From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80119.outbound.protection.outlook.com [40.107.8.119]) by sourceware.org (Postfix) with ESMTPS id CF4BB385781A for ; Wed, 10 Nov 2021 14:50:26 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org CF4BB385781A Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=onespin.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=onespin.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g5pEw9F0AnWN6pHWJE2XRtEvox8fo4ReqA4aujI6kClLaQTeECd+XetwsOPBouXTdPhvUdzhRYEEsmi2tB0PDI4TEfZO+YDKr27+8wwzMK2n9XKRTmhg5/vtc6wupiOPx3U49vQSdbPY0bNR8M8SM5gQZrrFr++wrV9pbk/YGNjQDByVbgylDTVRZFpy/OnVRaNekZT1rHCQ3E253FwllWLUXH2EFmocl0ICGxKSX3tTVxNvg93QZbA+71tnBy9JMgZ6ho9yrNxKTgqX/EZbnHRXpYUW+AI30C+ZqQ2zdjKjFOg2h9YLnvQCbtEaxEBn0D7PoNzcpvsrqfDFJOqGmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HPKW5fNNHr73E0+S+wyzEl7X9kV1rDE9qaoR+c6EcNs=; b=B51Wl+pA6pofFClpnVGW6d3h9M1lX02Z2fW84Md/ny/QitCrjDx49PgUh/7dtXGKHGH6NTJW+EKK9a3vgAy8tZIHgCH0Kvv0Lfc2l5j/3fKeTWFs08356XdLt7SPS0k5mIvgFwTIbeFNU3zPwC3xuDkVL91X/XPkiOW+kMFx6bheho5OnGjFz5BCpFTcykqMnKfsaUitlQ3W2kMgldJoujs2/a345pM4/pN+GnwraNzH1y208qE6NrNNOseTbPT1apLluPD5HKH2dvKdJB4HBlMswMSVUNk7z9wV6HZx19iHB1k24QRhfdYotPnCQks1tGK2QwfUjjOzCUBMLVe1Yg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=onespin.com; dmarc=pass action=none header.from=onespin.com; dkim=pass header.d=onespin.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=onespin.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HPKW5fNNHr73E0+S+wyzEl7X9kV1rDE9qaoR+c6EcNs=; b=jKj367CKKLc8sCDp24szyYmSOhQkaCeIPoRxAleiqa15OO51omcHSMbz73t6nKbMrjWZiU3yZQG/O2Igw0+z1qINr51KQqKaa7OsA+HRuMqeTttc7bQSjmCjct7R5Wnqbdi2ErCijoAldFk62zbnxlzOQuXkyUjT8edTyTrv6eA= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=onespin.com; Received: from AM9P190MB1618.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:3b4::24) by AM9P190MB1268.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:265::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.16; Wed, 10 Nov 2021 14:50:24 +0000 Received: from AM9P190MB1618.EURP190.PROD.OUTLOOK.COM ([fe80::8d3c:9950:8711:e7]) by AM9P190MB1618.EURP190.PROD.OUTLOOK.COM ([fe80::8d3c:9950:8711:e7%5]) with mapi id 15.20.4690.015; Wed, 10 Nov 2021 14:50:24 +0000 Message-ID: <2dfb0a68-b9e3-f9fb-817b-651fec02adf5@onespin.com> Date: Wed, 10 Nov 2021 15:50:12 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.3.0 From: "Strasser, Dominik (DI SW ICS ICV)" Subject: Problem with ssh(d) To: cygwin@cygwin.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-ClientProxiedBy: HK0PR03CA0113.apcprd03.prod.outlook.com (2603:1096:203:b0::29) To AM9P190MB1618.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:3b4::24) MIME-Version: 1.0 Received: from [172.30.8.149] (192.94.38.34) by HK0PR03CA0113.apcprd03.prod.outlook.com (2603:1096:203:b0::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4669.11 via Frontend Transport; Wed, 10 Nov 2021 14:50:22 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c4ad784e-d4c6-4b04-a68a-08d9a4596d4a X-MS-TrafficTypeDiagnostic: AM9P190MB1268: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1wuuYpwnbgD1psYueFtWAxfqi2GVw6qsqHHVBnCO9mhSqxz0qkY6zN5JreNzXwU0Ph682L5yuOX/4vOaNy/T9MEfWzDxE1WqREtWJao2Ke3PEBE78eT5mW8Y5+xZOC1mBsGzDI3KkOSvSQKriZjhjvrwOTlOsDqmURg5vHVBMknNTGZtYSnwteTBdGpJDG5IsWSVMztoDKYIY/D+BNuNjmM5/DFpj/LQGmMZF4WWe0Tzs2mJH+zs158by0dWF1bv0aCQtWUcLAE6Zt1IS5FTwwXE16fKgRUpJxSY0Tl9Sk+P5Gret0B3XeH1GZJdfIuosF5/e/5gPj+co0ZXhKJRjfUOxOpTDMW3Vg3szhMhbl0eeHtyRqBN0iNpPQoceSYIP9ETud95/cANRbtrlvVn9xnXYu2xZa4Ub8ynNbxpTIARoZDAZJNaSV//eTB/3AfKnVI35c8w5TJ/uQJ9WsqEzWlsGt+TcW9kBVmU6/0lnCu0IQEU+CFUxHF6wlbirKj9rSRaBDA57vna/Q5EbGn/yj72bhzCS+Kc13ygNDToJtHLfJbGHXVbStZ2JpDGWJcGUvIH28L+XanV+z7yGssScJ5Dr8/YXmyFl2AG7h7gx48m7hMzkKL8vjJvzd5g63HUUDdgIWE6oet9+zhaenwT/xm000hiD3ruOMGNycXws4ztZkWeRdaIbcB38hP2M4FUW0YiTxmME4SarZKyZzGDQPKH6RbfGFvRFDreZW7sEb0BzvB2uUlfgWaHeK5bYjLcM3y/k7Oi1e1cPjc6NBiLyQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM9P190MB1618.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(39840400004)(376002)(136003)(366004)(396003)(346002)(508600001)(83380400001)(26005)(6916009)(66946007)(2906002)(66476007)(66556008)(316002)(16576012)(31696002)(86362001)(38350700002)(38100700002)(2616005)(31686004)(5660300002)(956004)(36756003)(8676002)(186003)(6486002)(6666004)(52116002)(8936002)(45980500001)(43740500002); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?RUxMU3NRcXFSVXIyVmJSeXkrd2h3Ym1VcXJmWjZCMzFKNU1HRi9PL3RvZy9Y?= =?utf-8?B?dXNCT1FTTWs1T3FaRzdBMElaSEU4NDZTRW8vM3FEcUY3Z083ZE1ZaHZFSFhR?= =?utf-8?B?MU1yNDIyaExVSmV2Vzc0MVVrL25YbW96dXpVc3RuaHlhdU05bzdhODFKalY3?= =?utf-8?B?b0tiU3d1ZHNZNVJqMW55SDNCTlhOcjh2R0QyZTdnMmpXUDRGNmN1YVZmZ0hE?= =?utf-8?B?VVUyT1ZUK3Jad1RpWWdCc2VqeUprTlgwbHR4OW8rTjZjV0g2MXkzSEZEUWNB?= =?utf-8?B?WFBROVVFa09vQTZPTDBDbXR2MU5PRHQwVWRkbkVndFgxVjhNaHMwZHJFVWtx?= =?utf-8?B?VkNsNllMVnhWbmM5Y204YjJSand0cGM1ZzZ6MUZOMU1yZUZRaHYzWmFtZ0g3?= =?utf-8?B?cDhhdE9jYmg2Tk8vTEYycVdvcXVYNmVlMUFOZmxFUHdqMTlQSU8xbTQ0cWdZ?= =?utf-8?B?UzhrUmdPRjNwT3FEV3hGejZUNC96aDh4emxkeGtaZ3BOSzNEdEFRdlNHTC9i?= =?utf-8?B?cDhXODZuM2tEYUlCZGpTemNSYklYOUxyU2lZRzhiWEpKcS9LcEVOeDJzaEVX?= =?utf-8?B?aVNXRXJMQ2htWkNUWTYrUDdBVVFGQkVRUUhVYkh0YnJOdVpab25ydU9BRXdU?= =?utf-8?B?R1p0TWVNRVJaTlZMNHpwYmRMMGhkSWVzbUpQdHVHY1l2ak4wUDNuK0RLWWR2?= =?utf-8?B?VnRWSS9NSEF2NHA4bGl1K3I5aS9LYW9mNkJHeVFGb2NhMjhKbGF1dWRLaVFh?= =?utf-8?B?OHBsVDlicER4UU4va0E1QlZSSDNpZ3dxRE9kTnBXZ3lYMzZ6THBrRGRsU3hX?= =?utf-8?B?NFhPUjJZenB6cllvTURRL1lCWWJIQWt5aldvTnNoNitzZnYxV0dodHlFam9t?= =?utf-8?B?ekdtdm0zQVVlL1ZUQnM5Smp6akpIdjF0VkdZVDI4aHpwUC9Ld29nNWhydHMr?= =?utf-8?B?RXBMd0ZSVTZ3MmdnRkFDK3l2ME1LOGZyQ2ljaG12eW1QMEhOVXNPUVV6RjdO?= =?utf-8?B?UDJPSVRDVzgxU3ZOMkRhaWVuQ0JUTnNEWllOKzY3ZkFXY2d2QmRFSGp2WXpN?= =?utf-8?B?c3RTdHNCVmVKckx3akhqQnRmcDFjUWJOZFA0TXFQOVVZL0o1U0dLaEQ0TkpI?= =?utf-8?B?VlVQMWxFaVM0TDcwcnp6SXBiK2FUOGlQVXRwVjBsY3ZJaXhGNzl2SDlsTG1u?= =?utf-8?B?OHpWdlovbXFVbHB1NGxDUnU1U2IyajRKQUxkVysySnR6ZEJIY0NBMnVOQ1dF?= =?utf-8?B?VktranpTZUwvOThXQUVxMFBoUEl0czZ3S1k4M09pV0Jlay9EdW82NUtwazlm?= =?utf-8?B?MkRkL1JHVHJxd1VMbXhFT2FSZmZlMXVOWjhBekxza3dBaDhMbHJxLy9xR3Vt?= =?utf-8?B?QVhuNzJOellVM1ZzZnRISlA5d25OOUcvRFRMZEZGdXlNWFVWeDl5R3JMbmIw?