Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
X-Authentication-Warning: slinky.cs.nyu.edu: pechtcha owned process doing -bs
Date: Tue, 23 Mar 2004 23:08:56 -0500 (EST)
From: Igor Pechtchanski <pechtcha AT cs DOT nyu DOT edu>
Reply-To: cygwin AT cygwin DOT com
To: David Corbin <dcorbin AT machturtle DOT com>
cc: cygwin AT cygwin DOT com
Subject: Re: sshd debugging
In-Reply-To: <200403232217.22146.dcorbin@machturtle.com>
Message-ID: <Pine.GSO.4.56.0403232306060.12979@slinky.cs.nyu.edu>
References: <200403230716 DOT 34187 DOT dcorbin AT machturtle DOT com> <20040323122655 DOT GA14240 AT cygbert DOT vinschen DOT de> <200403232217 DOT 22146 DOT dcorbin AT machturtle DOT com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Scanned-By: MIMEDefang 2.39

On Tue, 23 Mar 2004, David Corbin wrote:

> On Tuesday 23 March 2004 07:26, Corinna Vinschen wrote:
> > On Mar 23 07:16, David Corbin wrote:
> > > I have sshd up and running as a service.  I can ssh into the box if I
> > > type a password, but I do have a public-key/private-key installed that it
> > > doesn't seem to recognize.  (If you want to recommend a solution to this
> > > problem, please do - it's the real problem).
> >
> > The keys are probably not readable by SYSTEM.  Use ssh-user-config as
> > the affected user.  The script sets the permissions correctly.
>
> Thanks.  That corrected it.  What does it really mean to be readble by
> "SYSTEM"?  I'm fairly savy about unix/windows security, but I'm not sure I
> have a clue how cygwin manages things.

"SYSTEM" is a username.  Sort of like "root" in Unix, but, unlike root,
not able to read the files that don't have appropriate ACLs (it *is* able
to add appropriate permissions if necessary, and to become any other user,
but until it "invokes" these special powers, it's just like any other
user).  Does that help?
	Igor
P.S. None of my explanation is actually Cygwin-specific.  For more
information, read <http://cygwin.com/cygwin-ug-net/ntsec.html>.
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha AT cs DOT nyu DOT edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor AT watson DOT ibm DOT com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster."  -- Patrick Naughton

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/