X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=0.5 required=5.0 	tests=BAYES_00,HEADER_COUNT_SUBJECT
X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: Thomas Berger <thb-cygwin AT lists DOT gymel DOT com>
Subject: 
Message-ID: <4B4618B7.1040109@Gymel.com>
Date: Thu, 07 Jan 2010 18:24:07 +0100
Reply-To: thb AT gymel DOT com
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
Subject: Re: 1.7.1: problem with public key authentication on domain  accounts
References: <18e742db1001050839p78fe787xb583efc616490744 AT mail DOT gmail DOT com> <20100107162003 DOT GI23972 AT calimero DOT vinschen DOT de>
In-Reply-To: <20100107162003.GI23972@calimero.vinschen.de>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Corinna Vinschen schrieb:

> Nevertheless, the problem must be some other BLODA.  I have sshd running
> on every OS since NT4 and I have no trouble running it.  and logging in
> to any admin or non-admin account.  If it's really a Cygwin bug, it's
> quite non-deterministic since logging in via the normal old-style
> public/private key pair works fine for me.  
> 
> [...time passes...]

I have an purely anecdotical observation to share, which may or may not be
related to the OP's problem:

Last week I disboxed a brand new Windows 7 x64 system and started preparing
it as a substitute for my desktop system. Things got crowdy in my office
so the new box was initially placed out of arm's reach (this is the key
information for understanding the rest ;-).

(Essentially) I Installed Ultra VNC, installed Cygwin 1.7, ran ssh-host-config,
joined my (Active Directory, Win2k hosted FWIW) domain, logged in as myself and
transferred the contents of my .ssh directory, then ran ssh-user-config.

I then had [first randomly but on trying harder ever more deterministic ;-]
trouble with passwordless login via the domain account but was unable to
(casually) debug the problem (no amount of -v's whereever applied gave me
any clue to what really went wrong). Passwordless login to the local admin
account however worked, as did login to my domain account with user/password
(after modification of authorized_keys).

My observation was that the failure was correlated to fresh reboots of
the box (which happen quite often in that stage of a box' live cycle and
unfortunately were reinforced by my approaches to solve the problem ;-)
My conclusion after some time spend testing was to first once either log on
or at least connect via UltraVNC (not even actually log in) with the
credentials of my (some? sorry I did not follow all possible ramifications)
domain account for passwordless login to succeed.
After this everything went smooth regardless of current console sessions,
i.e. the remedy was not tied to the domain user being logged in but to having
been logged in previously.

Since the situation changed now (the new box is not any more sitting
next to me but moved in front of me thus no need to log on remotely
after reboot) I did not investigate any further. It might be that
UltraVNC has some undetected BLODAness or that some component of the
ssh beast relies on initialization? effects of previous logins for
some versions of windows x64??.

viele Gruesse
Thomas Berger


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple