From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-return-80906-listarch-cygwin=sourceware.org@cygwin.com>
Received: (qmail 28425 invoked by alias); 15 Sep 2003 13:13:30 -0000
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Received: (qmail 28418 invoked from network); 15 Sep 2003 13:13:29 -0000
Received: from unknown (HELO foundation.speeq.com) (213.41.71.26)
  by sources.redhat.com with SMTP; 15 Sep 2003 13:13:29 -0000
Received: from speeq.com [193.251.54.29] by foundation.speeq.com with ESMTP
  (SMTPD32-6.06) id A9374FB020E; Mon, 15 Sep 2003 15:05:59 +0200
Message-ID: <3F65BAF7.8030902@speeq.com>
Date: Mon, 15 Sep 2003 13:13:00 -0000
From: Olivier ALLART <olivier.allart@speeq.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.3.1) Gecko/20030425
X-Accept-Language: en-us, en
MIME-Version: 1.0
To:  cygwin@cygwin.com
Subject: Re: Sshd - Can't get access thru Public Key
References: <3F61ED47.6090606@speeq.com> <20030913085632.GO9981@cygbert.vinschen.de>
In-Reply-To: <20030913085632.GO9981@cygbert.vinschen.de>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-SW-Source: 2003-09/txt/msg00945.txt.bz2

Corinna Vinschen wrote:

>On Fri, Sep 12, 2003 at 05:59:03PM +0200, Olivier ALLART wrote:
>  
>
>>On aWin 2003 Server, I got the message
>>'Setuid : 500: Not permitted' when trying to login using RSA PK mechanisms.
>>Login/Passwd works just fine, but using a PKey won't work.
>>    
>>
>
>That can be found in the mailing list archive already.
>E.g. http://www.cygwin.com/ml/cygwin/2003-07/msg00684.html
>
>Corinna
>

I found out the following;

>create a special account for this, which is member of the admins
>group and has the additional user privileges "Create a token object",
>"Replace a process level token" and "Logon as a service".  Probably
>it makes sense to remove other privileges from that account, e.g.
>the right to logon locally or so.

my (dumb ?) question is : where do we define such parameters ?

And if I get the thing correctly, sshd sould still run the same way 
(under the sshd user account with local sys privileges) but we should 
connect using this newluy created user account to log in .. am I right ?

>
>  
>



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/