On 5/31/2017 5:37 AM, Houder wrote: > On Tue, 30 May 2017 21:28:41, "Larry Hall (Cygwin)" wrote: > > [snip] >> Cygwin's link to the Windows user ID is through the UID/SID mapping. In >> your case, you're apparently using /etc/passwd and so that's where the >> mapping happens. You can map the UID of a Cygwin user to any valid Windows >> SID by editing the SID as you did. This doesn't change how things look in >> the Cygwin environment (i.e. the UID and user name are still the same) but >> it does make a difference to Windows. So the fact that you can change the >> SID for the 'sshd' user and still get it to run is not all that surprising, >> assuming that the new Windows SID that you're using as 'sshd' now has at >> least similar permissions. Of course, if you remove Cygwin's understanding >> of 'sshd' so that it can't do the mapping of UID to SID or even have a >> valid UID, then subsequent problems are not unexpected. > > Hi Larry, > > Thanks for your reply! Discussion! > > First of all, I do not pretend to know Windows ... neither do I pretend that I > know more about ssh/Cygwin than Corinna does (basically, I know not very > much). > > .. the only thing I am able to, is "observe" (and I may interpret wrong), and > may have done "stupid" things. That is why your reply is appreciated by me. > > Now back to your reply: > > I had modified /etc/password as follows: (note the xxxx in the sid) > > sshd:*:1015:513:U-Seven\sshd,S-1-5-21-91509220-1575020443-2714799223-xxxx:/var/empty:/bin/false > > However, just now I modified it as follows: > > sshd:*:1015:513:U-Seven\sshd,S-1-5-21-xxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-xxxx:/var/empty:/bin/false > > (again changed the sshd service into 'automatic'), and rebooted the system. > > After system reboot, an elevated shell is started ... > (the ampersand sign at the end of the prompt indicates it is an elevated > shell)
All of this talk of /etc/passwd leads me to point you to https://cygwin.com/cygwin-ug-net/ntsec.html. -- cyg Simple -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
