This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sshd only allows connection to local accounts


At 06:22 AM 10/15/2003, Corinna Vinschen you wrote:
>On Wed, Oct 15, 2003 at 05:08:47AM -0400, Fred Ma wrote:
>> Hello,
>> 
>> I followed the procedure of setting up sshd:
>> http://pigtail.net/LRP/printsrv/cygwin-sshd.html
>> 
>> I launch the sshd with an account that is part of
>> the administrator group (WinXP).  One peculiarity
>> about this account is that it is not a local
>> account i.e. when I log into Windows, I specify a domain
>> name other than the name of the local PC.
>> 
>> In order for sshd to respond to connection requests,
>> I did "mkpasswd -l > /etc/passwd".  This did not
>> allow me to connect to sshd from outside, since
>> "mkpasswd -l" only generates entries for local users.
>> 
>> Therefore, I used "mkpasswd -d", grepped my User ID
>> from the output, then appended it to /etc/passwd.
>> This didn't fix the problem.
>> 
>> To check that sshd allowed connections to local user
>> accounts, I created a local user account "Test" and
>> successfully connected to it via sshd from outside.
>> 
>> What more is required to allow ssh connections to
>> nonlocal user accounts?  I only have control over
>> the local PC.  Even here, I don't have absolute
>> control; for example, I can't login as "administrator",
>> but I can login to an account that is part of the
>> administrators group.
>
>You're assuming too much.  We don't know about your settings at all.
>What cygwin version?  What ssh version?  Password authentication or
>pubkey authentication?  What do you mean by "I launch the sshd with
>an account that is part of the administrator group"?  Does that
>mean you start sshd on the command line using that account?  Or does
>that mean you start an sshd service from the command line using that
>account?  Or do you mean the service runs under that account?  Etc.
>Please see http://cygwin.com/problems.html.
>
>Corinna


Also, instructions at <http://pigtail.net/> are unsupported by cygwin.com.
You're best bet is to uninstall, reinstall, and then follow the instructions
in /usr/share/doc/Cygwin/openssh-*.README.  If that doesn't help, then 
following Corinna's pointer above prior to contacting this list again is a 
wise step.  Alternatively, you could consult with the author of the 
instructions you followed.  They'd be a better resource for debugging their
prescribed installation than anyone on this list would be.




--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746                     


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]