This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re[2]: uid having logged in with ssh

From: cygwin-060809 at cxxl dot de
To: Corinna Vinschen <cygwin at cygwin dot com>
Date: Thu, 10 Aug 2006 11:07:34 +0200
Subject: Re[2]: uid having logged in with ssh
References: <001c01c6bbee$47443220$35c94e98@CASSANDRA5> <44DA42F7.8030102@cygwin.com> <1039663999.20060810090353@cxxl.de> <20060810075831.GF20467@calimero.vinschen.de>

hi,

Thursday, August 10, 2006, 9:58:31 AM, "Corinna Vinschen" wrote:

>> >> I am running sshd having set up the sshd service using ssh-host-config with
>> >> privilege separation and with sshd running as a server owned by the local
>> >> sshd_server user.
>> >> All is working fine and I can log in using my keys without the need for
>> >> passwords or without keys and using passwords.
>> >> My problem is that if I then try and run some processes after logging in
>> >> (specifically MPI ones) the system thinks I am the local sshd_server user
>> >> and not the person I wish to be.
>> 
>> >> Any ideas how I can get sshd working such that after log in I am really the
>> >> user I wish to be would be much appreciated.
>> 
>> > Patience. ;-)
>> 
>> i just want to add one more detail: i have the same setup with sshd.
>> plus, i use EFS (encrypting file system) on the sshd box.  now EFS
>> encrypts files ONLY for the user that writes them (and for so called
>> recovery agents, but they are set up globally and all EFS files are
>> decryptable for them), but not for all other users that may have
>> access to the files (based on the their file privileges).
>> 
>> so when i'm user X and log in through sshd, write some file and then
>> log on locally though a console, i can't read my own file, because the
>> file was encrypted for SvcCOPSSHD (the sshd user in my case).
>> 
>> i, too, would much appreciate a solution :)

> There's a working workaround:  Use password login.

that's what i want to avoid for practical reasons.

> Otherwise only the subauthentication stuff mentioned in
> http://cygwin.com/ml/cygwin-developers/2006-07/msg00013.html as Larry
> already pointed out will allow what you want.  There's really no gain in
> repeating scenarios in which the current technique doesn't work.  The
> drawbacks are known for years, really.

ok.  did i understand correctly that subauth is not yet part of the
regular cygwin distribution?  or is it and has to be installed and
enabled somehow? 

-- 
/chris/



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Follow-Ups:
- Re: uid having logged in with ssh
  - From: Corinna Vinschen

References:
- RE: uid having logged in with ssh
  - From: Andy Keane
- Re: uid having logged in with ssh
  - From: Larry Hall (Cygwin)
- Re[2]: uid having logged in with ssh
  - From: cygwin-060809
- Re: uid having logged in with ssh
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]