X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 q=dns; s=default; b=VdGg0zJDVbXcn579QyZAsz+MKRCZBZgz2OW25OE82jX
	z++Q5cH5FezxXUSQbSYvcD3w9cDVoDbQhIiSlHtOfaX6Sk9ckXOkr5CWSrYHJF3u
	k15KCGgzDJUDTh/nhFVnHNOniak2CE0w99riAlAJOOBcza5MK5nsN+8e+1to6cR4
	=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 s=default; bh=huMU/oeC+UEPmEdPflwiBzDeZy8=; b=mQ7P5FhiIJEYsGoMX
	v/Psa58cdR1JxvD6eHPggIRkrp9RGs8RToy2ICEPPhIRY/Xu86L7VnVBUUaNNrDW
	0V8HpleE3Y3kmcEj0fWj/siLdhtJyLuQF1tkRtGlqZQvDUB42Jnn8MmgImOQKd8c
	+XwXx+q/B7tryslJoCPGB048aI=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_20,RP_MATCHES_RCVD autolearn=ham version=3.3.2
X-HELO: etr-usa.com
Message-ID: <539828BD.1060304@etr-usa.com>
Date: Wed, 11 Jun 2014 04:00:29 -0600
From: Warren Young <warren@etr-usa.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Cygwin-L <cygwin@cygwin.com>
Subject: Re: CYGWIN - As admin setup other users SSH for them?
References: <lmo56t$us6$1@ger.gmane.org> <5390204E.2050300@etr-usa.com> <ln7rdb$t9t$1@ger.gmane.org> <53977A60.9060107@etr-usa.com> <ln8h0b$ev4$1@ger.gmane.org>
In-Reply-To: <ln8h0b$ev4$1@ger.gmane.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

On 6/10/2014 21:04, Roger Vicker, CCP wrote:
>
>> In that case, why not just replicate the effect of "ssh-copy-id"
>>
> 1) The point of using keys is to eliminate password login (there are
> other layers involved elsewhere).
> 2) Even if I "temporarily" enabled password login I would need the
> user's password to this network.
> 3) The usual "after necessary sharing a password" changing of it upsets
> the user as the periodic change is always "too frequent".

So make the Android client generate a key pair on first launch, then 
until it successfully uses the key to log in, ask for the user's 
password and use that instead.  Thereafter, use the key exclusively.

Windows doesn't readily offer a "su" or "sudo" like mechanism.  There 
are ways[1] to arm-twist Windows into offering something like it, but 
it's a lot of work to go through to achieve your preconceived solution 
to the problem.


[1] https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple