vinschen at redhat
Nov 10, 2009, 1:52 AM
Post #2 of 2
(827 views)
Permalink
|
|
Re: Cygwin OpenSSH 5.1 login session per user
[In reply to]
|
|
On Nov 10 00:09, petesea [at] bigfoot wrote:
> I'm using Cygwin OpenSSH 5.1 on a Windows XP SP3 system.
>
> Is sshd supposed to create a new "login session" for each user that
> logs in? Or, is there a way to force it to create a new "login
> session" for each user that logs in?
>
> Once logged in, I'm trying to use the Kerberos for Windows command
> line utilities (klist/kinit), but I'm told by one of the KfW
> developers, each user must be in it's own login session. From the
> way klist/kinit are behaving, it appears sshd is NOT creating a new
> login session for each user.
That's a Windows/Cygwin thingy. Cygwin's sshd creates a new logon
session only if you use password authentication. If you use pubkey
auth, you're still running in the logon session of the user running sshd
(typically "SYSTEM" or "LocalSystem" on XP). However, this behaviour
of sshd with pubkey auth is *not* under control of sshd, it's entirely
under control of Cygwin.
Workarounds which allow to use pubkey auth and to get a logon session
are available in the new Cygwin 1.7, which is in it's late beta test
phase. See http://cygwin.com/#beta-test
http://cygwin.com/1.7/cygwin-ug-net/cygwin-ug-net.html
http://cygwin.com/1.7/cygwin-ug-net/ntsec.html#ntsec-setuid-overview
Please send followup question concerning Cygwin to the Cygwin
mailing list, see http://cygwin.com/lists.html
Corinna
--
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
|
