| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DMARC-Filter: | OpenDMARC Filter v1.3.2 sourceware.org 3A6FF3959C8E |
| Authentication-Results: | sourceware.org; dmarc=none (p=none dis=none) |
| header.from=huarp.harvard.edu | |
| Authentication-Results: | sourceware.org; |
| spf=pass smtp.mailfrom=allen AT huarp DOT harvard DOT edu | |
| Subject: | Re: Problems with ssh when I log into my PC using my corporate domain |
| while working from home | |
| To: | cygwin AT cygwin DOT com |
| References: | <r7n3nu$1u6e$1 AT ciao DOT gmane DOT io> <871roeyuy0 DOT fsf AT Otto DOT invalid> |
| <49c12452-3402-54ff-57ba-f61757d99ae0 AT mehconsulting DOT com> | |
| From: | Norton Allen <allen AT huarp DOT harvard DOT edu> |
| Message-ID: | <e2524361-e748-e1fa-5df3-3a4ed4aea8e8@huarp.harvard.edu> |
| Date: | Thu, 23 Apr 2020 14:57:24 -0400 |
| User-Agent: | Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 |
| Thunderbird/68.7.0 | |
| MIME-Version: | 1.0 |
| In-Reply-To: | <49c12452-3402-54ff-57ba-f61757d99ae0@mehconsulting.com> |
| X-Spam-Status: | No, score=-4.9 required=5.0 tests=BAYES_00, HTML_MESSAGE, |
| KAM_DMARC_STATUS, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_PASS, | |
| TXREP autolearn=ham autolearn_force=no version=3.4.2 | |
| X-Spam-Checker-Version: | SpamAssassin 3.4.2 (2018-09-13) on |
| server2.sourceware.org | |
| X-Content-Filtered-By: | Mailman/MimeDel 2.1.29 |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.29 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Unsubscribe: | <http://cygwin.com/mailman/options/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe> | |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <http://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| Cc: | Mark Hansen <cygwin AT mehconsulting DOT com> |
| Errors-To: | cygwin-bounces AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces AT cygwin DOT com> |
| X-MIME-Autoconverted: | from base64 to 8bit by delorie.com id 03NIvvMd015595 |
On 4/23/2020 2:10 PM, Mark Hansen wrote:
> On 4/23/2020 10:26 AM, ASSI wrote:
>> Mark Hansen writes:
>>> Here is my user id (from the id command) when I log in from the office:
>>>
>>> uid=1293438(Mark.Hansen) gid=1049089(Domain Users) ...
>>>
>>> Here is the same when I've logged in with the machine at home:
>>>
>>> uid=1293438(MAN+User(244862)) gid=1293438
>>>
>>> (MAN) is the domain.
>>
>> That likely means that when you connect from home, you cannot talk to
>> the
>> corporate domain server or you are ion a different domain. The domain
>> part is only shown when it isn't the primary domain IIRC and since the
>> numerical user instead of the name is shown, that SID did not resolve.
>>
>>> The actual problem I'm having is that Cygwin tools like ssh, git,
>>> etc. can't find my .ssh
>>> directory. They are looking in "/" rather than my home directory.
>>
>> Depending on how this is set up in your domain, you might need to point
>> either Cygwin or sshd to use a separate local directory. You have no
>> network access on Windows (i.e. you won't be able to access any fils
>> shares) until you've authenticated with a password.
>>
>>> I tried copying my .ssh directory from my home to "/" and although
>>> it was created, the
>>> files have the wrong permissions and I'm unable to change them.
>>
>> You would need to be either an admin and/or the user who installed
>> Cygwin for that to work, but you shouldn't do that.
>>
>>> Is there something I can tweak to get Cygwin to understand which
>>> user I am so the ssh
>>> stuff can start working again?
>>
>> If Cygwin doesn't know who you are, then that means Windows doesn't know
>> either, so fixing this on the Cygwin side won't get you much further.
>>
>>
>> Regards,
>> Achim.
>>
>
> I think Windows knows who I am. I log into the machine using my normal
> domain login
> credentials. The machine looks the way it does when I log in when the
> machine is in the
> office - the desktop is the same, etc. - it's not acting like I'm a
> new user or anything
> like that.
>
> Everything on the Windows side seems to be working fine. The only
> issue I've found is with
> Cygwin. Is there a way (short of removing and reinstalling Cygwin)
> that I can get Cygwin
> to recognize my current user so ssh and git can know where my home
> directory is located?
I also have had to deal with this problem. You should certainly read
https://cygwin.com/cygwin-ug-net/ntsec.html.
After much experimenting and consultation with Corinna, we decided the
best solution for me was:
* Create /etc/passwd and /etc/group files
o For /etc/passwd, I included just my account, and I actually
editted it further to use my preferred username (rather than my
domain username) and my correct home directory
* Edit /etc/nsswitch.conf with:
o passwd: files
o group: files
This is not the generally recommended configuration, but in the
situation where you cannot reach the domain server, it may be the best
alternative. You may or may not need to back these changes out when you
are back at work. I have not had a problem at work, but we are only
loosely connected to the domain, so YMMV.
--
=============================================================
Norton Allen (he/him/his)
Software Engineer
Harvard University School of Engineering and Applied Sciences
12 Oxford St., Link Bldg. (Office 282)
Cambridge, MA 02138
Phone: (617) 998-5553
=============================================================
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |