X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
From: "Chen Yue" <godsarmycy AT gmail DOT com>
To: <cygwin AT cygwin DOT com>
Subject: session user ID error when ssh in terms of public-key exchange
Date: Sun, 14 Oct 2007 13:53:20 +0800
MIME-Version: 1.0
Content-Type: text/plain; 	charset="ISO-8859-1"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
Message-ID: <4711aed5.1498600a.3683.ffffe154@mx.google.com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id l9E5rjNR019380

Greetings

I am a new bee in cygwin. Now I am about to setup an sshd environment on a
windows2003 server in a project. But there is a weird phenomenon blocking my
task.

I setup a local account named sshd_server in administrators group, grant
“Create a token object”, “Log on as a service” and “replace a process level
token” to sshd_server in Local Security Settings. The service sshd is
started by ID of sshd_server.
Two users: userA and userB are domain users who are supposed to be able to
log on the server in terms of ssh. I have set up their profiles in
/etc/passwd and /etc/group. In the purpose of convenience, they copy their
public-key to their home dir so that they need not to input passwd when
logon.

All above work OK for me.

My issue is when the two users log on in term of inputting passwd, they can
create files in a shared dir and the file owner is correct. ‘net session’
command shows the correct user ID of the session. However, when they log on
in terms of public-key exchanging, the files they created in shared dir are
owned by “sshd_server”!!  (The files created locally are correct though).
And the “net session” command shows it is sshd_server but not userA or userB
that have logged on the server.

I am so puzzled what’s the difference between the two ways to log on. Did
anyone encounter this ever before?

Thanks


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/