This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Sv: ssh to Cygwin sshd - command with bat file fails when trust established but works with password authentication


Hi, In addition to sshd you need cygserver if You like to be able to log in using certificates.


https://cygwin.com/cygwin-ug-net/using-cygserver.html

--
MortenB



Den Tirsdag, 6. september 2016 19.44 skrev Jeffrey Lightner <jclightner@copper.net>:



Hi all,

We recently setup Cygwin (uname –a shows CYGWIN_NT-6.1 ATMEPD01 2.5.2(0.297/5/3) 2016-06-23 14:29 x86_64 Cygwin)  and configured its sshd on one of our Windows 2008 R2 (SP1) servers.   The idea is to allow one of our Linux (RHEL6.8) servers to run a bat file on the Windows server via ssh from a Linux scheduled cron job. Since this will be automated from the Linux side I setup standard ssh trust from the Linux user to a Windows user. Testing the trust verified it works and can be used to login without password and to remotely  execute Windows bat files.

The problem is that there is a specific bat file that is failing when the command it calls tries to "login" to the Essbase application (i.e. not OS level login) but appears to be running the other commands in the bat file properly.

The weirdness is that this failure only occurs when we call it using ssh trust to make the connection. If we make the connection without a trust so that it prompts for the OS level password the bat file then executes correctly including its application level login.

This suggests there is some environmental difference when ssh logs in with a password vs when it connects with a trust. I've checked the "set" and "env" Linux commands output on the Windows user after login as well as the DOS "set" command output and there is no difference between them when logged in via trust vs logged in via password.

To reiterate the "login" that is failing is something with the application not the OS user. The OS user logs in successfully either way. Calling the bat file works either way – it is only this application "login" that is failing from within the bat file and only when done via ssh trust.

I also found sshpass allows one to feed the OS level password to the ssh call and using that from the RHEL6.8 server also works when I call the bat file on the Windows. This reinforces the idea of an environmental difference between password login and trust connection. 

Has anyone seen this kind of behavior before and if so can you share what you did to resolve it for trusts?

I did search the web and the archives but most hits come up simply to explain how to establish a trust vs using password authentication but that isn’t my problem because the trust itself does work.   Also of course there are many guides talking about how to setup sshd in Cygwin.   Since I can connect via ssh I know sshd is running properly.   I’ve been using ssh on Linux and UNIX for years.  I’ve also been using Cygwin on Windows laptops for years but this is the first time I’m using its sshd and I’ll admit I’m stumped on this one.   It doesn’t seem it should care which way I got logged in (password vs trust) once I actually am logged in but clearly it does care.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]