X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Sat, 10 Apr 2010 12:50:59 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: Problem with SSH log on through passwordless public key using  the  	LSA security method on a Windows Server 2008 Standard machine
Message-ID: <20100410105059.GM28908@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <j2v70497a8b1004071036y9b3da9b7z6decfbccb6316e87 AT mail DOT gmail DOT com>  <w2y70497a8b1004100209uc93c7ef2ld153a863f1af7255 AT mail DOT gmail DOT com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <w2y70497a8b1004100209uc93c7ef2ld153a863f1af7255@mail.gmail.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Apr 10 11:09, Kent Larsson wrote:
> Hi again,
> 
> Has anyone got any idea on how to solve this? Do you know of *any*
> Windows 2008 Server Standard Cygwin installation which is used as an
> SSH-server where the users are able to login using a passwordless
> public key? I'm beginning to suspect that it's just not possible with

Mine, for instance.  We also have customers using SSH on 2008.

> 2010/4/7 Kent Larsson <kent DOT larsson AT euroling DOT se>:
> > Hi,
> >
> > I'm having problems logging in to a Windows Server 2008 Standard
> > machine using a password-less public key and I feel that I'm getting
> > nowhere closer to solving it. Despite my attempts the log in always
> > results in asking for my account password. Logging in using a password
> > works well, but I really need to log in using my public.
> >
> > What I've done is:
> >  1. Turing DEP off by: bcdedit.exe /set {current} nx AlwaysOff

Not necessary.  Mine's running with "DEP for all programs" just fine.

> >  2. Installing Cygwin
> >  3. Execute /usr/bin/cyglsa-config to use "Switching the user context
> > without password, Method 2: LSA authentication package" from
> > http://cygwin.com/cygwin-ug-net/ntsec.html followed by a computer
> > restart
> >  4. Added the row "CYGWIN=binmode tty ntsec" (without ") to
> > c:\cygwin\Cygwin.bat

Huh?  http://cygwin.com/cygwin-ug-net/using-cygwinenv.html

> >  5. Execute "ssh-host-config" choosing the defaults, I wrote "binmode
> > tty ntsec" when asked for the CYGWIN contents

Again, http://cygwin.com/cygwin-ug-net/using-cygwinenv.html

Neither of these makes sense.

> > After that, the system has been restarted numerous times. I also have
> > "Cron deamon" running, under a domain account. But I don't think it
> > affects the issue. I'm able to log in using a password, but not using
> > a public key. Also the su command doesn't work, it asks me for a
> > password when issuing it and always respons with "su: /bin/bash:
> > Permission denied", that one might be related?

http://www.cygwin.com/faq/faq.using.html#faq.using.su

And maybe that helps:

http://www.cygwin.com/faq/faq.using.html#faq.using.sshd-in-domain


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple