Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
X-Authentication-Warning: slinky.cs.nyu.edu: pechtcha owned process doing -bs
Date: Tue, 27 Apr 2004 11:21:01 -0400 (EDT)
From: Igor Pechtchanski <pechtcha AT cs DOT nyu DOT edu>
Reply-To: cygwin AT cygwin DOT com
To: Greg Rudd <G DOT Rudd AT isu DOT usyd DOT edu DOT au>
cc: cygwin AT cygwin DOT com
Subject: Re: SUMMARY sort of: OpenSSH public key authentication woes
In-Reply-To: <200404271516.48883.G.Rudd@isu.usyd.edu.au>
Message-ID: <Pine.GSO.4.56.0404271119550.3335@slinky.cs.nyu.edu>
References: <BAY10-F37DeOCLkWzq70000556e AT hotmail DOT com> <200404271516 DOT 48883 DOT G DOT Rudd AT isu DOT usyd DOT edu DOT au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Scanned-By: MIMEDefang 2.39

On Tue, 27 Apr 2004, Greg Rudd wrote:

> On Tue, 27 Apr 2004 02:12 am, Karl M wrote:
> > Hi Greg...
> >
> > Try setting your authorized_keys to 644 for now. If that doesn't work, take
> > a look at the problem reporting section on the Cygwin web page. This list
> > would need more information to help further.
> >
> Doing the above does allow a local user to public key authenticate :-) but
> when I try to do the same thing with a domain user public key still fails but
> what is interesting is when I try to set the acl's for the .ssh directory to
> be the same as the local users the setfacl command fails with a error message
> setfacl function not implemented.  I notice that this message comes up when
> the ssh-user-config command is run for the first time.
>
> Is this error message occuring because the domain users home directory is
> mapped to a unc (which in this case is //machine/grudd) instead of a path
> name in the form of "/home/grudd"

Most likely.  Add "smbntsec" to your CYGWIN environment variable.  Also,
you can hide the fact that it's on a remote machine by using "mount -s
//machine/grudd /home/grudd".
HTH,
	Igor

> Thanks in advance -
> greg
>
> Local user ACL's
>
> $ getfacl -d .ssh
> # file: .ssh
> # owner: greg
> # group: None
> default:user::rwx
> default:group::r-x
> default:other:r-x
>
> Domain user ACL's
> $ getfacl -d .ssh
> # file: .ssh
> # owner: grudd
> # group: Domain Users
>
> CYGWIN variable
>
> CYGWIN= tty ntea

-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha AT cs DOT nyu DOT edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor AT watson DOT ibm DOT com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster."  -- Patrick Naughton

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/