On 2010/02/03 10:07 PM, shane fenton wrote: > Hi, > First time poster - so hopefully will get it right :) > Cygwin 1.7 installed on approx 10 machines - XP /2008 > domain cyg_server user created > Added above user to Quotas/create token/replace token & log on as > service & local admins on pc's > added cyg_server to passwd file > ssh-host-config (found above user and used it and did the right perms > on /var/empty & /var/log/sshd.log ) > added domain user accounts to passwd & domain users group > group
You didn't mention whether you set up the LSA authentication package (with /usr/bin/cyglsa-config), or used 'passwd -R' for each user. Did you try either of those? The Cygwin User Guide goes into great detail about the methods of changing user context, in this chapter: http://cygwin.com/cygwin-ug-net/ntsec.html The gist of that chapter is this: If you want to be able to login via ssh as a user that is not running the sshd daemon, you have basically two options: (1) Provide a valid Windows password to the sshd daemon, either interactively (which you obviously don't want to do, since you're attempting public key auth), or stored statically in the registry via 'passwd -R'. (2) Use the LSA authentication package. Bear in mind that if you use this option to avoid giving sshd your password entirely, I believe that certain privileges are withheld from the logged in user. [I don't remember exactly what privs are missing in this case... access to network resources maybe?] Hope this helps, -SM -- -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple