Re: Sshd - Can't get access thru Public Key

public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed

From: Olivier ALLART <olivier.allart@speeq.com>
To: cygwin@cygwin.com
Subject: Re: Sshd - Can't get access thru Public Key
Date: Mon, 15 Sep 2003 13:13:00 -0000	[thread overview]
Message-ID: <3F65BAF7.8030902@speeq.com> (raw)
In-Reply-To: <20030913085632.GO9981@cygbert.vinschen.de>

Corinna Vinschen wrote:

>On Fri, Sep 12, 2003 at 05:59:03PM +0200, Olivier ALLART wrote:
>  
>
>>On aWin 2003 Server, I got the message
>>'Setuid : 500: Not permitted' when trying to login using RSA PK mechanisms.
>>Login/Passwd works just fine, but using a PKey won't work.
>>    
>>
>
>That can be found in the mailing list archive already.
>E.g. http://www.cygwin.com/ml/cygwin/2003-07/msg00684.html
>
>Corinna
>

I found out the following;

>create a special account for this, which is member of the admins
>group and has the additional user privileges "Create a token object",
>"Replace a process level token" and "Logon as a service".  Probably
>it makes sense to remove other privileges from that account, e.g.
>the right to logon locally or so.

my (dumb ?) question is : where do we define such parameters ?

And if I get the thing correctly, sshd sould still run the same way 
(under the sshd user account with local sys privileges) but we should 
connect using this newluy created user account to log in .. am I right ?

>
>  
>



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

next prev parent reply	other threads:[~2003-09-15 13:13 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-09-12 15:59 Olivier ALLART
2003-09-13  8:56 ` Corinna Vinschen
2003-09-13  9:05   ` Olivier ALLART
2003-09-15 13:13   ` Olivier ALLART [this message]
2003-09-15 17:13     ` Corinna Vinschen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3F65BAF7.8030902@speeq.com \
    --to=olivier.allart@speeq.com \
    --cc=cygwin@cygwin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).