X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 q=dns; s=default; b=VdGg0zJDVbXcn579QyZAsz+MKRCZBZgz2OW25OE82jX
	z++Q5cH5FezxXUSQbSYvcD3w9cDVoDbQhIiSlHtOfaX6Sk9ckXOkr5CWSrYHJF3u
	k15KCGgzDJUDTh/nhFVnHNOniak2CE0w99riAlAJOOBcza5MK5nsN+8e+1to6cR4
	=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 s=default; bh=huMU/oeC+UEPmEdPflwiBzDeZy8=; b=mQ7P5FhiIJEYsGoMX
	v/Psa58cdR1JxvD6eHPggIRkrp9RGs8RToy2ICEPPhIRY/Xu86L7VnVBUUaNNrDW
	0V8HpleE3Y3kmcEj0fWj/siLdhtJyLuQF1tkRtGlqZQvDUB42Jnn8MmgImOQKd8c
	+XwXx+q/B7tryslJoCPGB048aI=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_20,RP_MATCHES_RCVD autolearn=ham version=3.3.2
X-HELO: etr-usa.com
Message-ID: <539828BD.1060304@etr-usa.com>
Date: Wed, 11 Jun 2014 04:00:29 -0600
From: Warren Young <warren AT etr-usa DOT com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Cygwin-L <cygwin AT cygwin DOT com>
Subject: Re: CYGWIN - As admin setup other users SSH for them?
References: <lmo56t$us6$1 AT ger DOT gmane DOT org> <5390204E DOT 2050300 AT etr-usa DOT com> <ln7rdb$t9t$1 AT ger DOT gmane DOT org> <53977A60 DOT 9060107 AT etr-usa DOT com> <ln8h0b$ev4$1 AT ger DOT gmane DOT org>
In-Reply-To: <ln8h0b$ev4$1@ger.gmane.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

On 6/10/2014 21:04, Roger Vicker, CCP wrote:
>
>> In that case, why not just replicate the effect of "ssh-copy-id"
>>
> 1) The point of using keys is to eliminate password login (there are
> other layers involved elsewhere).
> 2) Even if I "temporarily" enabled password login I would need the
> user's password to this network.
> 3) The usual "after necessary sharing a password" changing of it upsets
> the user as the periodic change is always "too frequent".

So make the Android client generate a key pair on first launch, then 
until it successfully uses the key to log in, ask for the user's 
password and use that instead.  Thereafter, use the key exclusively.

Windows doesn't readily offer a "su" or "sudo" like mechanism.  There 
are ways[1] to arm-twist Windows into offering something like it, but 
it's a lot of work to go through to achieve your preconceived solution 
to the problem.


[1] https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple