* ssh with password allows commands that fail with ssh via key
@ 2015-10-01 22:19 Blando, Frank (Helion Managed Engineering)
2015-10-01 23:35 ` Andrey Repin
0 siblings, 1 reply; 3+ messages in thread
From: Blando, Frank (Helion Managed Engineering) @ 2015-10-01 22:19 UTC (permalink / raw)
To: cygwin
I suspect this is already answered somewhere, but my googling has not brought up an answer.
Environment:
CygWin with OpenSSH 6.6.1p1-3 on Windows 2012 R2. Using the domain administrator account as the target on Windows.
Issue:
When I ssh into Windows from Linux, if I use a password, "powershell -command get-cluster" works. If I use key (store in .ssh/authorized_keys), "powershell -command get-cluster" returns access denied. Simpler commands do not appear to make a distinction and work equally well with password or keys.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: ssh with password allows commands that fail with ssh via key
2015-10-01 22:19 ssh with password allows commands that fail with ssh via key Blando, Frank (Helion Managed Engineering)
@ 2015-10-01 23:35 ` Andrey Repin
2015-10-02 0:14 ` Blando, Frank (Helion Managed Engineering)
0 siblings, 1 reply; 3+ messages in thread
From: Andrey Repin @ 2015-10-01 23:35 UTC (permalink / raw)
To: Blando, Frank (Helion Managed Engineering), cygwin
Greetings, Blando, Frank (Helion Managed Engineering)!
> I suspect this is already answered somewhere, but my googling has not brought up an answer.
> Environment:
> CygWin with OpenSSH 6.6.1p1-3 on Windows 2012 R2. Using the domain
> administrator account as the target on Windows.
> Issue:
> When I ssh into Windows from Linux, if I use a password, "powershell
> -command get-cluster" works. If I use key (store in .ssh/authorized_keys),
> "powershell -command get-cluster" returns access denied. Simpler commands do
> not appear to make a distinction and work equally well with password or keys.
Please read the documentation. It is explicitly explained there in great
detail.
http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview
--
With best regards,
Andrey Repin
Friday, October 2, 2015 02:24:20
Sorry for my terrible english...
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: ssh with password allows commands that fail with ssh via key
2015-10-01 23:35 ` Andrey Repin
@ 2015-10-02 0:14 ` Blando, Frank (Helion Managed Engineering)
0 siblings, 0 replies; 3+ messages in thread
From: Blando, Frank (Helion Managed Engineering) @ 2015-10-02 0:14 UTC (permalink / raw)
To: cygwin
Thanks you for the pointer. I hope I read this correctly (It is kind of overwhelming), and unfortunately, that does not appear to be it.
1 - Unlike the mentioned description, access to network share works fine either way (Example command that works either way "powershell -command get-childitem \\server\share") - I have enabled CredSSP and I this might be why.
2 - Using passwd -R to register the password did not make the problem go away (In the windows tradition I restarted the service and killed all sessions)
Frank Blando
Your English beats my non-existent Russian!
-----Original Message-----
From: Andrey Repin [mailto:anrdaemon@yandex.ru]
Sent: Thursday, October 1, 2015 5:27 PM
To: Blando, Frank (Helion Managed Engineering) <frank.blando@hpe.com>; cygwin@cygwin.com
Subject: Re: ssh with password allows commands that fail with ssh via key
Greetings, Blando, Frank (Helion Managed Engineering)!
> I suspect this is already answered somewhere, but my googling has not brought up an answer.
> Environment:
> CygWin with OpenSSH 6.6.1p1-3 on Windows 2012 R2. Using the domain
> administrator account as the target on Windows.
> Issue:
> When I ssh into Windows from Linux, if I use a password, "powershell
> -command get-cluster" works. If I use key (store in
> .ssh/authorized_keys), "powershell -command get-cluster" returns
> access denied. Simpler commands do not appear to make a distinction and work equally well with password or keys.
Please read the documentation. It is explicitly explained there in great detail.
http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview
--
With best regards,
Andrey Repin
Friday, October 2, 2015 02:24:20
Sorry for my terrible english...
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-10-02 0:14 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-10-01 22:19 ssh with password allows commands that fail with ssh via key Blando, Frank (Helion Managed Engineering)
2015-10-01 23:35 ` Andrey Repin
2015-10-02 0:14 ` Blando, Frank (Helion Managed Engineering)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).