Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Cygwin OpenSSH 5.1 login session per user

2 views
Skip to first unread message

pet...@bigfoot.com

unread,
Nov 10, 2009, 3:09:02 AM11/10/09
to
I'm using Cygwin OpenSSH 5.1 on a Windows XP SP3 system.

Is sshd supposed to create a new "login session" for each user that logs
in? Or, is there a way to force it to create a new "login session" for
each user that logs in?

Once logged in, I'm trying to use the Kerberos for Windows command line
utilities (klist/kinit), but I'm told by one of the KfW developers, each
user must be in it's own login session. From the way klist/kinit are
behaving, it appears sshd is NOT creating a new login session for each
user.
_______________________________________________
openssh-unix-dev mailing list
openssh-...@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

Corinna Vinschen

unread,
Nov 10, 2009, 4:52:07 AM11/10/09
to
On Nov 10 00:09, pet...@bigfoot.com wrote:
> I'm using Cygwin OpenSSH 5.1 on a Windows XP SP3 system.
>
> Is sshd supposed to create a new "login session" for each user that
> logs in? Or, is there a way to force it to create a new "login
> session" for each user that logs in?
>
> Once logged in, I'm trying to use the Kerberos for Windows command
> line utilities (klist/kinit), but I'm told by one of the KfW
> developers, each user must be in it's own login session. From the
> way klist/kinit are behaving, it appears sshd is NOT creating a new
> login session for each user.

That's a Windows/Cygwin thingy. Cygwin's sshd creates a new logon
session only if you use password authentication. If you use pubkey
auth, you're still running in the logon session of the user running sshd
(typically "SYSTEM" or "LocalSystem" on XP). However, this behaviour
of sshd with pubkey auth is *not* under control of sshd, it's entirely
under control of Cygwin.

Workarounds which allow to use pubkey auth and to get a logon session
are available in the new Cygwin 1.7, which is in it's late beta test
phase. See http://cygwin.com/#beta-test
http://cygwin.com/1.7/cygwin-ug-net/cygwin-ug-net.html
http://cygwin.com/1.7/cygwin-ug-net/ntsec.html#ntsec-setuid-overview

Please send followup question concerning Cygwin to the Cygwin
mailing list, see http://cygwin.com/lists.html


Corinna

--
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat

0 new messages