X-Spam-Check-By: sourceware.org
Message-Id: <200602011407.k11E7FgQ006207@tigris.pounder.sol.net>
From: cygwin@trodman.com (Tom Rodman)
Reply-to: cygwin@cygwin.com
To: cygwin@cygwin.com
Subject: password-authenticated ssh session..;whoami shows OurSrvr064\sshd_server
In-reply-to: <20060201092026.GD15572@calimero.vinschen.de>
References: <200601311632.k0VGW2em030961@tigris.pounder.sol.net> <20060201092026.GD15572@calimero.vinschen.de>
Date: Wed, 01 Feb 2006 08:07:14 -0600
X-IsSubscribed: yes
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie.com@cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com

On Wed 2/1/06 10:20 +0100 cygwin@cygwin.com wrote:
> On Jan 31 10:32, Tom Rodman wrote:
> > Also notable, was that whoami shown: "OurSrvr064\sshd_server", instead of
> > "staffuser2".
> 
> That's normal for passwordless login.  

Sorry, I should have emphasized that when I ssh'd in, the password was
*manually* entered. Pls see this test case, which also refers to a
manually entered ssh password:

  http://cygwin.com/ml/cygwin/2006-02/msg00002.html

From what Pierre Humblet posted in July:

  http://cygwin.com/ml/cygwin/2005-07/msg01344.html 

if the output of 'id -G' at the console differs from what you get in a
password authenticated ssh session, then that ssh session will not be
granted the appropriate rights. In our case we see 1 *additional*
local group when in the ssh session. What's special about that local
group is that it contains exactly 1 entry- "administrators". Also, pls
note that the user that is "sshing in" is in the "administrators" group,
so even though he is not a direct member of this group, 'id -G' reports
him as a member in an ssh session, but *not* at a non-ssh (console or
RDP, bash session)- hence the mismatch that Pierre warns about.

agin, pls see:

  http://cygwin.com/ml/cygwin/2006-02/msg00002.html

--snip

--
thanks-much,
Tom

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/