X-Spam-Check-By: sourceware.org
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; 	charset="iso-8859-1"
Subject: RE: sshd password authentication results in identity of NT AUTHORITY\SYSTEM
Date: Wed, 1 Feb 2006 08:48:43 -0500
Message-ID: <E400628E9D6760429593FBE7A5AAD27801FA5048@NAEAPAXREX04VA.nadsusea.nads.navy.mil>
From: "Perdue, Dave T.  CIV NAVAIR 5.4.3, Bldg 2035, Rm 205, Cube 200" <david DOT perdue AT navy DOT mil>
To: <cygwin AT cygwin DOT com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id k11DncTj004195

Ahh, excellent news!  It must be a local security policy.  Thanks very much! :)

Dave

P.S. Cygwin is amazing!

-----Original Message-----
From: cygwin-owner AT cygwin DOT com [mailto:cygwin-owner AT cygwin DOT com]On Behalf
Of Corinna Vinschen
Sent: Tuesday, January 31, 2006 4:27
To: cygwin AT cygwin DOT com
Subject: Re: sshd password authentication results in identity of NT
AUTHORITY\SYSTEM


On Jan 30 12:57, Perdue, Dave T.  CIV NAVAIR 5.4.3, Bldg 2035, Rm 205, Cube 200 wrote:
> 	The Cygwin "whoami" command reports the correct username,
> 	however the Window Resource kit "whoami.exe" reports "NT
> 	Authority\SYSTEM" for the username when using a password
> 	authenticated ssh login.  The user's SID is identical, just the
> 	username is different.  I have read responses in the Cygwin mail
> 	lists that indicated that RSA authenticated logins should act
> 	this way (no access to network shares due to incomplete user
> 	impersonation) however it also indicated that password
> 	authentication should provide network share access.  A minimal
> 	installation of Cygwin to support ssh (Cygwin with cygrunsrv and
> 	openssh) shows proper user context switching for Cygwin-1.5.12-1
> 	but fails using Cygwin-1.5.19-4.  I do not have access to
> 	versions 13-17 so I cannot determine at what point full support
> 	of password authentication "broke".

I don't know what's wrong on your machine, but I tried on two different
machines under Windows 2000 and under XP, and the user context switch
works as expected in both cases; a native whoami returns SYSTEM for a
password-less login and the user name for a password login.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/