= =?utf-8?B?bVhIZXJGWEhIQStLdXRDeStJTWg0cHk3UGFVRTRNRmpLY0F4azkxbGlNTnBi?= =?utf-8?B?M2pzQ05YVWtUWXNVbHdHYi9RVDIvNzN6bTNDVHZ5Nm9lbjMrdXl5V1lXWG8w?= =?utf-8?B?T1pEZjA5SUlHc0ErYVpleFhtbWRodWZ2VmhSTUVTd0YrUVFjTUtjbHhQMVYr?= =?utf-8?B?TENNL1MvVEZxRkdzQ3I1bFB2RUNZSlFsSGppMVhFWExQUmlBcXNnTDY4VFpD?= =?utf-8?B?Yy9SRG5nNk9KTHhJSDIxeXFYWnk1RDk1VUJhNHozQUNnbE9WRGxBUS8xOVBD?= =?utf-8?B?NnVjUHY2SmZ6ZUZBUXJlbUhzRWhzZjZrODNBWlNmcjRJQ1Q5TThxaUVzMTkx?= =?utf-8?B?MGVJWFpqay80blFCcHYzdW5Lblh3S3RHcklTQkhJVjRPcnhndjAwTEZFSFI4?= =?utf-8?B?akZvNWV4YkNXVmd4c2pIeUx5RnJkejBmZ1NrUDBXVTdlNjZLaXdsRkhiZmQ1?= =?utf-8?B?aWE4TDVzbGtEUWp0cm5PZjVZTEppTVdRYklwb1JRdW5Cd0VIc0NtR0IrTCsw?= =?utf-8?B?SjNTbk5DazdQZHY0ODNrVjNkNFdDdy9sdHRZK0c1QTd0QWdyY2sxZ0VFa1JQ?= =?utf-8?B?R0NrMXZRNUJ2eFZrY0JGSm5CdEFROHQ5cWZEa0tHWW00eHo4TGR4aElKWGdI?= =?utf-8?B?L2dCZnZvMEdQLy85Q2QvOXE5NnB1eGJ3ZXdDcjNINTNGWm1GR1FxSWJRRFd5?= =?utf-8?B?RVpvN2dRK2RaT0lUdzNJTGtJdGoyNHJ0WUp1cEFzV2NqMWFUMHN3WUxyQ2tQ?= =?utf-8?B?ZVNEVFQvM0pPb00yUndvQi9SWlFBPT0=?= X-OriginatorOrg: onespin.com X-MS-Exchange-CrossTenant-Network-Message-Id: c4ad784e-d4c6-4b04-a68a-08d9a4596d4a X-MS-Exchange-CrossTenant-AuthSource: AM9P190MB1618.EURP190.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Nov 2021 14:50:24.4927 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 145679f0-0524-460c-90fd-ac0b0a11e2f6 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Z1gkTdd8+1XFtfJsJFUhz07MMJFn+hBeI07dZUnCLjgaEb93VFEQO4BA+rKymNoJ3OLPB9W+4TrivMH7yslzhJcQfqq0Hbc3SRdhvuVjoaM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9P190MB1268 X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, MSGID_FROM_MTA_HEADER, RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_PASS, SPF_PASS autolearn=no autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: cygwin@cygwin.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Nov 2021 14:50:28 -0000 Hi all, I am facing the following problem with my sshd installation. We are in an AD environment. AD holds the needed data for ssh(d) to work. I can log into cygwin using ssh. But if I have a key stored .ssh/authorized_keys for passwordless login, the groups my user is in differs from the one w/o an authorized keys. Unfortunately exactly the group(s) for accessing the shared filesystems is missing. We were investigating a lot and the only workaround we found is that the sshd service runs under the user we want to log in. This unfortunately disables any other user to log into the cygwin machine. When debugging ssh with -vvv, there is no visible difference between the login with authorized_keys or without (of course there is a difference wrt. the login method). This is cygwin 3.2.0 and openssh openssh-8.8p1-1. Any clues ? Best regards Dominik -- Dominik Strasser | Phone: +49 89 99013-436 OneSpin Solutions GmbH | Fax: +49 89 99013-100 Nymphenburgerstr. 20a 80335 Muenchen | dominik.strasser@onespin.com OneSpin Solutions GmbH A Siemens business Geschaeftsfuehrung: Thomas Heurung, Frank Thurauf Sitz: Muenchen; Amtsgericht Muenchen HRB 139 464 UstID#: DE 814 413 215