From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 11087 invoked by alias); 28 Mar 2019 23:18:52 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 11079 invoked by uid 89); 28 Mar 2019 23:18:52 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-6.1 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 spammy= X-HELO: smtp-out-so.shaw.ca Received: from smtp-out-so.shaw.ca (HELO smtp-out-so.shaw.ca) (64.59.136.138) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 28 Mar 2019 23:18:51 +0000 Received: from [192.168.1.114] ([24.64.172.44]) by shaw.ca with ESMTP id 9eIKh3TqRo7SQ9eILhda0Y; Thu, 28 Mar 2019 17:18:49 -0600 Reply-To: Brian.Inglis@SystematicSw.ab.ca Subject: Re: sshd/SYSTEM account/OS version and Cygwin "bitness" limitations To: cygwin@cygwin.com References: From: Brian Inglis Openpgp: preference=signencrypt Message-ID: <31d69fd2-4906-4e32-29ca-d5bedb31088d@SystematicSw.ab.ca> Date: Thu, 28 Mar 2019 23:18:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2019-03/txt/msg00648.txt.bz2 On 2019-03-28 15:36, Bill Stewart wrote: > I am trying to understand the limitations when running sshd using the > SYSTEM account. > Is the following complete and correct? > ========== > OS_version* OS_bitness sshd_bitness Notes > -------------------------------------------------- > < 6.3 64-bit 32-bit Note 1 > < 6.3 64-bit 64-bit Note 2 > < 6.3 32-bit 32-bit Note 2 >> = 6.3 64-bit 64-bit No problems >> = 6.3 64-bit 32-bit No problems >> = 6.3 32-bit 32-bit No problems > * "< 6.3" = "older than Windows 8.1/Server 2012 R2"; ">= 6.3" = "at least > Windows 8.1/Server 2012 R2" > Note 1: sshd cannot authenticate local accounts, but it can authenticate > domain accounts. > Note 2: sshd can't authenticate local accounts after a reboot unless > another logon happens first. > Unfortunate implication of Note 1: 32-bit version of sshd running as SYSTEM > account on OS < 6.3 on non-domain member computer cannot authenticate any > accounts. cygstart /usr/share/doc/Cygwin/html/ntsec.html -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada This email may be disturbing to some readers as it contains too much technical detail. Reader discretion is advised. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple