I managed to get member of the "Users" group to login via SSH, however
via SFTP fails. The prompt appears as follows and is not dependant of
workstation of client.
sftp [EMAIL PROTECTED]
Connecting to sftp.domain...
[EMAIL PROTECTED]'s password:
Connection closed
This of course works for members of the "Administrators" group. Even
if "Users" are granted full access to the root, they are still denied,
ie connection closed. This is the same issue the "Users" had with SSH
so this would lead me to believe the issue is based on group policy
settings.
My questions are...
What are the permission / credential requirements for connecting via
SSH & SFTP and how do they differ?
What group policies does Cygwin require restricted / limited users to
have access to?
Along with the Cygwin report, I have also included the policy
assignment for groups / users. It is comma delimited.
Another note, I was not successful with getting Cygwin to allow any
users of active directory to authenticate. I have found an alternate
method so I no longer require this but it would be a great feature.
Cygwin Configuration Diagnostics
Current System Time: Tue Aug 01 08:35:01 2006
Windows 2003 Server Ver 5.2 Build 3790 Service Pack 1
Path: C:\cygwin\usr\local\bin
C:\cygwin\bin
C:\cygwin\bin
C:\cygwin\usr\X11R6\bin
c:\Program Files\Windows Resource Kits\Tools\
c:\WINDOWS\system32
c:\WINDOWS
c:\WINDOWS\System32\Wbem
c:\Program Files\Intel\DMIX
c:\PROGRA~1\CA\SHARED~1\SCANEN~1
c:\PROGRA~1\CA\ETRUST~1
c:\Program Files\QuickTime\QTSystem\
C:\cygwin\bin
Output from C:\cygwin\bin\id.exe (nontsec)
UID: 500(Administrator) GID: 513(None)
513(None) 544(Administrators) 545(Users)
1037(VPN Users)
Output from C:\cygwin\bin\id.exe (ntsec)
UID: 500(Administrator) GID: 513(None)
513(None) 544(Administrators) 545(Users)
1037(VPN Users)
SysDir: C:\WINDOWS\system32
WinDir: C:\WINDOWS
USER = 'Administrator'
PWD = '/home/Administrator'
CYGWIN = 'ntsec'
HOME = '/home/Administrator'
MAKE_MODE = 'unix'
HOMEPATH = '\Documents and Settings\Administrator'
MANPATH = '/usr/local/man:/usr/share/man:/usr/man::/usr/ssl/man'
APPDATA = 'C:\Documents and Settings\Administrator\Application Data'
HOSTNAME = 'storage'
INOCULAN = 'C:\PROGRA~1\CA\ETRUST~1'
TERM = 'cygwin'
PROCESSOR_IDENTIFIER = 'x86 Family 6 Model 8 Stepping 1, AuthenticAMD'
WINDIR = 'C:\WINDOWS'
OLDPWD = '/usr/bin'
USERDOMAIN = 'STORAGE'
OS = 'Windows_NT'
ALLUSERSPROFILE = 'C:\Documents and Settings\All Users'
TEMP = '/cygdrive/c/DOCUME~1/ADMINI~1/LOCALS~1/Temp'
COMMONPROGRAMFILES = 'C:\Program Files\Common Files'
QTJAVA = 'c:\Program Files\Java\jre1.5.0_05\lib\ext\QTJava.zip'
USERNAME = 'Administrator'
CLUSTERLOG = 'C:\WINDOWS\Cluster\cluster.log'
PROCESSOR_LEVEL = '6'
FP_NO_HOST_CHECK = 'NO'
SYSTEMDRIVE = 'C:'
USERPROFILE = 'C:\Documents and Settings\Administrator'
PS1 = '\[\e]0;[EMAIL PROTECTED] \[\e[33m\]\w\[\e[0m\]\n\$ '
LOGONSERVER = '\\STORAGE'
PROCESSOR_ARCHITECTURE = 'x86'
!C: = 'C:\cygwin\bin'
SHLVL = '1'
PATHEXT = '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH'
HOMEDRIVE = 'C:'
PROMPT = '$P$G'
COMSPEC = 'C:\WINDOWS\system32\cmd.exe'
TMP = '/cygdrive/c/DOCUME~1/ADMINI~1/LOCALS~1/Temp'
SYSTEMROOT = 'C:\WINDOWS'
CVS_RSH = '/bin/ssh'
PROCESSOR_REVISION = '0801'
CLASSPATH = '.;c:\Program Files\Java\jre1.5.0_05\lib\ext\QTJava.zip'
INFOPATH = '/usr/local/info:/usr/share/info:/usr/info:'
PROGRAMFILES = 'C:\Program Files'
NUMBER_OF_PROCESSORS = '1'
AVENGINE = 'C:\PROGRA~1\CA\SHARED~1\SCANEN~1'
SESSIONNAME = 'Console'
COMPUTERNAME = 'STORAGE'
_ = '/usr/bin/cygcheck'
POSIXLY_CORRECT = '1'
HKEY_CURRENT_USER\Software\Cygnus Solutions
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\mounts v2
HKEY_CURRENT_USER\Software\Cygnus Solutions\Cygwin\Program Options
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2
(default) = '/cygdrive'
cygdrive flags = 0x00000022
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/
(default) = 'C:\cygwin'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/usr/bin
(default) = 'C:\cygwin/bin'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/usr/lib
(default) = 'C:\cygwin/lib'
flags = 0x0000000a
HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\Program Options
a: fd FAT 1Mb 66% CP UN
c: hd NTFS 28672Mb 21% CP CS UN PA FC
d: hd NTFS 97652Mb 72% CP CS UN PA FC Music
e: hd NTFS 286165Mb 39% CP CS UN PA FC SGSATA
f: hd NTFS 190779Mb 79% CP CS UN PA FC WDIDE
h: cd N/A N/A
i: cd N/A N/A
C:\cygwin / system binmode
C:\cygwin/bin /usr/bin system binmode
C:\cygwin/lib /usr/lib system binmode
. /cygdrive system binmode,cygdrive
Found: C:\cygwin\bin\awk.exe
Found: C:\cygwin\bin\bash.exe
Found: C:\cygwin\bin\cat.exe
Found: C:\cygwin\bin\cp.exe
Not Found: cpp (good!)
Not Found: crontab
Found: C:\cygwin\bin\find.exe
Not Found: gcc
Not Found: gdb
Found: C:\cygwin\bin\grep.exe
Found: C:\cygwin\bin\kill.exe
Not Found: ld
Found: C:\cygwin\bin\ls.exe
Not Found: make
Found: C:\cygwin\bin\mv.exe
Not Found: patch
Not Found: perl
Found: C:\cygwin\bin\rm.exe
Found: C:\cygwin\bin\sed.exe
Found: C:\cygwin\bin\ssh.exe
Found: C:\cygwin\bin\sh.exe
Found: C:\cygwin\bin\tar.exe
Found: C:\cygwin\bin\test.exe
Not Found: vi
Not Found: vim
56k 2005/07/09 C:\cygwin\bin\cygbz2-1.dll - os=4.0 img=1.0 sys=4.0
"cygbz2-1.dll" v0.0 ts=2005/7/9 0:09
7k 2005/11/20 C:\cygwin\bin\cygcharset-1.dll - os=4.0 img=1.0 sys=4.0
"cygcharset-1.dll" v0.0 ts=2005/11/19 20:24
7k 2003/10/19 C:\cygwin\bin\cygcrypt-0.dll - os=4.0 img=1.0 sys=4.0
"cygcrypt-0.dll" v0.0 ts=2003/10/19 2:57
1108k 2006/06/01 C:\cygwin\bin\cygcrypto-0.9.7.dll - os=4.0 img=1.0 sys=4.0
"cygcrypto-0.9.7.dll" v0.0 ts=2006/6/1 10:50
1050k 2006/06/01 C:\cygwin\bin\cygcrypto-0.9.8.dll - os=4.0 img=1.0 sys=4.0
"cygcrypto-0.9.8.dll" v0.0 ts=2006/6/1 11:08
40k 2006/03/24 C:\cygwin\bin\cygform-8.dll - os=4.0 img=1.0 sys=4.0
"cygform-8.dll" v0.0 ts=2006/3/24 1:16
45k 2001/04/25 C:\cygwin\bin\cygform5.dll - os=4.0 img=1.0 sys=4.0
"cygform5.dll" v0.0 ts=2001/4/25 0:28
35k 2002/01/09 C:\cygwin\bin\cygform6.dll - os=4.0 img=1.0 sys=4.0
"cygform6.dll" v0.0 ts=2002/1/9 0:03
48k 2003/08/09 C:\cygwin\bin\cygform7.dll - os=4.0 img=1.0 sys=4.0
"cygform7.dll" v0.0 ts=2003/8/9 4:25
28k 2003/07/20 C:\cygwin\bin\cyggdbm-3.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm-3.dll" v0.0 ts=2003/7/20 2:58
30k 2003/08/11 C:\cygwin\bin\cyggdbm-4.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm-4.dll" v0.0 ts=2003/8/10 21:12
19k 2003/03/22 C:\cygwin\bin\cyggdbm.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm.dll" v0.0 ts=2002/2/19 21:05
15k 2003/07/20 C:\cygwin\bin\cyggdbm_compat-3.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm_compat-3.dll" v0.0 ts=2003/7/20 3:00
15k 2003/08/11 C:\cygwin\bin\cyggdbm_compat-4.dll - os=4.0 img=1.0 sys=4.0
"cyggdbm_compat-4.dll" v0.0 ts=2003/8/10 21:13
17k 2001/06/28 C:\cygwin\bin\cyghistory4.dll - os=4.0 img=1.0 sys=4.0
"cyghistory4.dll" v0.0 ts=2001/1/6 22:34
29k 2003/08/10 C:\cygwin\bin\cyghistory5.dll - os=4.0 img=1.0 sys=4.0
"cyghistory5.dll" v0.0 ts=2003/8/10 18:16
24k 2006/03/25 C:\cygwin\bin\cyghistory6.dll - os=4.0 img=1.0 sys=4.0
"cyghistory6.dll" v0.0 ts=2006/3/25 8:05
947k 2005/11/20 C:\cygwin\bin\cygiconv-2.dll - os=4.0 img=1.0 sys=4.0
"cygiconv-2.dll" v0.0 ts=2005/11/19 20:24
22k 2001/12/13 C:\cygwin\bin\cygintl-1.dll - os=4.0 img=1.0 sys=4.0
"cygintl-1.dll" v0.0 ts=2001/12/13 3:28
37k 2003/08/10 C:\cygwin\bin\cygintl-2.dll - os=4.0 img=1.0 sys=4.0
"cygintl-2.dll" v0.0 ts=2003/8/10 16:50
31k 2005/11/20 C:\cygwin\bin\cygintl-3.dll - os=4.0 img=1.0 sys=4.0
"cygintl-3.dll" v0.0 ts=2005/11/19 20:04
21k 2001/06/20 C:\cygwin\bin\cygintl.dll - os=4.0 img=1.0 sys=4.0
"cygintl.dll" v0.0 ts=2001/6/20 12:09
21k 2006/03/24 C:\cygwin\bin\cygmenu-8.dll - os=4.0 img=1.0 sys=4.0
"cygmenu-8.dll" v0.0 ts=2006/3/24 1:16
26k 2001/04/25 C:\cygwin\bin\cygmenu5.dll - os=4.0 img=1.0 sys=4.0
"cygmenu5.dll" v0.0 ts=2001/4/25 0:27
20k 2002/01/09 C:\cygwin\bin\cygmenu6.dll - os=4.0 img=1.0 sys=4.0
"cygmenu6.dll" v0.0 ts=2002/1/9 0:03
29k 2003/08/09 C:\cygwin\bin\cygmenu7.dll - os=4.0 img=1.0 sys=4.0
"cygmenu7.dll" v0.0 ts=2003/8/9 4:25
21k 2004/10/22 C:\cygwin\bin\cygminires.dll - os=4.0 img=1.0 sys=4.0
"cygminires.dll" v0.0 ts=2004/10/22 15:28
67k 2006/03/24 C:\cygwin\bin\cygncurses++-8.dll - os=4.0 img=1.0 sys=4.0
"cygncurses++-8.dll" v0.0 ts=2006/3/24 1:17
156k 2001/04/25 C:\cygwin\bin\cygncurses++5.dll - os=4.0 img=1.0 sys=4.0
"cygncurses++5.dll" v0.0 ts=2001/4/25 0:29
175k 2002/01/09 C:\cygwin\bin\cygncurses++6.dll - os=4.0 img=1.0 sys=4.0
"cygncurses++6.dll" v0.0 ts=2002/1/9 0:03
227k 2006/03/24 C:\cygwin\bin\cygncurses-8.dll - os=4.0 img=1.0 sys=4.0
"cygncurses-8.dll" v0.0 ts=2006/3/23 22:51
226k 2001/04/25 C:\cygwin\bin\cygncurses5.dll - os=4.0 img=1.0 sys=4.0
"cygncurses5.dll" v0.0 ts=2001/4/25 0:17
202k 2002/01/09 C:\cygwin\bin\cygncurses6.dll - os=4.0 img=1.0 sys=4.0
"cygncurses6.dll" v0.0 ts=2002/1/9 0:03
224k 2003/08/09 C:\cygwin\bin\cygncurses7.dll - os=4.0 img=1.0 sys=4.0
"cygncurses7.dll" v0.0 ts=2003/8/9 4:24
12k 2006/03/24 C:\cygwin\bin\cygpanel-8.dll - os=4.0 img=1.0 sys=4.0
"cygpanel-8.dll" v0.0 ts=2006/3/24 1:16
15k 2001/04/25 C:\cygwin\bin\cygpanel5.dll - os=4.0 img=1.0 sys=4.0
"cygpanel5.dll" v0.0 ts=2001/4/25 0:27
12k 2002/01/09 C:\cygwin\bin\cygpanel6.dll - os=4.0 img=1.0 sys=4.0
"cygpanel6.dll" v0.0 ts=2002/1/9 0:03
19k 2003/08/09 C:\cygwin\bin\cygpanel7.dll - os=4.0 img=1.0 sys=4.0
"cygpanel7.dll" v0.0 ts=2003/8/9 4:24
109k 2006/02/10 C:\cygwin\bin\cygpcre-0.dll - os=4.0 img=1.0 sys=4.0
"cygpcre-0.dll" v0.0 ts=2006/2/9 20:37
299k 2006/02/10 C:\cygwin\bin\cygpcrecpp-0.dll - os=4.0 img=1.0 sys=4.0
"cygpcrecpp-0.dll" v0.0 ts=2006/2/9 20:38
7k 2006/02/10 C:\cygwin\bin\cygpcreposix-0.dll - os=4.0 img=1.0 sys=4.0
"cygpcreposix-0.dll" v0.0 ts=2006/2/9 20:37
22k 2002/06/09 C:\cygwin\bin\cygpopt-0.dll - os=4.0 img=1.0 sys=4.0
"cygpopt-0.dll" v0.0 ts=2002/6/9 0:45
108k 2001/06/28 C:\cygwin\bin\cygreadline4.dll - os=4.0 img=1.0 sys=4.0
"cygreadline4.dll" v0.0 ts=2001/1/6 22:34
148k 2003/08/10 C:\cygwin\bin\cygreadline5.dll - os=4.0 img=1.0 sys=4.0
"cygreadline5.dll" v0.0 ts=2003/8/10 18:16
152k 2006/03/25 C:\cygwin\bin\cygreadline6.dll - os=4.0 img=1.0 sys=4.0
"cygreadline6.dll" v0.0 ts=2006/3/25 8:05
230k 2006/06/01 C:\cygwin\bin\cygssl-0.9.7.dll - os=4.0 img=1.0 sys=4.0
"cygssl-0.9.7.dll" v0.0 ts=2006/6/1 10:50
214k 2006/06/01 C:\cygwin\bin\cygssl-0.9.8.dll - os=4.0 img=1.0 sys=4.0
"cygssl-0.9.8.dll" v0.0 ts=2006/6/1 11:08
65k 2005/08/23 C:\cygwin\bin\cygz.dll - os=4.0 img=1.0 sys=4.0
"cygz.dll" v0.0 ts=2005/8/22 21:03
1831k 2006/07/24 C:\cygwin\bin\cygwin1.dll - os=4.0 img=1.0 sys=4.0
"cygwin1.dll" v0.0 ts=2006/7/23 19:11
Cygwin DLL version info:
DLL version: 1.5.21
DLL epoch: 19
DLL bad signal mask: 19005
DLL old termios: 5
DLL malloc env: 28
API major: 0
API minor: 156
Shared data: 4
DLL identifier: cygwin1
Mount registry: 2
Cygnus registry name: Cygnus Solutions
Cygwin registry name: Cygwin
Program options name: Program Options
Cygwin mount registry name: mounts v2
Cygdrive flags: cygdrive flags
Cygdrive prefix: cygdrive prefix
Cygdrive default prefix:
Build date: Sun Jul 23 20:11:16 EDT 2006
Shared id: cygwin1S4
Service : sshd
Display name : CYGWIN sshd
Current State : Running
Controls Accepted : Stop
Command : /usr/sbin/sshd -D
stdin path : /dev/null
stdout path : /var/log/sshd.log
stderr path : /var/log/sshd.log
Environment : CYGWIN="ntsec"
Process Type : Own Process
Startup : Automatic
Dependencies : tcpip
Account : LocalSystem
Cygwin Package Information
Last downloaded files to: C:\cygwin
Last downloaded files from: ftp://ftp.planetmirror.com/pub/sourceware/cygwin
Package Version
_update-info-dir 00415-1
alternatives 1.3.20a-2
ash 20040127-3
base-files 3.7-1
base-passwd 2.2-1
bash 3.1-6
bzip2 1.0.3-1
coreutils 5.97-1
crypt 1.1-1
cygrunsrv 1.17-1
cygutils 1.3.0-1
cygwin 1.5.21-1
cygwin-doc 1.4-3
diffutils 2.8.7-1
editrights 1.01-1
findutils 4.3.0-2
gawk 3.1.5-4
gdbm 1.8.3-7
grep 2.5.1a-2
groff 1.18.1-2
gzip 1.3.5-2
less 381-1
libbz2_1 1.0.3-1
libcharset1 1.9.2-2
libgdbm 1.8.0-5
libgdbm-devel 1.8.3-7
libgdbm3 1.8.3-3
libgdbm4 1.8.3-7
libiconv 1.9.2-2
libiconv2 1.9.2-2
libintl 0.10.38-3
libintl1 0.10.40-1
libintl2 0.12.1-3
libintl3 0.14.5-1
libncurses5 5.2-1
libncurses6 5.2-8
libncurses7 5.3-4
libncurses8 5.5-2
libpcre0 6.6-1
libpopt0 1.6.4-4
libreadline4 4.1-2
libreadline5 4.3-5
libreadline6 5.1-5
login 1.9-7
man 1.5p-1
minires 1.00-1
mktemp 1.5-3
ncurses 5.5-2
openssh 4.3p2-3
openssl 0.9.8b-1
openssl097 0.9.7j-1
run 1.1.10-1
sed 4.1.5-1
tar 1.15.91-1
termcap 20050421-1
terminfo 5.5_20060323-1
texinfo 4.8-3
which 1.7-1
zlib 1.2.3-1
Use -h to see help about each section
Policy,Security Setting
Access this computer from the
network,Everyone,IUSR_STORAGE,Administrators,Users,Power Users,Backup Operators
Act as part of the operating system,
Add workstations to domain,
Adjust memory quotas for a process,LOCAL SERVICE,NETWORK SERVICE,Administrators
Allow log on locally,IUSR_STORAGE,Administrators,Users,Power Users,Backup
Operators
Allow log on through Terminal Services,Administrators,Remote Desktop Users
Back up files and directories,Administrators,Backup Operators
Bypass traverse checking,Everyone,Administrators,Users,Power Users,Backup
Operators
Change the system time,LOCAL SERVICE,Administrators,Power Users
Create a pagefile,Administrators
Create a token object,
Create global objects,Administrators,SERVICE
Create permanent shared objects,
Debug programs,Administrators
Deny access to this computer from the network,SUPPORT_388945a0
Deny log on as a batch job,
Deny log on as a service,
Deny log on locally,SUPPORT_388945a0
Deny log on through Terminal Services,
Enable computer and user accounts to be trusted for delegation,
Force shutdown from a remote system,Administrators
Generate security audits,LOCAL SERVICE,NETWORK SERVICE
Impersonate a client after authentication,IIS_WPG,Administrators,SERVICE
Increase scheduling priority,Administrators
Load and unload device drivers,Administrators
Lock pages in memory,
Log on as a batch job,LOCAL
SERVICE,SUPPORT_388945a0,IUSR_STORAGE,IIS_WPG,Administrator
Log on as a service,NETWORK SERVICE
Manage auditing and security log,Administrators
Modify firmware environment values,Administrators
Perform volume maintenance tasks,Administrators
Profile single process,Administrators,Power Users
Profile system performance,Administrators
Remove computer from docking station,Administrators,Power Users
Replace a process level token,LOCAL SERVICE,NETWORK SERVICE
Restore files and directories,Administrators,Backup Operators
Shut down the system,Administrators,Power Users,Backup Operators
Synchronize directory service data,
Take ownership of files or other objects,Administrators
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
