This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Unable to run sshd under a domain sshd_server account


Schutter, Thomas A. wrote:
I am having problems setting up sshd to run under a domain sshd_server
account instead of a local sshd_server account.

Why do I want to do that?  Because in the default install, starting a
cygwin shell from the console gives me a much different environment and
permissions than if I start a cygwin shell via ssh.  For example, from a
console shell on the Windows 2003 Server:
  $ echo $USER
  tschutter
  $ echo $USERNAME
  tschutter
  $ echo $HOSTNAME
  fdsvbld01sgrape
  $ echo $USERDOMAIN
  FLOODDATA
  $ id
  uid=18718(tschutter) gid=10513(Domain Users)
groups=544(Administrators),545(Users),10513(Domain
Users),18169(FDSV-GG-PrxBLD),22611(FDSV-GG-PrxPCAdmins)
  $ ls //other/f$
  Data          RECYCLER        System\ Volume\ Information

But when I login via ssh:
  $ echo $USER
  tschutter
  $ echo $USERNAME
  sshd_server
  $ echo $HOSTNAME
  fdsvbld01sgrape
  $ echo $USERDOMAIN
  FDSVBLD01SGRAPE
  $ id
  uid=18718(tschutter) gid=10513(Domain Users)
groups=545(Users),10513(Domain Users)
  $ ls //other/f$
  ls: cannot access //other/f$: Permission denied

Obviously you're using pubkey authentication. If that's not an absolute requirement for you, then use password authentication. That will resolve your problem. Otherwise, if you must use pubkey authentication, I'll direct you to the FAQ:

<http://cygwin.com/faq/faq-nochunks.html#faq.using.shares>

These are the recommended workarounds for this issue for the 1.5.x
Cygwin package series.

The 1.7.x Cygwin package series will offer an alternative approach
which resolves the issue but is not released so it's only available in
snapshots.  Search for 'cyglsa' if you're curious about this new facility.

--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
216 Dalton Rd.                          (508) 893-9889 - FAX
Holliston, MA 01746

_____________________________________________________________________

A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email?

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]