X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-0.1 required=5.0	tests=AWL,BAYES_05,SPF_NEUTRAL,TW_MK
X-Spam-Check-By: sourceware.org
Message-ID: <4E70FF9F.4050709@cs.utoronto.ca>
Date: Wed, 14 Sep 2011 15:25:19 -0400
From: Ryan Johnson <ryan DOT johnson AT cs DOT utoronto DOT ca>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0.2) Gecko/20110902 Thunderbird/6.0.2
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: login: no shell: /bin/bash: Permission denied
References: <CA950D62.21773%donald DOT larson AT e-hps DOT com> <4E70C389 DOT 4030001 AT bopp DOT net>
In-Reply-To: <4E70C389.4030001@bopp.net>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 8bit
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On 14/09/2011 11:08 AM, Jeremy Bopp wrote:
> On 9/13/2011 13:38, Larson, Donald (Don) wrote:
>> I understand "su" does not work – answer use ssh. SSHD cannot start
>> because user sshd cannot login. I run login sshd type in the
>> password and then I get the message.
> What you're saying is that you want a way to log in as another user as
> one would with the "su" command, right?  If so, you need to get the sshd
> service working first so that you can at least log in as yourself.  The
> process for doing that is documented in
> /usr/share/doc/Cygwin/openssh.README.  Read this carefully.  If you have
> problems with this part, submit a problem report as Larry suggested.
>
> When things work, you should be able to run something like the following
> command to log in as yourself over SSH:
>
> $ ssh your_username AT localhost
>
> Once you're able to log in as yourself, you can set up account details
> for other accounts in /etc/passwd in order to allow yourself to log in
> via SSH using those accounts.  The mkpasswd program will help you here.
>
> This is the "tricky" part.  For accounts that have no password such as
> the SYSTEM account or for accounts whose passwords you do not know, you
> need to set up public key authentication so that you can authenticate
> over SSH without a password.  You may also need to make some manual
> edits to your /etc/passwd file in order to set home directories and
> shells for accounts such as SYSTEM where those settings are not defined
> by default.
>
> If you need details for how to use public key authentication with SSH,
> there are numerous articles available online.  For your needs here,
> there is nothing Cygwin specific about setting this up.
>
> This is what I did just now to allow me to log in as the SYSTEM account:
>
> 1) Create the directory /root/.ssh.
> 2) Copy your SSH public key file to /root/.ssh/authorized_keys.
> 3) Set the owner of /root and its contents to SYSTEM.
> 4) Open the /etc/passwd file in a text editor.
> 5) Modify the line that starts with SYSTEM as follows:
>     a) Insert /root before the last colon on the line.
>     b) Append /bin/bash after the last colon on the line.
> 6) Save the changes.
>
> Now you should be able to log into the SYSTEM account by running:
>
> $ ssh SYSTEM AT localhost
Question: in my experience sshd will not allow connections to users who 
have no password set, even when password-auth is not used. This happened 
on my wife's laptop, for example, where I ended up having to create a 
dummy user for myself that had a password, since she didn't want her 
account to have one.

Does SYSTEM have some sort of password after all?

Ryan


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple