Alan Sinclair-2 wrote:
>
> After installing Cygwin LSA authentication, code signing fails coming in
> over ssh from another machine.
> This is cygwin 1.7.9 on x64 Windows 2003 (CYGWIN_NT-5.2-WOW64 AlansW2033
> 1.7.9(0.237/5/3) 2011-03-29 10:10 i686 Cygwin)
>
> Running locally, signing succeeds, but run in an ssh session the signing
> call gets:
>
> SignTool Error: ISignedCode::Sign returned error: 0x80092006
> No provider was specified for the store or object.
>
> How can I get signing working with Cygwin LSA registered?
>
> Details:
>
> I installed and set up sshd using the ssh-host-config script (using
> default settings). At this point signing worked fine, but in a
> non-interactive ssh session Visual C++ failed (cl.exe /Zi got fatal error
> C1902), so the Cygwin LSA authentication package was registered.using
> cyglsa-config. Now in an ssh session cl.exe works but signing fails.
>
> E.g.
>
> $ ssh alansi@10.217.120.208 bash '/home/alansi/sign/signtest.sh'
>
> where signtest.sh is
>
> #!/bin/sh
> /cygdrive/c/signing/signtool sign -a -v \
> -n ' XXXXXXXX '
> -sha1 "1234567812345678123456781234567812345678" \
> -t "http://timestamp.verisign.com/scripts/timstamp.dll"; \
> -ac MSCV-VSClass3.cer -d "MyProg" ./mybinary.sys
>
> gets this message:
>
> The following certificate was selected:
> Issued to: XXXXXXXX
> Issued by: VeriSign Class 3 Code Signing 2004 CA
> Expires: 2/5/2012 4:59:59 PM
> SHA1 hash: 1234567812345678123456781234567812345678
>
> Done Adding Additional Store
> Attempting to sign: ./mybinary.sys
>
> Number of files successfully Signed: 0
> Number of warnings: 0
> Number of errors: 1
> SignTool Error: ISignedCode::Sign returned error: 0x80092006
> No provider was specified for the store or object.
>
> (Incidentally, this signing over shh does work when run on the target
> machine; i.e. when ssh'ing onto itself.)
>
> Fwiw I've also tried signing using the certificate (pfx) file with
> password. That also works locally but fails via ssh:
>
> #!/bin/sh
> /cygdrive/c/signing/signtool sign /f mycert.pfx /p password
> ./mybinary.sys
>
> SignTool Error: IStore2::Load returned error: 0x80070005
> Access is denied.
> SignTool Error: An error occurred while attempting to load the signing
> certificate from: mycert.pfx
>
> This is a showstopper, so if the machine has to be rebuilt from scratch
> that's fine. It must be able to compile with Visual C++ (gc++ is not an
> option, unfortunately) and sign over ssh.
> Thanks
>
> --
> Problem reports: http://cygwin.com/problems.html
> FAQ: http://cygwin.com/faq/
> Documentation: http://cygwin.com/docs.html
> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
>
>
>
I would suggest bash -l.
Moreover check all variables that are normally set by windows (compare
output of printenv and/or SET in normal versus remote shell)
Google has better suggestions
Consider second solution on
http://stackoverflow.com/questions/1045855/signtool-error-isignedcodesign-returned-error-0x80092006
--
View this message in context:
http://old.nabble.com/Cygwin-LSA-breaks-code-signing----how-can-I-fix-it--tp32564538p32579643.html
Sent from the Cygwin list mailing list archive at Nabble.com.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
