X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:to:from:subject:date:mime-version
	:content-type:content-transfer-encoding; q=dns; s=default; b=B1k
	X5H3bNL1dXKj1erRZQ0I8Js43ogj47OSJN4B82wadgG0lyuRVLb6yXsA10RbIJ2J
	gWjLeZGwb6wsXwLcDAbsHWkv1YvQiTr8UKcg1IhlOnfv9JvqshCBUzHeja99ABZz
	FdtHSaHZzDSKib53kgbsX8EQEiTimwmHRkd+pNoU=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:to:from:subject:date:mime-version
	:content-type:content-transfer-encoding; s=default; bh=/ssORDkbg
	CY9AxRHZZ9lh4pAebE=; b=b1iu6Obqa62HudrsO3wHzzTM9ppwWW0UqLH6jKujI
	e73ub1a67Geqk5Cq+E8zFWq7kEN/Z71p7JHnF72ZeG7Qb2MLGDTKPcJpt9JxubSs
	ed6LPqGwtfJZZHOLt2s4naKCehd4+aHWPn3PcmzGJLUCcYsyUI2BwTQKRdrk6g0i
	Zc=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2
X-HELO: BLU004-OMC1S24.hotmail.com
X-TMN: [mm0vH7blTBbSr7LXJbcBpFuOpLhlW08a]
Message-ID: <BLU436-SMTP9682B9119087422F606D599E400@phx.gbl>
To: cygwin@cygwin.com
From: "Jarek C." <yaro_29@hotmail.com>
Subject: sshd and smart card support
Date: Sun, 27 Sep 2015 10:45:08 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 7bit

After a lot of struggling with trying to get sshd work with regular 
domain accounts I found an alternative bit of software I then installed 
for a test. After a failed test, looking thrugh the logs of that ssh 
server I found an interesting piece of information possibly explaining 
why it wouldn't work with my initial setup. It turned up that all the 
domain accounts I used for testing have a requirement associated with 
the account AD object to use smart cards for logon pourposes. I never 
seen this mentioned in cygwin sshd logs as a reason for failed 
connection but only a statement that the logon name or password was 
incorrect. I don't suppose there is a workaround but maybe something 
worth implementing in sshd logs to cover this sort of scenerios as 
likely no one was expecting this to be causing access problems.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple