X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:reply-to:message-id:to:subject :in-reply-to:references:mime-version:content-type :content-transfer-encoding; q=dns; s=default; b=R4l/0Iau4ouPgKhb +hhAKfYLaYY3fRS7BpT2lCzpx7r7TNg3FM9mUvb12pWbxM5U2sNf+HYt4jlMNigl xOhQy8+8yLhLO5pa3ab1aNzGbeM5HpLF6kE3u5kQScOUZykAk+LRdOOkHBXqqQSZ 6iIj96p0NPc+Puy0RfR578qHVoU= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:reply-to:message-id:to:subject :in-reply-to:references:mime-version:content-type :content-transfer-encoding; s=default; bh=hO0st10zABbfQC7wqXwu3K 34OGo=; b=a/kbJpUyOmY4OivmwKkb+ZMBaT8mlIj5AGuP00nxp1V0XY2qJHdIeK 2q1g/PPdVyBeIJvfjeBgOpOmDPnVUOmeLEZO2lR4Y/ELTdysGZLZZYbH9ek3UceJ 6CDAJ9HcPKrQvDxkinDMu3HXBD2kS0/9RWLMiyHA4a7oDo0rk6hq0= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=BAYES_00,FREEMAIL_FROM,KAM_THEBAT,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.2 spammy=HX-Priority:Normal, H*RU:192.168.1.10, yandexru, Hx-spam-relays-external:192.168.1.10 X-HELO: forward103j.mail.yandex.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1551193503; bh=ufn/nQoEAlouYpSzy8VcrHv0ZUtuErjXMuvRKQtVDEM=; h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date; b=SOP7AkqNA6wnxCMxeBQ4wf8bgli4AzDfp2nTv1HB6Ib3HeJqLdLPSLpzp3+ZI/pJR u33aV7NejmRDoVd5RRnz1M+So6YCooz6yllSLwa9gTC5xsv0HBiuPakxmS9kihmaC3 LhNXYu9DUJaQcZ+uJYITiMCBBW0Hlqtn+EfQrvUU= Authentication-Results: mxback16o.mail.yandex.net; dkim=pass header.i=@yandex.ru Date: Tue, 26 Feb 2019 18:01:18 +0300 From: Andrey Repin Reply-To: cygwin AT cygwin DOT com Message-ID: <1359661834.20190226180118@yandex.ru> To: Maayan Apelboim , cygwin AT cygwin DOT com Subject: Re: can't access remote shares when using ssh with rsa key - passwd -R / set(e)uid / LogonUser is not working as expected In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-IsSubscribed: yes Greetings, Maayan Apelboim! > Hi, > I hope I'm mailing the proper mailing list.. > I am using password-less ssh login using RSA key to login windows servers from linux. > I've read this article about network shares problems when using RSA key > instead password and decided method 2 is most suitable for my case: > https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview > So I ran passwd -R for the relevant user, but still getting 'permission > denied' when trying to access network shares. > Tried restarting the ssh service and rebooting the server but it didn't help. > I checked the registry as SYSTEM and I can see my user UID set in the right > location.. (at least I think so, cause it doesn't exists in other servers). > So it seems to me like the 'set(e)uid' / 'LogonUser' described in the article doesn't work as expected. > Would appreciate any suggestions. Please try changing the cygsshd service configuration to run as "SYSTEM" user. > * Some sensitive data was edited in the cygcheck.out file > * I don't have cygserver installed as a service - I used administrator user > and didn't get any errors when running passwd -R -- With best regards, Andrey Repin Tuesday, February 26, 2019 17:58:28 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple