On Sep 12 10:24, Andrew Schulman wrote: > > When a user with administrative privileges logs in to sshd, it seems that > > the user is only granted > > standard user privileges for that session. Is there a way around that? > > How can I get the admin > > privileges for that session? > > Winding this up: > > Password authentication to sshd is all that's needed to be granted the > account's admin privileges on > login. I was mistaken about UAC: unlike at the console, when you log in by > ssh, the account's > admin privileges are granted at login, without needing any further > authentication to UAC.
I'm quite puzzeled since password authentication should not be needed. This should work with pubkey as well. Please see http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview for a discussion how setuid works in Cygwin. In all cases, password auth and passwordless auth, you should get a full admin token. In case of password auth and in the passwordless methods 2 and 3, the OS returns a restricted token under UAC, but that token has a reference to the full admin token attached. Cygwin fetches this token and uses that when switching the user context. In the default passwordless method 1, Cygwin creates a token from scratch, which also has full admin rights. However, this token has a couple of problems as described in http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1 Probably that's what you stumble over. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
