On 2018-03-08 04:44, Bernhard Finster wrote: > login via ssh to cygwin on a domain server 2012r2 standardis not possible > (see error in mail subject). The login is either with password, nor with > publickey possible. > The package was created with cygwinsetup.exe v 2.877 (32bit) and works fine > on every standalone servers. I have createt a setup batch file with the > content below: > > c:\start\cygwin\setup.exe -q --local-install --root c:\cygwin -l > c:\Start\cygwin > cd C:\cygwin\bin > bash --login -c "ssh-host-config -y -c "tty ntsec" -u "cyg_server" -w > "password" --privileged" > bash --login -c "mkdir .ssh" > bash --login -c "cp /cygdrive/c/Start/authorized_keys > .ssh/authorized_keys" > bash --login -c "chmod 700 .ssh" > bash --login -c "cygrunsrv -S sshd" > bash --login -c "syslog-ng-config -y" > bash --login -c "cygrunsrv -S syslog-ng" > > The setup is always startet with the user "Administrator@domain" after > joining the domain. > In my test-domain I have enabled the following user right assignement for the > domain admin cyg_server: > > * Act as part of the operating system > * Create a token object > * Log on as a batch job > * Log on as a service > * Repace a process level token > * Deny log on locally > * Deny logon through Remotedesktop Services > > Attachements: > > * ssh_config, sshd_config, original copy from the server > * ssh-ddd.txt is the output of the command "/usr/sbin/sshd -d -d -d" > * ssh-vvv.txt is the output of a login attempt to the server (usual > Administrator@hostname), I have defined in .ssh/config (host * user > Administrator) > * messages.txt is the output of a login attemt to the server from his > syslog-ng log > * cygcheck > > Sorry for my bad english, I hope it will get better. > Please help if you have any idea for me to get out of this desaster.
You might want to try upgrading setup, upgrading installed packages, and manually running the ...-config scripts elevated, to see if that fixes the problem. seteuid handling: https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
