Hello,
> On 1 Aug 2017, at 20:25, Achim Gratz wrote:
>
> Pierre Souchay writes:
>> (The issue being that root on CYGWIN is not uid=0 but uid=18 aka
>> SYSTEM)
>
> This is a misconception. There is no root user on Windows and
> consequently there is none on Cygwin. There
Pierre Souchay writes:
> (The issue being that root on CYGWIN is not uid=0 but uid=18 aka
> SYSTEM)
This is a misconception. There is no root user on Windows and
consequently there is none on Cygwin. There are multiple possibilities
of what could be usefully considered a proxy for root, so it's
Hi Corinna,
> On 31 Jul 2017, at 22:12, Corinna Vinschen wrote:
>
> On Jul 31 20:38, Pierre Souchay wrote:
>> Hello,
>>
>> Please consider this patch:
>> https://github.com/pierresouchay/cygwin_patches/blob/master/openssh.patch
>>
>> It patches opensshd to allow to
On Jul 31 20:38, Pierre Souchay wrote:
> Hello,
>
> Please consider this patch:
> https://github.com/pierresouchay/cygwin_patches/blob/master/openssh.patch
>
> It patches opensshd to allow to use the AuthorizedKeysCommand on Cygwin
> (similar to
Hello,
Please consider this patch:
https://github.com/pierresouchay/cygwin_patches/blob/master/openssh.patch
It patches opensshd to allow to use the AuthorizedKeysCommand on Cygwin
(similar to https://github.com/openssh/openssh-portable/pull/72 )
Regards
Pierre Souchay
for
this.
David
-Original Message-
From: cygwin-ow...@cygwin.com [mailto:cygwin-ow...@cygwin.com] On Behalf Of
Corinna Vinschen
Sent: Thursday, February 18, 2016 7:13 AM
To: cygwin@cygwin.com
Subject: Re: Possible Security Hole in SSHD w/ CYGWIN?
On Feb 17 10:43, Corinna Vinschen wrote:
> On
On Fri, Feb 19, 2016 at 6:10 AM, Corinna Vinschen wrote:
> Thanks for testing, I really appreciate that.
You're very welcome :)
-- Erik
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
On Feb 18 12:10, Erik Soderquist wrote:
> On Thu, Feb 18, 2016 at 10:12 AM, Corinna Vinschen wrote:
> >
> > I implemented and tested the idea and it seems to work. Note that the
> > underlying problem that we can't generate our own login session when using
> > method 1 persists. However, the new
On Thu, Feb 18, 2016 at 10:12 AM, Corinna Vinschen wrote:
>
> I implemented and tested the idea and it seems to work. Note that the
> underlying problem that we can't generate our own login session when using
> method 1 persists. However, the new code should avoid spilling cyg_server
>
etuid-overview, only
> method 1 should be affected.
> [bla, bla]
> > If that is the case, it seems this is an unintended side effect of the way
> > CYGWIN and sshd work together, and with the current state of Windows there
> > isn't really a way around it.
>
> There migh
, it seems this is an unintended side effect of the way
> CYGWIN and sshd work together, and with the current state of Windows there
> isn't really a way around it.
There might be a way around that. I have a vague idea what to do to
create a new logon session, even when creating the token from
this is an unintended side effect of the way
CYGWIN and sshd work together, and with the current state of Windows there
isn't really a way around it. And that's OK (I can work around it if that's
the case), I just wanted to get to the bottom of why this was happening and
let people know the situation
On Feb 14 13:36, Erik Soderquist wrote:
> I think the key point is that if no network password is stored using
> the "passwd -R" option, then there should be absolutely no network
> access at all in the current code/design, not a fall through to the
> cyg_server account's network access,
On Sun, Feb 14, 2016 at 5:49 AM, Achim Gratz wrote:
> Erik Soderquist writes:
>> I would suspect Domain Admin for the Cyg_server account is a
>> requirement of David's environment, which neither of us know anything
>> about at present. I know I've had to do things that were not "best
>> practice"
David Willis writes:
> So you're telling me any user that logs in using key authentication cannot
> access the network as the same user (i.e. this is the intended behavior)? If
> that's the case wouldn't it be better not to allow network access at ALL,
> rather than allowing it as the service
Erik Soderquist writes:
> I would suspect Domain Admin for the Cyg_server account is a
> requirement of David's environment, which neither of us know anything
> about at present. I know I've had to do things that were not "best
> practice" due to corporate policy on more occasions than I care to
: Friday, February 12, 2016 5:04 PM
To: cygwin@cygwin.com
Subject: Re: Possible Security Hole in SSHD w/ CYGWIN?
With the precise steps listed/demonstrated, I've reproduced it
I connected with ssh as a normal user using a private key, and cd'd to
//server/c$/ successfully, and in the Windows active
David Willis writes:
> I know this is a somewhat unique and I guess obscure issue, but if someone
> could please look into this - I would be very surprised if it was NOT
> reproducible following the steps below. Because if this is actually the case
> it is in fact granting permissions that it
First of all, it is one thing to ask me why I have set this up the way I did
- its another to tell me I've set it up "wrong", especially without known
the ins and outs of my domain and network.
> You still do not seem to have understood what
>
>
On Sat, Feb 13, 2016 at 3:34 AM, Achim Gratz wrote:
> David Willis writes:
>> I know this is a somewhat unique and I guess obscure issue, but if someone
>> could please look into this - I would be very surprised if it was NOT
>> reproducible following the steps below. Because if this is actually
are explicit instructions on how to store your Windows
password in a way that Cygwin sshd (and other Cygwin services) can use
the password for network authentication and that it says not to store
the credentials if you do not need network access when authenticating
via public key, I would make the logical
On Sat, Feb 13, 2016 at 8:29 PM, David Willis wrote:
> Hmm, storing the password in the registry would probably not be optimal... I
> would probably rather deal with lack of network share access from SSH
> sessions than store a plaintext password (haven't tested it so I can't say
> for sure, but
privileges.
Thanks,
David
-Original Message-
From: cygwin-ow...@cygwin.com [mailto:cygwin-ow...@cygwin.com] On Behalf Of
Erik Soderquist
Sent: Saturday, February 13, 2016 4:34 PM
To: cygwin@cygwin.com
Subject: Re: Possible Security Hole in SSHD w/ CYGWIN?
On Sat, Feb 13, 2016 at 4:15 PM, David
this isn't even really doing anything different)
-Original Message-
From: cygwin-ow...@cygwin.com [mailto:cygwin-ow...@cygwin.com] On Behalf Of
Erik Soderquist
Sent: Saturday, February 13, 2016 4:14 PM
To: cygwin@cygwin.com
Subject: Re: Possible Security Hole in SSHD w/ CYGWIN?
> I don't k
r credentials to do so).
Thanks,
David
-Original Message-
From: cygwin-ow...@cygwin.com [mailto:cygwin-ow...@cygwin.com] On Behalf Of
David Willis
Sent: Tuesday, February 09, 2016 9:21 PM
To: cygwin@cygwin.com
Subject: RE: Possible Security Hole in SSHD w/ CYGWIN?
Thank you for
gt; share as (the user I SSH'd in as).
>
> And I just found out with further testing that when I connect using a
> password to Cygwin SSHD server, then access the file share, I have the
> correct permissions and it shows an open session as the user I connected as
> like it should.
Sorry for starting a new thread w/ the reply, forgot to subscribe before
posting my question yesterday...
Thanks for getting back so quickly
Yes, I have read that page pretty much from top to bottom, and as far as I
know I have configured sshd and the user accounts correctly. I have a
On 9 February 2016 at 21:39, David Willis <david_wil...@comcast.net> wrote:
> Just to add an update to this, it appears that processes run from the shell
> while logged into the CYGWIN SSHD server are run as the correct user - i.e.
> I run a ping or cat a file and pipe it to less,
I connect using a
password to Cygwin SSHD server, then access the file share, I have the
correct permissions and it shows an open session as the user I connected as
like it should. So it is something specifically that happens when connecting
using public key authentication.
Here is an example thoug
Just to add an update to this, it appears that processes run from the shell
while logged into the CYGWIN SSHD server are run as the correct user - i.e.
I run a ping or cat a file and pipe it to less, and check Task Manager on
the SSHD server, and those processes show as being run as the user I
Hello,
I noticed that when connecting via SSH to a CYGWIN-based SSHD server, if the
user connects to a network share (i.e. they CD to the share UNC path in the
BASH/CYGWIN shell), they get connected as the privileged server user account
created for privilege separation when SSHD is configured w
David Willis comcast.net> writes:
> To reproduce, connect via SSH (from either a Linux or CYGWIN/Windows client)
> to a CYGWIN-based SSHD server using a normal privileged user account (an
> account preferably that is not an admin either on the client or server
> machine).
Hi,
I'm trying to use cygwin OpenSSH on WinPE 2.0 environment. I've tried the
following 2 setups
1. Cygwin+OpenSSH on Windows XP SP2
2. Cygwin+OpenSSH on WinPE 2.0
Both these setups were done by running the bundled ssh-host-config script.
I'm not using Privilege Separation and also for Setup#2,
Larry Hall (Cygwin) wrote:
[EMAIL PROTECTED] wrote:
a selection of all the error message I am getting. Messing around
trying to start it. it doesn`t show up on netstat -an. I did
install and uninstall a windows port of openssh, I don`T know if
that messed things up. But nothing i
[EMAIL PROTECTED] wrote:
Larry Hall (Cygwin) wrote:
[EMAIL PROTECTED] wrote:
a selection of all the error message I am getting. Messing around
trying to start it. it doesn`t show up on netstat -an. I did
install and uninstall a windows port of openssh, I don`T know if
that messed things
Larry Hall (Cygwin) wrote:
[EMAIL PROTECTED] wrote:
Larry Hall (Cygwin) wrote:
[EMAIL PROTECTED] wrote:
a selection of all the error message I am getting. Messing
around trying to start it. it doesn`t show up on netstat -an.
