This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: Success in accessing network shares on windows through sshd

Larry Hall wrote:
> Currently, the way to get what you want is to ssh in with password
> authentication.  That way, Windows knows who you are and that you are
> allowed access to network shares.  When you ssh in with pubkey
> authentication, you are not authenticated through Windows but
> rather the user running the sshd service.  So you don't have access
> to your mapped network drives (automatically) since Windows doesn't
> recognize you as you.  The fact that you can have a screen session that
> was started locally (as you) on that remote machine and then reconnect to
> that session when you log in with pubkey ssh in no way means that ssh now
> understands you as you.  It just means you've connected up to a local
> instance of screen started by a fully authenticated session.  This is doing
> nothing more than ssh with password authentication but with added user
> hassle, since they need to be co-located with the remote machine so that
> they can start up an authenticated screen session to leverage from their
> ssh (pubkey or not) session.  I don't see that as a better option than just
> sshing in with password authentication and skipping all the extra effort of
> creating a local session of screen first.

Just a thought:  Has there been any work done in the past to create a Windows
Security Service Provider that implements SSH2?  My first impression is that
a custom sshd SSP integrated into Windows itself would be a way to enable
sshd running as a service to impersonate a real Windows user.

Peter K.

Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]