X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:message-id:date:from:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; q=dns; s=default; b=VdGg0zJDVbXcn579QyZAsz+MKRCZBZgz2OW25OE82jX z++Q5cH5FezxXUSQbSYvcD3w9cDVoDbQhIiSlHtOfaX6Sk9ckXOkr5CWSrYHJF3u k15KCGgzDJUDTh/nhFVnHNOniak2CE0w99riAlAJOOBcza5MK5nsN+8e+1to6cR4 = DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:message-id:date:from:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; s=default; bh=huMU/oeC+UEPmEdPflwiBzDeZy8=; b=mQ7P5FhiIJEYsGoMX v/Psa58cdR1JxvD6eHPggIRkrp9RGs8RToy2ICEPPhIRY/Xu86L7VnVBUUaNNrDW 0V8HpleE3Y3kmcEj0fWj/siLdhtJyLuQF1tkRtGlqZQvDUB42Jnn8MmgImOQKd8c +XwXx+q/B7tryslJoCPGB048aI= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_20,RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: etr-usa.com Message-ID: <539828BD.1060304@etr-usa.com> Date: Wed, 11 Jun 2014 04:00:29 -0600 From: Warren Young User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: Cygwin-L Subject: Re: CYGWIN - As admin setup other users SSH for them? References: <5390204E DOT 2050300 AT etr-usa DOT com> <53977A60 DOT 9060107 AT etr-usa DOT com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes On 6/10/2014 21:04, Roger Vicker, CCP wrote: > >> In that case, why not just replicate the effect of "ssh-copy-id" >> > 1) The point of using keys is to eliminate password login (there are > other layers involved elsewhere). > 2) Even if I "temporarily" enabled password login I would need the > user's password to this network. > 3) The usual "after necessary sharing a password" changing of it upsets > the user as the periodic change is always "too frequent". So make the Android client generate a key pair on first launch, then until it successfully uses the key to log in, ask for the user's password and use that instead. Thereafter, use the key exclusively. Windows doesn't readily offer a "su" or "sudo" like mechanism. There are ways[1] to arm-twist Windows into offering something like it, but it's a lot of work to go through to achieve your preconceived solution to the problem. [1] https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1 -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple