Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <41E67F1C.2050405@coware.com>
Date: Thu, 13 Jan 2005 15:01:00 +0100
From: Harald Dunkel <harald AT CoWare DOT com>
User-Agent: Mozilla Thunderbird 0.9 (X11/20041124)
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: cannot access $HOME (on Samba) via ssh
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Corinna Vinschen wrote:
| Yes, that's Windows for you.  The interactive features don't like to
| work in pseudo ttys.  Try this:
|
|   net use '\\bierfass\dunkel' '/user:DOMAIN\dunkel' 'your-password'
|
| Assuming the name of your domain is DOMAIN.

Now _this_ worked. After that I could login via ssh
from my xterm as expected. It did not even ask for
a password this time (using .ssh/authorized_keys of
the shared directory, AFAICT).

(BTW, I don't own a real tty, but using the console
instead of a xterm to run "net use '\\bierfass\dunkel'
'/user:brauhaus\dunkel' '*'" I got system error 1326.
Still no password prompt.)

Obviously sshd had no permission to access
//bierfass/dunkel/.ssh/authorized_keys . If it had,
then it wouldn't have asked for a password.

But the error message said that //bierfass/dunkel
could not be accessed, either. The Samba log file
contained a lot of messages saying

~  guest user (from session setup) not permitted to access this share (dunkel)

So I set "guest ok = yes" in smb.conf, [home]
section.

If I login now, then ssh still asks me for a password
(i.e. the access to //bierfass/dunkel/.ssh/authorized_keys
fails), but then I have just a read-only access to
//bierfass/dunkel. Running the verified "net use"
command you suggested I get an error message saying

- -------------------------------------------------------------
Systemfehler 1219 aufgetreten.

Die angegebenen Anmeldeinformationen stehen mit vorhandenen
Anmeldeinformationen in Konflikt.
- -------------------------------------------------------------

which might be translated as

- -------------------------------------------------------------
system error 1219 occured.

The specified logon information is in conflict to the
existing logon information.
- -------------------------------------------------------------


Any idea how to tell sshd to use my permission instead
of guest to access //bierfass/dunkel?



Regards

Harri
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB5n8cUTlbRTxpHjcRAhjcAJ9/kOuFoHOpe7qdpX3qFDOsCNMHxgCff3/g
zG/qpaIOAVTElrPiVIiD2iY=
=N40P
-----END PGP SIGNATURE-----

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/