From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 35542 invoked by alias); 26 Feb 2019 15:05:09 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 35522 invoked by uid 89); 26 Feb 2019 15:05:09 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=BAYES_00,FREEMAIL_FROM,KAM_THEBAT,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.2 spammy=HX-Priority:Normal, H*RU:192.168.1.10, yandexru, Hx-spam-relays-external:192.168.1.10 X-HELO: forward103j.mail.yandex.net Received: from forward103j.mail.yandex.net (HELO forward103j.mail.yandex.net) (5.45.198.246) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 26 Feb 2019 15:05:06 +0000 Received: from mxback16o.mail.yandex.net (mxback16o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::67]) by forward103j.mail.yandex.net (Yandex) with ESMTP id 172CF6740872; Tue, 26 Feb 2019 18:05:03 +0300 (MSK) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [2a02:6b8:0:1a2d::27]) by mxback16o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id cNVsVN4WHe-52L4qCv9; Tue, 26 Feb 2019 18:05:03 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1551193503; bh=ufn/nQoEAlouYpSzy8VcrHv0ZUtuErjXMuvRKQtVDEM=; h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date; b=SOP7AkqNA6wnxCMxeBQ4wf8bgli4AzDfp2nTv1HB6Ib3HeJqLdLPSLpzp3+ZI/pJR u33aV7NejmRDoVd5RRnz1M+So6YCooz6yllSLwa9gTC5xsv0HBiuPakxmS9kihmaC3 LhNXYu9DUJaQcZ+uJYITiMCBBW0Hlqtn+EfQrvUU= Authentication-Results: mxback16o.mail.yandex.net; dkim=pass header.i=@yandex.ru Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id RDeD1Ve4mf-51aG60Rb; Tue, 26 Feb 2019 18:05:01 +0300 (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client certificate not present) Received: from [192.168.1.10] (HELO daemon2.darkdragon.lan) by daemon2 (Office Mail Server 0.8.12 build 08053101) with SMTP; Tue, 26 Feb 2019 15:01:18 -0000 Date: Tue, 26 Feb 2019 15:33:00 -0000 From: Andrey Repin Reply-To: cygwin@cygwin.com Message-ID: <1359661834.20190226180118@yandex.ru> To: Maayan Apelboim , cygwin@cygwin.com Subject: Re: can't access remote shares when using ssh with rsa key - passwd -R / set(e)uid / LogonUser is not working as expected In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2019-02/txt/msg00438.txt.bz2 Greetings, Maayan Apelboim! > Hi, > I hope I'm mailing the proper mailing list.. > I am using password-less ssh login using RSA key to login windows servers from linux. > I've read this article about network shares problems when using RSA key > instead password and decided method 2 is most suitable for my case: > https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview > So I ran passwd -R for the relevant user, but still getting 'permission > denied' when trying to access network shares. > Tried restarting the ssh service and rebooting the server but it didn't help. > I checked the registry as SYSTEM and I can see my user UID set in the right > location.. (at least I think so, cause it doesn't exists in other servers). > So it seems to me like the 'set(e)uid' / 'LogonUser' described in the article doesn't work as expected. > Would appreciate any suggestions. Please try changing the cygsshd service configuration to run as "SYSTEM" user. > * Some sensitive data was edited in the cygcheck.out file > * I don't have cygserver installed as a service - I used administrator user > and didn't get any errors when running passwd -R -- With best regards, Andrey Repin Tuesday, February 26, 2019 17:58:28 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple