X-Spam-Check-By: sourceware.org
Message-ID: <4499836C.4070205@cygwin.com>
Date: Wed, 21 Jun 2006 13:35:40 -0400
From: "Larry Hall (Cygwin)" <reply-to-list-only-lh AT cygwin DOT com>
Reply-To: cygwin AT cygwin DOT com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20060112 Fedora/1.5-1.fc4.remi Thunderbird/1.5 Mnenhy/0.7.4.0
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: ssh password-less cmds to Windows 2003 don't return any output
References: <ab50889f0606210407o5cec13c3ha9c0b6a496b99ebd AT mail DOT gmail DOT com> 	 <Pine DOT GSO DOT 4 DOT 63 DOT 0606211113560 DOT 24426 AT access1 DOT cims DOT nyu DOT edu> <ab50889f0606211009x587442e8waca460c03d01c1de AT mail DOT gmail DOT com>
In-Reply-To: <ab50889f0606211009x587442e8waca460c03d01c1de@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

John McNulty wrote:
> On 21/06/06, Igor Peshansky <pechtcha AT cs DOT nyu DOT edu> wrote:
>>
>> Cygwin ssh (and basically all terminals except the Windows console) use
>> pipes to emulate ttys (so-called "ptys").  Some Windows applications 
>> don't
>> like these ptys and won't write data to them (and they will certainly not
>> detect them as a console, so any console-specific functions won't work
>> either).
> 
> Hmm .. this is where it gets even more interesting.  If I run:
> 
> $ ssh user AT W2003 date
> Wed Jun 21 18:02:13 GMTDT 2006
> 
> .. then I get a result.  But other commands don't, e.g.
> 
> $ ssh user AT W2003 cat /etc/hosts
> $ ssh user AT W2003 ls


What does 'ssh user AT 2003 cygcheck ls' say?


>> On Windows 2003, SYSTEM does not have the appropriate privileges to 
>> switch
>> user contexts, so ssh-host-config needs to create an account that does.
>> Read <http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-switch> for
>> details.
> 
> Before running ssh-host-config I did:
> 
> - Right click My Computer, Properties > Advanced > Environment Variables
> - Under System Variables, click New, add CYGWIN as the variable name,
> add ntsec as the variable value
> - Under System Variables, scroll down to Path, click Edit, add
> ;c:\cygwin\bin to the end of the string already in the field
> 
> Then opened Cygwin on the desktop, ran ssh-host-config and entered:
> 
> "Privilege Separation?" Yes
> "Create local user SSHd?" Yes
> "Install SSHd as a service?" Yes
> "CYGWIN = " enter ntsec
> 
> Should I have done anything different there on W2003 ?

Depends on what you need.  If you need to get output from non-Cygwin
executables, then you'll need to re-install the service with "nontsec"
instead.  But this is notably less secure.  There should be no need to
do this if you're simply dealing with Cygwin utilities though.

-- 
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/