On May 11 00:10, Dave Korn wrote: > Andrew DeFaria wrote: > > >> So to recap: I'd like to provide pre-shared key ssh access to a > >> particular username. I cannot, however, use an SMB shared home directory > >> for that user without encountering problems with ssh and permissions. > >> > >> If the above statement is not true and you have any ideas on how to > >> achieve these objectives then let me know. > >> > > Anybody care to comment or at least acknowledge this issue? > > The above statement is, unfortunately, true. IIUC, until you can use 1.7 > with the lsa auth plugin (or perhaps this password caching feature, I'm not > familiar with it), any user logging in by ssh key does not really log in as > the actual windows user they are trying to be, but impersonates (after some > fashion - it might not actually be token impersonation in the win32 api sense > of the word) that user, while actually really being the ssh user underneath. > > I could be wrong. I hope someone will jump in if I've seriously mis-spoke, > but I think at least I'm pointing you in the right ball-park.
It's basically correct but it's a bit more complicated for a weird reason which has to do with how Windows handles logon sessions. Reading http://cygwin.com/1.7/cygwin-ug-net/ntsec.html#ntsec-nopasswd1 might sched some light. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
