Unable ssh login using Windows Domain account using password autheationntic

We are currently using Cygwin 1.5.12-1 on our Windows 2000 Domain as the ssh server for our PCs.  1.5.12-1 ssh allows us to log into the domain PCs remotely using our domain accounts.  I installed Cygwin 1.5.19-4 on one system and find that when I remotely log in using a domain account the native Windows "whoami" command reports my identity as "NT AUTHORITY\SYSTEM".  When I remotely ssh log in on the same system using a local account I see the correct identity.  All logins are using manually entered passwords.  I used the following commands to create the passwd and group files:

mkpasswd -l > /etc/passwd
mkpasswd -d  >> /etc/passwd
mkgroup -l > /etc/group
mkgroup -d >> /etc/group

I configured ssh to use the sshd privilege separation account and specified "ntsec binmode tty".  The sshd server is configured to logon as the local system account.  What changes do I need to make to allow 1.5.19-4 to support logons using our domain account like 1.5.12-1 can?  Thanks in advance for any help that you can provide.

Also, I have noticed that an "id -G" in 1.5.12-1 produces the same output when logged in locally and thru an ssh session, while in 1.5.19-4 it produces different output for the two types of logon.

David Perdue


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

On Wed, 22 Feb 2006, Perdue, Dave T. wrote:

<http://cygwin.com/acronyms/#PCYMTWLL>.  Thanks.

You did everything correctly, except: your default domain may not be the
domain you're logging into.  "mkpasswd/mkgroup -d" use the default domain.
You might want to explicitly specify the domain name on the command line,
like this: "mkpasswd -d YOURDOMAIN >> /etc/passwd", and similarly for
mkgroup.
HTH,
        Igor
--
                                http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_    pechtcha@... | igor@...
ZZZzz /,`.-'`'    -.  ;-;;,_ Igor Peshansky, Ph.D. (name changed!)
     |,4-  ) )-,_. ,\ (  `'-' old name: Igor Pechtchanski
    '---''(_/--'  `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
"But no -- you are no fool; you call yourself a fool, there's proof enough in
that!" -- Rostand, "Cyrano de Bergerac"

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

On Feb 22 12:51, Perdue, Dave T.  CIV NAVAIR 5.4.3, Bldg 2035, Rm 205, Cube 200 wrote:
> We are currently using Cygwin 1.5.12-1 on our Windows 2000 Domain as
> the ssh server for our PCs.  1.5.12-1 ssh allows us to log into the
> domain PCs remotely using our domain accounts.  I installed Cygwin
> 1.5.19-4 on one system and find that when I remotely log in using a
> domain account the native Windows "whoami" command reports my identity
> as "NT AUTHORITY\SYSTEM".

That's normal for public key authentication (as noted on this list
zillions of times) and it's a bug in case of password authentication,
which is supposed to be fixed in recent developer snapshots (download
from http://cygwin.com/snapshots/) and eventually in 1.5.20.


Corinna

--
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

        I installed "cygwin-inst-20060222.tar.bz2" from http://cygwin.com/snapshots/ into a fresh install of 1.5.19-4, rebooted, and still have the same issue.  When I use ssh (using a PASSWORD) to remotely log into this system with a local account the native whoami.exe properly shows my identity.  When I remotely log in (still using a PASSWORD) with a domain account the native whoami shows my identity as NT AUTHORITY\SYSTEM.  This does work properly under 1.5.12-1 on the same system.  All help is greatly appreciated.

David Perdue

 

-----Original Message-----
From: cygwin-owner@... [mailto:cygwin-owner@...]On Behalf
Of Corinna Vinschen
Sent: Wednesday, February 22, 2006 13:39
To: cygwin@...
Subject: Re: Unable ssh login using Windows Domain account using
password autheationntic


On Feb 22 12:51, Perdue, Dave T.  CIV NAVAIR 5.4.3, Bldg 2035, Rm 205, Cube 200 wrote:
> We are currently using Cygwin 1.5.12-1 on our Windows 2000 Domain as
> the ssh server for our PCs.  1.5.12-1 ssh allows us to log into the
> domain PCs remotely using our domain accounts.  I installed Cygwin
> 1.5.19-4 on one system and find that when I remotely log in using a
> domain account the native Windows "whoami" command reports my identity
> as "NT AUTHORITY\SYSTEM".

That's normal for public key authentication (as noted on this list
zillions of times) and it's a bug in case of password authentication,
which is supposed to be fixed in recent developer snapshots (download
from http://cygwin.com/snapshots/) and eventually in 1.5.20.


Corinna

--
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

On Wed, Feb 22, 2006 at 04:56:31PM -0500, Perdue, Dave T.  CIV NAVAIR 5.4.3, Bldg 2035, Rm 205, Cube 200 wrote:
>I installed "cygwin-inst-20060222.tar.bz2" from
>http://cygwin.com/snapshots/ into a fresh install of 1.5.19-4,
>rebooted, and still have the same issue.  When I use ssh (using a
>PASSWORD) to remotely log into this system with a local account the
>native whoami.exe properly shows my identity.  When I remotely log in
>(still using a PASSWORD) with a domain account the native whoami shows
>my identity as NT AUTHORITY\SYSTEM.  This does work properly under
>1.5.12-1 on the same system.  All help is greatly appreciated.

Following the guidelines at http://cygwin.com/problems.html would
probably be instructive.

cgf

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/