This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ssh, smbntsec, mounted home directory - is it possible

On May 11 00:10, Dave Korn wrote:
> Andrew DeFaria wrote:
> >> So to recap: I'd like to provide pre-shared key ssh access to a
> >> particular username. I cannot, however, use an SMB shared home directory
> >> for that user without encountering problems with ssh and permissions.
> >>
> >> If the above statement is not true and you have any ideas on how to
> >> achieve these objectives then let me know.
> >>   
> > Anybody care to comment or at least acknowledge this issue?
>   The above statement is, unfortunately, true.  IIUC, until you can use 1.7
> with the lsa auth plugin (or perhaps this password caching feature, I'm not
> familiar with it), any user logging in by ssh key does not really log in as
> the actual windows user they are trying to be, but impersonates (after some
> fashion - it might not actually be token impersonation in the win32 api sense
> of the word) that user, while actually really being the ssh user underneath.
>   I could be wrong.  I hope someone will jump in if I've seriously mis-spoke,
> but I think at least I'm pointing you in the right ball-park.

It's basically correct but it's a bit more complicated for a weird reason
which has to do with how Windows handles logon sessions.  Reading might
sched some light.


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]