* ssh-host-config doesn't "inherit" user admin privilege
@ 2021-01-15 1:21 art
2021-01-15 2:04 ` Need admin privs before something can inherit them (was Re: ssh-host-config doesn't "inherit" user admin privilege) L A Walsh
2021-01-15 16:25 ` ssh-host-config doesn't "inherit" user admin privilege Bill Stewart
0 siblings, 2 replies; 5+ messages in thread
From: art @ 2021-01-15 1:21 UTC (permalink / raw)
To: 'cygwin@cygwin.com'
I get a security code 5 when ssh-host-config tries to install cygsshd. I was logged into Win 10 pro/x64 as an admin user. The "fix" was to start a Cygwin64 Terminal with Admin and then run ssh-host-config within this script. Other installers have produced the same nuisance. These needed an admin command prompt to get around the same "inheritance" limitation.
Art
**********************************
Veni, vidi, vectori! @1976, 2021
Art Lazanoff
art@parrotbyte.com
http://www.parrotbyte.com/art
Still pix of Blaze:
https://www.parrotbyte.com/art/Blaze_pix.htm
Live Blaze cam: 11am to 9pm PST
https://iframe.dacast.com/b/98255/c/564234
"Listen Live" http://kcsm.org/
**********************************
^ permalink raw reply [flat|nested] 5+ messages in thread
* Need admin privs before something can inherit them (was Re: ssh-host-config doesn't "inherit" user admin privilege)
2021-01-15 1:21 ssh-host-config doesn't "inherit" user admin privilege art
@ 2021-01-15 2:04 ` L A Walsh
2021-01-15 2:55 ` art
2021-01-15 16:25 ` ssh-host-config doesn't "inherit" user admin privilege Bill Stewart
1 sibling, 1 reply; 5+ messages in thread
From: L A Walsh @ 2021-01-15 2:04 UTC (permalink / raw)
To: art; +Cc: 'cygwin@cygwin.com'
On 2021/01/14 17:21, art wrote:
> I get a security code 5 when ssh-host-config tries to install cygsshd. I was logged into Win 10 pro/x64 as an admin user. The "fix" was to start a Cygwin64 Terminal with Admin and then run ssh-host-config within this script.
You say ssh-host-config tries to install cygsshd. How was ssh-host-config
called (started)? When Cygwin64 Terminal was run, it was run with Admin
at the start. Was that done when ssh-host-config was run?
How was it run?
unrelated...:
> Veni, vidi, vectori! @1976, 2021
>
---
You like vectoring, I take it? :-)?
Cheers!
Linda
^ permalink raw reply [flat|nested] 5+ messages in thread
* RE: Need admin privs before something can inherit them (was Re: ssh-host-config doesn't "inherit" user admin privilege)
2021-01-15 2:04 ` Need admin privs before something can inherit them (was Re: ssh-host-config doesn't "inherit" user admin privilege) L A Walsh
@ 2021-01-15 2:55 ` art
2021-01-15 4:38 ` Brian Inglis
0 siblings, 1 reply; 5+ messages in thread
From: art @ 2021-01-15 2:55 UTC (permalink / raw)
To: 'L A Walsh'; +Cc: 'cygwin@cygwin.com'
Yes, I did a right-click on the cygwin terminal icon and chose a "run as administrator" option. This is like doing a sudo to start a linux shell... everything run in the shell inherits "admin"/"root" as appropriate. Followed by using this shell to do:
cd /usr/bin
./ssh-host-config
I entered 'yes' responses to the various setup questions including yes to privileged separation. I never bumped into this sort of inheritance problem in Windows 7 and earlier. Seems to be a Windows 10 "feature". This past week I ran into the same problem using an Intel supplied command script to install their hydra_mpi server. Another knowledgeable Windows 10 user reports he, too, has encountered this issue.
After installation I do some local tweaks to sshd_config such as disablng plain-text password logins. I'm able to succesfully connect using ssh/sftp from other platforms to this system using public key authentication. Windows is configured to autostart cygsshd.
I can add that I previously added C:\cygwin64 to the list of Windows Defender exceptions.
Yes, I used to do a lot of work on Control Data Cyber205s, ETA-10s and Cray C90s. Practically speaking vector operations can make effective use of memory bandwidth.
In other words, a vector a day keeps the scalars away!
Regards,
Art
-----Original Message-----
From: L A Walsh [mailto:cygwin@tlinx.org]
Sent: Thursday, January 14, 2021 6:05 PM
To: art
Cc: 'cygwin@cygwin.com'
Subject: Need admin privs before something can inherit them (was Re: ssh-host-config doesn't "inherit" user admin privilege)
On 2021/01/14 17:21, art wrote:
> I get a security code 5 when ssh-host-config tries to install cygsshd. I was logged into Win 10 pro/x64 as an admin user. The "fix" was to start a Cygwin64 Terminal with Admin and then run ssh-host-config within this script.
