DMARC-Filter: OpenDMARC Filter v1.4.2 delorie.com 538BFemf1982640
Authentication-Results: delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com
Authentication-Results: delorie.com; spf=pass smtp.mailfrom=cygwin.com
DKIM-Filter: OpenDKIM Filter v2.11.0 delorie.com 538BFemf1982640
Authentication-Results: delorie.com;
	dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=Nd0isE7L
X-Recipient: archive-cygwin@delorie.com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 26F283856951
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1744110940;
	bh=RqsE5p4spbNZc1WQs8FMhhEfbvxY6UkG7IeE5Hubw/Y=;
	h=Date:To:Subject:References:In-Reply-To:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	 From;
	b=Nd0isE7Lb6YxH+fA8IJVooAOTl+OMTG2ckptIQXngsy+vTwbTFR3fB7ZjL4EeHGWg
	 MSKe06a9cR7SRQaMU4Ygj2N6aWf+nFs3u6JlKoVd5OTzciCWRXuzaIDgIJFdHLqofK
	 4g40tB58Lrp0UtyVcF8qcXzqg0mJaGrv4yYfaJfU=
X-Original-To: cygwin@cygwin.com
Delivered-To: cygwin@cygwin.com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org F0F363857BA0
Date: Tue, 8 Apr 2025 13:14:42 +0200
To: cygwin@cygwin.com
Subject: Re: Cygwin SSHD session unable to access cloud/OneDrive files
Message-ID: <Z_UFIjfG7JgSrN6S@calimero.vinschen.de>
Mail-Followup-To: cygwin@cygwin.com
References: <434339af-faac-4907-a256-db2f321b7c72@shaddybaddah.name>
 <87mscxt9sg.fsf@>
 <71f5b20c-2070-4adf-bab2-a43d86d20147@shaddybaddah.name>
 <f5cb9ba7-8091-4e8f-b73b-2555b0fb5727@shaddybaddah.name>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <f5cb9ba7-8091-4e8f-b73b-2555b0fb5727@shaddybaddah.name>
X-BeenThere: cygwin@cygwin.com
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-request@cygwin.com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=subscribe>
From: Corinna Vinschen via Cygwin <cygwin@cygwin.com>
Reply-To: cygwin@cygwin.com
Cc: Corinna Vinschen <corinna-cygwin@cygwin.com>
Content-Type: text/plain; charset="utf-8"
Errors-To: cygwin-bounces~archive-cygwin=delorie.com@cygwin.com
Sender: "Cygwin" <cygwin-bounces~archive-cygwin=delorie.com@cygwin.com>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by delorie.com id 538BFemf1982640

On Apr  4 16:23, Shaddy Baddah via Cygwin wrote:
> 
> On 4/04/2025 10:02 am, Shaddy Baddah via Cygwin wrote:
> > Hi,
> > 
> > On 4/04/2025 4:49 am, ASSI via Cygwin wrote:
> > > Shaddy Baddah via Cygwin writes:
> > > > If I connect an SSH session via the "native" OpenSSH instance
> > > > integrated into Windows, I can do something like the following to a,
> > > > at the time, online only, not yet downloaded file, and OneDrive will
> > > > download it ahead of outputing it:
> > > […]
> > > > But if I connect an SSH session via the Cygwin instance running on a
> > > > different port to 22, it does not trigger the provider to download the
> > > > file, and I see this error:
> > > […]
> > > > The fact that the native SSH session is OK suggests to me that there
> > > > is some newer type of security token that that service obtains that
> > > > the Cygwin SSH service does not. But I've not looked into it too hard.
> > > No, that suggests that you have logged into your SSh session without
> > > providing a password.  Windows will revoke all network access that
> > > requires authentication for such sessions.
> > 
> > Thanks for the reminder, but it's not that. I definitely logged in. And
> > amazingly, it's more than 20 years ago I was helped on this list to
> > understand this nuance, I think with regards to running Oracle's sqlplus
> > command line. Speculating... it appears registry keys for the sync'ed
> > portions of the filesystem are usually subkeys under
> > HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/SyncRootManager/
> > That suggests tie-in with Explorer... which suggests the Shell
> > extensions are not active somehow? I speak with complete lack of
> > authority of course. One thing I could maybe do though, is profile the
> > forked process layout in Process Explorer, maybe look at which DLLs are
> > in scope for the relevant shell processes. I don't know how much that
> > would help. -- Regards, Shaddy
> > 
> Apologies for the formatting error.
> 
> Thanks for the reminder, but it's not that. I defintiely logged
> in. And amazingly, it's more than 20 years ago I was helped on this
> list to understand this nuance, I think with regards to running
> Oracle's sqlplus command line.
> 
> Speculating... it appears registry keys for the sync'ed portions of
> the filesystem are usually subkeys under
> HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/SyncRootManager/
> That suggests tie-in with Explorer... which suggests the Shell
> extensions are not active somehow? I speak with complete lack of
> authority of course.

I checked the Windows OpenSSH code and I don't see any relevant
difference between the way MSFT OpenSSH uses LsaLogonUser and the way
Cygwin does it.  If it's using something with  Shell Extensions, we're
probably out.

What you still can do is using password auth the good old Interix way:
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd3

Corinna

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple