On Nov 10 00:09, petesea at bigfoot.com wrote:> I'm using Cygwin OpenSSH 5.1 on a Windows XP SP3 system.
>
> Is sshd supposed to create a new "login session" for each user
that
> logs in? Or, is there a way to force it to create a new "login
> session" for each user that logs in?
>
> Once logged in, I'm trying to use the Kerberos for Windows command
> line utilities (klist/kinit), but I'm told by one of the KfW
> developers, each user must be in it's own login session. From the
> way klist/kinit are behaving, it appears sshd is NOT creating a new
> login session for each user.
That's a Windows/Cygwin thingy. Cygwin's sshd creates a new logon
session only if you use password authentication. If you use pubkey
auth, you're still running in the logon session of the user running sshd
(typically "SYSTEM" or "LocalSystem" on XP). However, this
behaviour
of sshd with pubkey auth is *not* under control of sshd, it's entirely
under control of Cygwin.
Workarounds which allow to use pubkey auth and to get a logon session
are available in the new Cygwin 1.7, which is in it's late beta test
phase. See http://cygwin.com/#beta-test
http://cygwin.com/1.7/cygwin-ug-net/cygwin-ug-net.html
http://cygwin.com/1.7/cygwin-ug-net/ntsec.html#ntsec-setuid-overview
Please send followup question concerning Cygwin to the Cygwin
mailing list, see http://cygwin.com/lists.html
Corinna
--
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat