From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 27004 invoked by alias); 19 May 2017 21:37:46 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 26991 invoked by uid 89); 19 May 2017 21:37:46 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,SPF_PASS autolearn=no version=3.3.2 spammy=her, his X-HELO: mail-wr0-f180.google.com Received: from mail-wr0-f180.google.com (HELO mail-wr0-f180.google.com) (209.85.128.180) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 19 May 2017 21:37:45 +0000 Received: by mail-wr0-f180.google.com with SMTP id l9so23357381wre.1 for ; Fri, 19 May 2017 14:37:47 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to; bh=iOGWxGCCCnEUx8uG4fgZiFYFnUNdRaOlM5NJXI+7YI0=; b=MwT3wxZSEfsHanrSOyyZ6XI4oi7599FcF2uRHicOr2aWhX06lWUAQh7ScdVV9FXFAL UDcVzI7sOM5rvoTkOP6uUQAPaT1yRpbRcPTe0RGKmNF687CHqhqjL0OzBMGDwY59sNWW vUZoXTEe0KJthN0bZ+B3HslT5WjrgtjoqBgR4xkxwUucwFEEz6irUs9uShJ117aGKtKK LIgFNFX+B9Q17qjX2vpS7Phhmd5lA0UVzqZUJgoS2ugS9AZtObOogXKV1WnnYeDBcwXF WrGyXJ9+1QXaCPHSVpubBasZwIg4qckmLBDVRLb8+jQhV3s3eCGDzDh/t/k/Ub3vLsym pNRQ== X-Gm-Message-State: AODbwcA4Qm+LDbs67btkOvfBANniGUbk9Qg+d/5AyDdEiQ0mAm98WwId G6cOiieyJrc358gTHh4Nf/22adgh0p9BWFw= X-Received: by 10.223.147.225 with SMTP id 88mr4036535wrp.74.1495229866006; Fri, 19 May 2017 14:37:46 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.173.210 with HTTP; Fri, 19 May 2017 14:37:45 -0700 (PDT) In-Reply-To: References: <6d6087eef8f444edbe659c278f63ab43@AUSX13MPC128.AMER.DELL.COM> From: Erik Soderquist Date: Fri, 19 May 2017 21:50:00 -0000 Message-ID: Subject: Re: SSH Keys breaking symlink access? To: cygwin@cygwin.com Content-Type: text/plain; charset="UTF-8" X-IsSubscribed: yes X-SW-Source: 2017-05/txt/msg00324.txt.bz2 On Fri, May 19, 2017 at 5:30 PM, Erik Soderquist wrote: > This is expected behavior if you have not used "password -R" to > provide the network password. from the doc (https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview): So what we do is to utilize this registry area for the purpose of set(e)uid. The Cygwin command passwd -R allows a user to specify his/her password for storage in this registry area. When this user tries to login using ssh with public key authentication, Cygwin's set(e)uid examines the LSA private registry area and searches for a Cygwin specific key which contains the password. If it finds it, it calls LogonUser under the hood, using this password. If that works, LogonUser returns an access token with all credentials necessary for network access. -- Erik -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple