X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; q=dns; s=default; b=iZvza+L NpA/FVPNQ+DMk8HKLvoqfx+A9KqAl4LyuzcMoLfiRg7ssSeGCrrhzTfWh5BzEg9V Sg4G2H9o81PqaJC8VR2GAMS0jQqoyPtTatzrMywPPWqHs0l4z90LTsGr6rbF8U2k bsbrq/qncgX+p7MRbjIVclEcGEeslH3ez6yE= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; s=default; bh=WL6qooIACSBhF KfRMUWbqDMOyxM=; b=KgHM4t4A+D/Wawz/fyc9aZp0lTqp2ARdDIZXTcK9D5kdA mR+tQmixZ1+S2QxVbVBsnQ6BYTgPH3fG9nVTeCIMV8eu+9Mt28VDjniwtE+EsiXO Hl+AwOoonmKYoQuAfUkdiCg4G1buGxIm2+t3DHZC5tWohRxrCkN+XTvMARekkw= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,SPF_PASS autolearn=no version=3.3.2 spammy=her, his X-HELO: mail-wr0-f180.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to; bh=iOGWxGCCCnEUx8uG4fgZiFYFnUNdRaOlM5NJXI+7YI0=; b=MwT3wxZSEfsHanrSOyyZ6XI4oi7599FcF2uRHicOr2aWhX06lWUAQh7ScdVV9FXFAL UDcVzI7sOM5rvoTkOP6uUQAPaT1yRpbRcPTe0RGKmNF687CHqhqjL0OzBMGDwY59sNWW vUZoXTEe0KJthN0bZ+B3HslT5WjrgtjoqBgR4xkxwUucwFEEz6irUs9uShJ117aGKtKK LIgFNFX+B9Q17qjX2vpS7Phhmd5lA0UVzqZUJgoS2ugS9AZtObOogXKV1WnnYeDBcwXF WrGyXJ9+1QXaCPHSVpubBasZwIg4qckmLBDVRLb8+jQhV3s3eCGDzDh/t/k/Ub3vLsym pNRQ== X-Gm-Message-State: AODbwcA4Qm+LDbs67btkOvfBANniGUbk9Qg+d/5AyDdEiQ0mAm98WwId G6cOiieyJrc358gTHh4Nf/22adgh0p9BWFw= X-Received: by 10.223.147.225 with SMTP id 88mr4036535wrp.74.1495229866006; Fri, 19 May 2017 14:37:46 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: <6d6087eef8f444edbe659c278f63ab43 AT AUSX13MPC128 DOT AMER DOT DELL DOT COM> From: Erik Soderquist Date: Fri, 19 May 2017 17:37:45 -0400 Message-ID: Subject: Re: SSH Keys breaking symlink access? To: cygwin AT cygwin DOT com Content-Type: text/plain; charset="UTF-8" X-IsSubscribed: yes On Fri, May 19, 2017 at 5:30 PM, Erik Soderquist wrote: > This is expected behavior if you have not used "password -R" to > provide the network password. from the doc (https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview): So what we do is to utilize this registry area for the purpose of set(e)uid. The Cygwin command passwd -R allows a user to specify his/her password for storage in this registry area. When this user tries to login using ssh with public key authentication, Cygwin's set(e)uid examines the LSA private registry area and searches for a Cygwin specific key which contains the password. If it finds it, it calls LogonUser under the hood, using this password. If that works, LogonUser returns an access token with all credentials necessary for network access. -- Erik -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple