From: "Brindl Ronald" <rbrindl@gmx.at>
To: "'Joshua Daniel Franklin'" <joshuadfranklin@gmail.com>,
<cygwin@cygwin.com>
Subject: AW: Inaccessible remote volumes when logged in via ssh
Date: Tue, 11 May 2004 14:05:00 -0000 [thread overview]
Message-ID: <00fc01c43758$24e95e20$0500a8c0@ron> (raw)
In-Reply-To: <cb51e2e040510142043015a25@mail.gmail.com>
I am logging in using password (i already heard of troubles using
publickey, altough i can log in as normal user using public key)
The volume is mounted using the explorer menu (extra -> connect drive, i
dont know if thats correct because i have a german version), and it is
configured to mount automatically at startup.
I just tried to use "net use" in my ssh-session and noticed it doesnt
work (system error 1312)
It is the same case as in
http://archive.erdelynet.com/ssh-l/2004-04/msg00033.php
And in
http://archive.erdelynet.com/ssh-l/2002-11/msg00006.php
And
http://archive.erdelynet.com/ssh-l/2004-03/msg00057.php
It has something to do with user-privileges and that the sshd runs as
user SYSTEM. It seems, that the ssh-sessions also runs as SYSTEM, and
not as user which logged in.
What i dont understand is, why it works when i log in locally via ssh
(ssh localhost -l bpc). It should also run as user system without
network-privileges.
I tried the following:
At <current-time + 1> /INTERACTIVE cmd
Which should open a cmd-shell in one minute which runs as SYSTEM.
The shell opens and i also have no access to the network.
So i tried to start the sshd service as user "sshd" (changed owner of
all files, adjusted the security policies etc). The service starts but
the strange result is, that i cant login with password anymore, only
with public key !!! And i still dont have acces to network .
When i do a ps -W -f i get:
sshd 1608 1 ? 14:10:21 /usr/bin/cygrunsrv
sshd 1348 1720 ? 14:11:09 /usr/sbin/sshd
0 756 0 ? 14:11:11 C:\cygwin\bin\bash.exe
bpc 1716 1680 1 14:11:46 /usr/bin/ps
0 1760 0 ? 14:11:47 C:\cygwin\bin\ps.exe
So i assume, the shell still run under SYSTEM account
Trying around with UsePrivilegeSeperation i had trouble starting the
service at all. (complained about wrong privileges of /var/empty)
Ron.
-----Ursprüngliche Nachricht-----
Von: Joshua Daniel Franklin [mailto:joshuadfranklin@gmail.com]
Gesendet: Montag, 10. Mai 2004 22:21
An: rbrindl@gmx.at; cygwin@cygwin.com
Betreff: Re: Inaccessible remote volumes when logged in via ssh
On Mon, 10 May 2004 22:50:27 +0200, Brindl Ronald <rbrindl@gmx.at>
wrote:
> Sshd is running as local system,
Are you logging in with a password or publickey?
Are you using the 'net use' command?
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
next prev parent reply other threads:[~2004-05-11 13:59 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-05-10 21:10 Brindl Ronald
2004-05-10 22:10 ` Joshua Daniel Franklin
2004-05-11 14:05 ` Brindl Ronald [this message]
2004-05-13 6:31 ` AW: " Larry Hall
2004-05-21 9:10 ` Rob S.i.k.l.o.s
2004-05-21 9:33 ` Larry Hall
2004-05-25 13:12 Asher Yanich
2004-05-25 17:49 ` Larry Hall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='00fc01c43758$24e95e20$0500a8c0@ron' \
--to=rbrindl@gmx.at \
--cc=cygwin@cygwin.com \
--cc=joshuadfranklin@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).