You say ssh-host-config tries to install cygsshd. How was ssh-host-config
called (started)? When Cygwin64 Terminal was run, it was run with Admin
at the start. Was that done when ssh-host-config was run?
How was it run?
unrelated...:
> Veni, vidi, vectori! @1976, 2021
>
---
You like vectoring, I take it? :-)?
Cheers!
Linda
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Need admin privs before something can inherit them (was Re: ssh-host-config doesn't "inherit" user admin privilege)
2021-01-15 2:55 ` art
@ 2021-01-15 4:38 ` Brian Inglis
0 siblings, 0 replies; 5+ messages in thread
From: Brian Inglis @ 2021-01-15 4:38 UTC (permalink / raw)
To: cygwin
On 2021-01-14 19:55, art wrote:
> On Thursday, January 14, 2021 6:05 PM, L A Walsh wrote:
>> On 2021/01/14 17:21, art wrote:
>>> I get a security code 5 when ssh-host-config tries to install cygsshd. I
>>> was logged into Win 10 pro/x64 as an admin user. The "fix" was to start a
>>> Cygwin64 Terminal with Admin and then run ssh-host-config within this script.
>> You say ssh-host-config tries to install cygsshd. How was ssh-host-config
>> called (started)? When Cygwin64 Terminal was run, it was run with Admin
>> at the start. Was that done when ssh-host-config was run?
>>
>> How was it run?
> Yes, I did a right-click on the cygwin terminal icon and chose a "run as
> administrator" option. This is like doing a sudo to start a linux shell...
> everything run in the shell inherits "admin"/"root" as appropriate. Followed
> by using this shell to do:
>
> cd /usr/bin
> ./ssh-host-config
>
> I entered 'yes' responses to the various setup questions including yes to
> privileged separation. I never bumped into this sort of inheritance problem
> in Windows 7 and earlier. Seems to be a Windows 10 "feature". This past week
> I ran into the same problem using an Intel supplied command script to
> install their hydra_mpi server. Another knowledgeable Windows 10 user reports
> he, too, has encountered this issue.
It's been years but I don't remember anything being different under Win 7, for
"non-native" Windows programs that are not prepared to handle elevation, whereas
Cygwin setup is and does.
> After installation I do some local tweaks to sshd_config such as disablng
> plain-text password logins. I'm able to succesfully connect using ssh/sftp
> from other platforms to this system using public key authentication. Windows
> is configured to autostart cygsshd.
>
> I can add that I previously added C:\cygwin64 to the list of Windows
> Defender exceptions.
You always had to start cmd or bash with Run as Admin to run anything elevated
e.g. C:\cygwin64\bin\bash /bin/script.
Similarly in Windows scheduled tasks: Run as SYSTEM, whether logged in or not,
Do not store password, with highest privileges.
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: ssh-host-config doesn't "inherit" user admin privilege
2021-01-15 1:21 ssh-host-config doesn't "inherit" user admin privilege art
2021-01-15 2:04 ` Need admin privs before something can inherit them (was Re: ssh-host-config doesn't "inherit" user admin privilege) L A Walsh
@ 2021-01-15 16:25 ` Bill Stewart
1 sibling, 0 replies; 5+ messages in thread
From: Bill Stewart @ 2021-01-15 16:25 UTC (permalink / raw)
To: cygwin
On Thu, Jan 14, 2021 at 6:21 PM art wrote:
>
> I get a security code 5 when ssh-host-config tries to install cygsshd. I was logged into Win 10 pro/x64 as an admin user. The "fix" was to start a Cygwin64 Terminal with Admin and then run ssh-host-config within this script. Other installers have produced the same nuisance. These needed an admin command prompt to get around the same "inheritance" limitation.
Are you asking a question or reporting a problem?
It sounds like you are confusing logging on using an admin user (i.e.,
a user that's a member of the local Administrators group) with
elevation (a process that runs using full administrative privileges).
Bill
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-01-15 16:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-15 1:21 ssh-host-config doesn't "inherit" user admin privilege art
2021-01-15 2:04 ` Need admin privs before something can inherit them (was Re: ssh-host-config doesn't "inherit" user admin privilege) L A Walsh
2021-01-15 2:55 ` art
2021-01-15 4:38 ` Brian Inglis
2021-01-15 16:25 ` ssh-host-config doesn't "inherit" user admin privilege Bill Stewart
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).