On Apr 16 19:49, Pierre A. Humblet wrote: > At 12:08 AM 4/17/2004 +0200, Corinna Vinschen wrote: > >On Apr 16 15:44, Peter Kok wrote: > > >> Q2: Could nontsec work with public key authentication? I have granted > >> the account with several local user rights, "create token object, > >> logon > >> as a service' and 'replace a process level token' > > > >Did you give the SYSTEM account the right to read your ~/.ssh directory > >and the files in it? Does the service know about nontsec (set CYGWIN > >in global windows environment or through cygrunsrv)? Is StrictModes set > >to no in /etc/sshd_config? > > >From Peter's question it's not clear if his sshd is running as SYSTEM. > If it is, then granting the privileges to the user should not be > necessary, but that doesn't explain the problem. > > I can reproduce on an NT system, with sshd running as SYSTEM, > but I can't explain it. Part of the debug output of ssh is given > below, with and without ntsec. The difference is in the last few > lines.
It's a problem with the ntsec specific test in OpenSSH itself. The test requires ntsec to be turned on for switching user context w/o password. This isn't required anymore for a while but the test in OpenSSH still insists on ntsec for pubkey auth. I've send a patch to the portable OpenSSH developers list which hopefully makes it into 3.8.1p1, which is due RSN. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Co-Project Leader mailto:[EMAIL PROTECTED] Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
