This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Can't login to Cygwin SSH server with domain account


I am running Cygwin SSH server under local cyg_server account, and I can't login with domain accounts (using password). Connection and authentication succeed, from what I can tell, but then the server immediately closes connection:

        $ ssh domaintest@localhost
        domaintest@localhost's password:
        Last login: Fri May 13 13:14:44 2016 from ::1
        Connection to localhost closed.

The only clue in server log is "Received SIGCHLD" message:

        debug1: Allocating pty.
        debug1: session_pty_req: session 0 alloc /dev/pty3
        debug1: server_input_channel_req: channel 0 request shell reply 1
        debug1: session_by_channel: session 0 channel 0
        debug1: session_input_channel_req: session 0 req shell
Starting session: shell on pty3 for domaintest from ::1 port 49287 id 0
        debug1: Setting controlling tty using TIOCSCTTY.
        debug1: Received SIGCHLD.
        debug1: session_by_pid: pid 3464

At the same time, logins into local accounts do work.
When I switch the service to run under domain account instead, the opposite happens - I can log in with domain accounts, but cannot login using local accounts anymore. Only in that case, the error is different:

    /bin/bash: Operation not permitted

In all cases, it looks like authentication succeeds, but then some privileges don't match up.

https://cygwin.com/ml/cygwin/2010-01/msg00334.html talks about similar problem in relation to passwordless logons, and says that in order to ssh into domain accounts, I also have to run the service under domain account. That makes sense, however I am using password logons, which theoretically should work in all cases, as far as I understand.

Ideally, I'm looking for SSH setup where both local and domain users can login. Is that even possible ?




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]