJYITiMCBBW0Hlqtn+EfQrvUU=
Authentication-Results:	mxback16o.mail.yandex.net; dkim=pass header.i=@yandex.ru
Date:	Tue, 26 Feb 2019 18:01:18 +0300
From:	Andrey Repin <anrdaemon AT yandex DOT ru>
Reply-To:	cygwin AT cygwin DOT com
Message-ID:	<1359661834.20190226180118@yandex.ru>
To:	Maayan Apelboim <Maayan DOT Apelboim AT clarizen DOT com>, cygwin AT cygwin DOT com
Subject:	Re: can't access remote shares when using ssh with rsa key - passwd -R / set(e)uid / LogonUser is not working as expected
In-Reply-To:	<AM6PR07MB5334474464EB7A737E9B3B7C957B0@AM6PR07MB5334.eurprd07.prod.outlook.com>
References:	<AM6PR07MB5334CE88B67F5421BA671C43957B0 AT AM6PR07MB5334 DOT eurprd07 DOT prod DOT outlook DOT com> <AM6PR07MB5334474464EB7A737E9B3B7C957B0 AT AM6PR07MB5334 DOT eurprd07 DOT prod DOT outlook DOT com>
MIME-Version:	1.0
X-IsSubscribed:	yes