Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT sources DOT redhat DOT com Delivered-To: mailing list cygwin AT sources DOT redhat DOT com Date: Wed, 2 May 2001 15:16:57 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: SSHD pubkey authentication Message-ID: <20010502151657.L24200@cygbert.vinschen.de> Mail-Followup-To: cygwin AT cygwin DOT com References: <3AEEC95D DOT 43BE585E AT lapo DOT it> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3AEEC95D.43BE585E@lapo.it>; from lapo@lapo.it on Tue, May 01, 2001 at 04:34:05PM +0200 On Tue, May 01, 2001 at 04:34:05PM +0200, Lapo Luchini wrote: > > The reason is the restriction for changing user context on NT/W2K. > > You can do this only by providing the password of that user, even > > if the process is running under LocalSystem account. > > > But then how can IIS authenticate (in https) using only private key? > > Of course they have some special access to some special not documented > API to change active user? No, they are using a so-called "subauthentication package". I'm just preparing one for Cygwin but the information which are provided by Microsoft are very spare. However, we will be able to login to a system without a password in future but with substantial constraints, probably. A logon without password will not be able to connect to network drives unless somebody can show me how to solve that problem. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin AT cygwin DOT com Red Hat, Inc. -- Want to unsubscribe from this list? Check out: http://cygwin.com/ml/#unsubscribe-simple