X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=MnydAdABCt53Jj1eT5kxsHXpbiXU8BhpfZjMJPTXGtUPc3/xV8IAw IfBd2F/VF0KACijM/xlTFh+wa8NuGmzBRBQe/i/MUPYY2xHg6L3E9a7lyXXBzuTa XN+2vpGcqVIFPMk+nNZwYOaBUG8awPXZDmxEc2Z0/+wbkYTQnlk91M= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=l7SWAlibDo4dHg8SFC2MYsxM+8Q=; b=xY328Ye6Gbg7TTsIl6KOyPBtRyey M2haAZT29RqEOZn2z5H1uhHgXLISf+/JV8NL0Ko0KCLgHvkvh0TzBssVE98hayAm SRd89UbkBPh2lQ+qb/HhJs64rwqvpM1P1i6CMSI2N19yqZMLZme8DKVVe9FiuCUR Nv2TNM3zPgZXdkQ= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-100.9 required=5.0 tests=BAYES_00,GOOD_FROM_CORINNA_CYGWIN,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 spammy=Stewart, stewart, H*r:500 X-HELO: mout.kundenserver.de Date: Thu, 17 Jan 2019 15:23:07 +0100 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: sshd privsep user still required? Message-ID: <20190117142307.GH4167@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="NKoe5XOeduwbEQHU" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) --NKoe5XOeduwbEQHU Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Jan 16 15:31, Bill Stewart wrote: > I installed the OpenSSH server as a service using ssh-host-config, and all > is working. >=20 > I'm running Windows 10 (1803). >=20 > I renamed the sshd privilege separation (privsep) account to something el= se > and restarted the sshd service. >=20 > Everything still works - no errors. >=20 > Is the sshd disabled user account still required? No, actually it isn't. These days the sshd server checks if the the privsep chrrot environment should be used and that the process is started under "root:root". This never matches under Cygwin so we could drop the sshd user requirement. Patches to the installer script are very welcome. Corinna --=20 Corinna Vinschen Cygwin Maintainer --NKoe5XOeduwbEQHU Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEoVYPmneWZnwT6kwF9TYGna5ET6AFAlxAj8sACgkQ9TYGna5E T6CUew/+LN5KPyzG/o80EtnDGL7ADne3DgpqOCApmJRYwETd6kplbhrPNIT9GeRJ 519bOPQR2n1qAl29J8Hw7MkyCiW/zDmg01y+AdbdzjL3+ORYhwChXoQX28hgJ3Rs yegBE2Ym14yrSjyweAvBSFi/g+I+ncaLzvSvmv+RzXaSMfIQXycgb7tyGtzCPngF UdG0smt/yW9dMC1TITdtvK9zsuftzocYkqrF+HaYvmWUT9nFuiezi1o2EOaXDYjW Y146n1TbE1q2oJHecmyBMSBUzwAF7q5JSS0pbByFGeg813ir5GCTk2HGdOCgfTm/ 9qYOv8o8R91U1nc7zgxtT8zUNBfgeH8zMS6td8LLn0PKoHy7D4lfVa8DCDSyMgiN jtm7Zv5/y0ZUOjVKuMKI6uqk01KP5CY9zKFVIIbSLJ4KMk2W/fQsRwRigQq0CGwD RamUiU9jBShgn6R/kLLTG4V9U6hTgz9WRGqcBprEU91xIk1+ZHqqHNZ6BCsWARtQ v6F8N8Xco7Q6S0av+4K0G1G8w/+2oUa51QxGlmskCQAc7Si3Z+WdVXqrm7nwdgA2 4+/a8xEYb0tHZV6L1YXZJ/IybrXZBKarRIe6lEwdwKB+DkkSrd3QzkyubJtDK7k/ j6app5drkVN6U2CV8ByHyC49/X14smEW1nx8R3G6K3aELAY6Adw= =tHiH -----END PGP SIGNATURE----- --NKoe5XOeduwbEQHU--