Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <424345A0.6020102@lapo.it>
Date: Thu, 24 Mar 2005 23:56:32 +0100
From: Lapo Luchini <lapo AT lapo DOT it>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.6) Gecko/20050317 Thunderbird/1.0.2 Mnenhy/0.6.0.104
MIME-Version: 1.0
To: "[ML] CygWin " <cygwin AT cygwin DOT com>
Subject: Re: EFS encrypted files & ssh
References: <20050107113208 DOT GC23589 AT cygbert DOT vinschen DOT de> <E1Cmtgv-0005AA-00 AT deer DOT gmane DOT org>
In-Reply-To: <E1Cmtgv-0005AA-00@deer.gmane.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Chris January wrote:
>>Is it normal that during an SSH connection EFS-encrypted 
>>files are not 
>>accessible?
>>Is it for the way the SSH token autentication is made?
> Yes, it probably is.
> I belive the user's private EFS is encrypted using their password hash. If
> the SSH token was generated without using a password (e.g. because you are
> using RSA authenitcation) then the EFS key can't be decrypted and used.

OK, I (finally) was able to reproduce it consistently, but SSH was
actually not "necessary" to see it:
(no, I'm not doing anything "funny": I have a backup =P)

% gpg --delete-secret-key C8F252FB
gpg (GnuPG) 1.4.0; Copyright (C) 2004 Free Software Foundation, Inc.
sec  1024D/C8F252FB 1997-08-20 Lapo Luchini <lapo AT lapo DOT it>
Delete this key from the keyring? (y/N) y
This is a secret key! - really delete? (y/N) y
gpg: renaming `/home/lapo/.gnupg/secring.gpg.tmp' to
`/home/lapo/.gnupg/secring.gpg' failed: Permission denied
gpg: WARNING: 2 files with confidential information exists.
gpg: /home/lapo/.gnupg/secring.gpg is the unchanged one
gpg: /home/lapo/.gnupg/secring.gpg.tmp is the new one
gpg: Please fix this possible security flaw
gpg: deleting keyblock failed: file rename error
gpg: C8F252FB: delete key failed: file rename error

% ll -a /home/lapo/.gnupg/secr*
- -rw-------  1 lapo Nessuno 9507 Jan  6 15:29 secring.gpg
- -rw-------  1 lapo Nessuno 7736 Mar 24 23:47 secring.gpg.tmp

Nothing strange here... but actually the .gnupg directory is "green"
(EFS-encrypted).

Any idea?

Oh, I just noticed this also:

% rm /home/lapo/.gnupg/secring.gpg
% ll -a /home/lapo/.gnupg/secr*
ls: /home/lapo/.gnupg/secring.gpg: No such file or directory
- -rw-------  1 lapo Nessuno 7736 Mar 24 23:47 secring.gpg.tmp

...but with Windows Explorer, the file is still there.
0_o

- --
L a p o   L u c h i n i
l a p o @ l a p o . i t
w w w . l a p o . i t /
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (Cygwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iQIcBAEBAgAGBQJCQ0WfAAoJELBiMTth2oCDM0UP/0Y/tya6L1aR2e1IyQnJJZ0B
QnLERVkac/02/W4JhXpWkjHsNASH/MpajT1NOticCVtgLBXO5wNX0a5+HmXVh8uu
U+eqfoINboiJ1qFnUODqzJvlG5dVKHjnFKFLHQyPd38Pjo+iQ3BN3oXvzirIt7pE
QgMBgg26kSlSs1SCQl6AKHKW4YkLp4EO1y4tJLfxO+T/Q+7EsnLyWx3a2dLVG4k4
3WvXM33iOadj5TF6aTxBOXb8UzQLpzcYqZsfiBEUwXt/MnRlrZSlUh20AcM/NN3n
0fZs3WiOKw1ER2/SfA20BKd0zDL1VagPXNurSDmMZoA73XudHcfUnP2o/T46rFgO
8NXWQtIFJNo2+0cOW2YszPDWNmgvWEARbNbtAEJ6iCRgotiD9tPkABRe/guvPIsr
dCll063V7X5hnLGo3YrcASVDTbQx6d5K0/ceESS97ltEeYrEK7m/ZpyNoWhwC9lu
9lhZIPW3RMcFQkdHWxyLnGk3fGtsWp3XG6Z8Cpo5zEiwoJFRQPbTFuuip0+g4WmS
QWzjk3KfSEdiCFpYYCRf4LuN/wOjMmU6QEEGs/sLVsJQLd7N95V72Bh0h2COYLIh
vJgruyJLuEDoS/X2FO9g1kUMUW9OPuq34nm7uhSc3NBiFKuDvHRCO/iLupOkLNvX
6AXYJGQytcOFJ3Tq1nAm
=lohU
-----END PGP SIGNATURE-----

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/