This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: Using sshd on Windows 2000 with public keys

> -----Original Message-----
> From: Bakken, Luke [] 
> Sent: Tuesday, January 03, 2006 14:43
> To: McCann, Brian
> Subject: RE: Using sshd on Windows 2000 with public keys
> McCann, Brian wrote:
> > Hi all.  I've been fighting this for some time now, and I 
> can't find a
> > solid fix to make this work.  I'm running Cygwin under Windows 2000,
> > and I'm trying to setup ssh using key authentication.  The auth part
> > works fine, but when I try to run commands that require 
> rights inside
> > Windows, it fails (like iisreset).  I've discovered that I need to
> > have sshd run as another user, like Administrator or something, so I
> > did that by changing who the service runs as and setting file
> > permissions and ownerships accordingly, and that fixed the problem
> > for the Administrator account. But, when another user tries 
> to login,
> > it disconnects right away.  In the event log, I see "setreuid 1014:
> > Permission denied.". I've found the fix for Windows 2003, which
> > involves granting the user the service runs as the "Change a
> > process-level token" permission, but that does not exist under
> > Windows 2000.  I can't find a fix for this for 2000.  Is 
> there such a
> > thing?  Does anyone have any ideas that could help me out?
> > 
> > Thanks!
> > --Brian
> Rather than run sshd as someone other than SYSTEM, can you use the
> "runas" command to execute iisreset as another user?

Tried that, and failed.  It gave me:

runas /user:administrator iisreset
Enter password for administrator:RUNAS ERROR: Unable to accept input

I re-did the setup from soup to nuts with a new user to run sshd as, and
I can login as any users now...with keys or with passwords, but I'm back
to where I started, with the command returning:

"Access denied, you must be an administrator of the remote computer to
use this
command. Either have your account added to the administrator local group
the remote computer or to the domain administrator global group." .

Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]