I did install and uninstall a windows port of
jameshanley39 wrote:
Larry Hall (Cygwin) wrote:
jameshanley39 wrote:
Larry Hall (Cygwin) wrote:
jameshanley39 wrote:
a selection of all the error message I am getting. Messing
around trying to start it. it doesn`t show up on netstat -an.
I did install and uninstall a windows port of
/sbin/sshd
cygrunsrv: Error installing a service: OpenService: Win32 error 1073:
The specified service already exists.
$ net start sshd
The CYGWIN sshd service is starting.
The CYGWIN sshd service was started successfully.
Current [EMAIL PROTECTED] ~
$ net start sshd
The CYGWIN sshd
[EMAIL PROTECTED] wrote:
a selection of all the error message I am getting. Messing around
trying to start it.
it doesn`t show up on netstat -an. I did install and uninstall a
windows port of openssh, I don`T know if that messed things up. But
nothing i easily do about that if it did..
Thanks to let me know which instruction is correct one.
I got the trouble with the official instruction. I just wonder if you can
give me some help, I am new in this area?
My goal is establishing a vista or XP professional base sshd server in
laboratory so that everyone in the lab can use this
I am not like you (I am beginner) or a experienced it depends, if you
want the truth I'll tell you. I understand you. But you are never
going to believe me. And may be it is not a good way for you.
2007/7/27, shiliang Wang [EMAIL PROTECTED]:
Thanks to let me know which instruction is correct
Hi Folks,
Here's the conclusion to my sshd journey. Larry was correct.
When installed properly, sshd should just work, even using keys with
multiple users.
Here's an exact record of the process I used for those considering embarking
on this journey
for themselves. :-)
thanks best regards,
Thanks for this record. It should be useful for others.
Larry
At 10:37 AM 1/4/2005, you wrote:
Hi Folks,
Here's the conclusion to my sshd journey. Larry was correct.
When installed properly, sshd should just work, even using keys with
multiple users.
Here's an exact record of the process
pedal2metal wrote:
[...]
I'm running Windows 2000 Pro SP4 using a February 25,2004 archive of the
redhat mirror for the Cygwin install.
This is ten month old and no longer supported, try to update to a recent
version of Cygwin and tools.
Gerrit
--
=^..^=
--
Unsubscribe info:
: [EMAIL PROTECTED]
-Original Message-
From: pedal2metal [mailto:[EMAIL PROTECTED]
Sent: Sunday, January 02, 2005 1:37 AM
To: cygwin@cygwin.com
Subject: sshd under Cygwin
Hello,
Ok, I installed all of Cygwin then attempted to get sshd running. I
did this about 1.5 years ago
it didn't seem
directories
up to including '/' in openssh.README in the scripts would be a helpful
reminder.
thanks best regards,
eric
-Original Message-
From: pedal2metal [mailto:[EMAIL PROTECTED]
Sent: Sunday, January 02, 2005 6:45 AM
To: cygwin@cygwin.com
Subject: RE: sshd under Cygwin
Hello,
After
At 07:44 AM 1/2/2005, you wrote:
Hello,
After using the following references:
http://ist.uwaterloo.ca/~kscully/SSH/CygwinSSHD_W2K3.html
http://sources.redhat.com/ml/cygwin/2001-11/msg00844.html
/usr/share/doc/Cygwin/openssh.README
/usr/bin/ssh-host-config
/usr/bin/ssh-user-config
plenty of
multiple users working.
thanks best regards,
eric rose
email: [EMAIL PROTECTED]
-Original Message-
From: Larry Hall [mailto:[EMAIL PROTECTED]
Sent: Sunday, January 02, 2005 1:26 PM
To: pedal2metal; cygwin@cygwin.com
Subject: RE: sshd under Cygwin
At 07:44 AM 1/2/2005, you wrote
working
reliably with sshd under Cygwin.
I'm running Windows 2000 Pro SP4 using a February 25,2004 archive of the
redhat mirror for the Cygwin install.
I am operational since I can use my password but I'm completely baffled by
why the RSA2 keys don't work since
I use them on my other systems which I
, Marcel wrote:
Hello,
For a internal prototype we are using cygwin on a windows 2000 system to
transfer data via ssh from one windows machine to this windows system
with cygwin sshd.
If we have alot of data to transfer (e.g. 800 MB) after approximately 10
minutes the transfer hangs
Hi,
I'm not sure whether this is the right place to ask this question. My
apologies if I am intruding into your mailbox.
After starting sshd in cygwin on my winXP machine, do I need to setup
user accounts? I am unable to ssh into my windows machine (using my
regular windows account) from
On Thu, 12 Feb 2004, Rachan Malhotra wrote:
Hi,
I'm not sure whether this is the right place to ask this question. My
apologies if I am intruding into your mailbox.
After starting sshd in cygwin on my winXP machine, do I need to setup
user accounts? I am unable to ssh into my windows
52 matches
Mail list logo