This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: How do I run sshd as a particular user?

From: Alfred von Campe <alfred at von-campe dot com>
To: Dave Korn <dave dot korn at artimi dot com>
Cc: cygwin at cygwin dot com
Date: Wed, 2 Apr 2008 09:11:48 -0400
Subject: Re: How do I run sshd as a particular user?
References: <D06D8751-81CE-408B-931B-66DA714FE1CC@von-campe.com> <47C4A0DB.6020007@cygwin.com> <6ADC05D7-7602-4123-81EF-1DE06D26E91F@von-campe.com> <D1627F08-4387-4C0A-94B2-5AFC6C1EA325@von-campe.com> <006301c890e8$4fa2f070$2708a8c0@CAM.ARTIMI.COM>

On Mar 28, 2008, at 11:28, Dave Korn wrote:

Alfred von Campe wrote on 28 March 2008 12:30:
I have tried various ways to get the sshd service started as a domain
user (instead of the default local user "sshd_server") and can not
get it to work.  What is the correct syntax to specify a domain user
with cygrunsrv?  This is what I have tried:
   cygrunsrv -I sshd -u "DOMAINNAME\USERNAME" -w PASSWORD -d "CYGWIN
sshd" -p /usr/sbin/sshd -a -D -e "CYGWIN=bin tty smbntsec" -y tcpip
That's the windows domain user syntax sure enough. There aren't any shell metacharacters in the password by any chance are there?

Nope, just upper and lowercase letters, numbers, and a dash. I also ensured that the user had all the user rights as described in the openssh.README file (well, all except for Increase Quota, which for some reason was not defined on this system, and must not really be required since the sshd_server account also did not have that right and it is able to start the service). The result is the same, the service starts and immediately stops. There is nothing obvious in the logs. I am not really a Windows person, so I've been working with one of our IT guys on this, but he is out today and I will be out tomorrow and Friday, so this will have to wait until next week.

Again, the problem I am trying to solve is to be able to kick off builds remotely and automatically on this Windows server. To do this, we need password-less login, and to that end, we have exchanged ssh keys and have this working. However, by exchanging ssh keys the user is never fully authenticated on the domain, so there is no access to network drives. Is there any other way to have passwordless ssh access yet still be fully authenticated on the domain? I thought starting the service as a domain user would accomplish this, but alas, I have not been able to do that. So if there is any other way to achieve our goal, I'd be happy to try it.

Thanks,
Alfred


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Follow-Ups:
- Re: How do I run sshd as a particular user?
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]