Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Dwight Schauer wrote: > The user for cgywin sshd on ws2k3 defaults to "sshd_server", not "SYSTEM". > In order for key based password-less logins to work on ws2k3 sygwin/sshd, a > user other than "SYSTEM" must be used. Vista has the same issue, but I > don't > plan be running my cvsnt server on Vista any time soon. Cygwin just need to use a proper LSA library in the same way that cvsnt does it (in fact there's nothing to stop them using the CVSNT one really). I'm very surprised they got the old method to work at all in vista - MS are supposed to have removed the undocumentated APIs from the public interface. This was a solved problem years ago - it's not a cvsnt issue. > If it were up to me (and I know it is not) I'd rather see the GetUserNameA > call removed all together, and the user name gotten from the environment > all > the time, but there may be other reasons why GetUserNameA is is being used. That would be a security breach. You can't just have any username in there because you can't trust the environment in which the server runs. It's very difficult to start something as SYSTEM unless you're already the administrator, so in that case you have a (limited) trust of the environment. For any other user that is not guaranteed to be true. In the same way 'sshd_server' is not a guaranteed secure user and cannot be safely added as an exception. Tony