X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=HBm9qfBvuyXNL8DQ
	nvTdhTIb+jKcJg1e3CItsiHNAruwTs6JeOjJFrCmKioRV0ABttdEadpI887JM6L2
	e/pHtcSPIWiAYyqlbNQq/mZ58b+AhYKpPhLIWqrACpn+3dmMulk8GSknwxqdWkW3
	fOCRXUQ5VfgulaIH+aNnYpl/j9M=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; s=default; bh=l13CFzBwxsfDOaZFWoNWHx
	XtgbQ=; b=S96oWNimV2KdLHLd+qa1wZU0hDaEwJFqd0IXw9ePHpdPPcg9eKNjli
	+zsXGVvenrl4e6huCJpU8XNlyrwTx4Yye+FmVqXdNj3fMrx5TeEM52+KRjINtG7b
	uA5m9t6OfpGOPfByQYlI8uhsLSWj5GUEfM7ojFapSieY6RtUfpg58=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: Yes, score=6.2 required=5.0 tests=AWL,BAYES_99,FREEMAIL_FROM,KAM_THEBAT,RDNS_NONE,SPF_SOFTFAIL,URIBL_BLOCKED autolearn=no version=3.3.2
X-HELO: smtpback.ht-systems.ru
Date: Thu, 21 Nov 2013 01:47:36 +0400
From: Andrey Repin <anrdaemon AT yandex DOT ru>
Reply-To: Andrey Repin <cygwin AT cygwin DOT com>
Message-ID: <1049563253.20131121014736@mtu-net.ru>
To: Andrea Venturoli <ml AT netfence DOT it>, cygwin AT cygwin DOT com
Subject: Re: Sshd and key based authentication
In-Reply-To: <528CF357.3020000@netfence.it>
References: <5289C8BD DOT 1010109 AT netfence DOT it> <1679047089 DOT 20131118122233 AT mtu-net DOT ru> <5289DB39 DOT 7030408 AT netfence DOT it> <528CF357 DOT 3020000 AT netfence DOT it>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

Greetings, Andrea Venturoli!

>>> Did you installed Cygwin LSA module?
>>> http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd2
>>
>> I don't think so, but I can't check right now...
>>
>> Should I?

> Hello.

> Today I followed your instruction, ran /usr/bin/cyglsa-config and 
> rebooted: still no luck.

> I raised the loglevel to DEBUG3 and verified sshd was *always* looking 
> for /home/cyg_server/.ssh/authorized_keys, regardless of the user trying 
> to log in.

Erm, that strange.
Can we see a

egrep -iv "^(#|$)" /etc/ssh/sshd_config

?
Do Cygwin know about your domain users?
And what command you use to connect to the server?

> So, if I do "ln -s /home/user /home/cyg_server", then ssh user AT server 
> works without password prompt!!!
> Of course I know the security implications of this...

That's indeed not the best idea...


--
WBR,
Andrey Repin (anrdaemon AT yandex DOT ru) 21.11.2013, <01:43>

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple