RE: Ssh running on windows

Welsh, Armand <> scribbled on Monday, June 25, 2007 4:06 PM:

Solved the problem, I think it just needed more than the default five minutes to synch between the DC:s. It works now.

Instead I have another problem...

Using WinSCP to transfer files, when the user clicks the "/" button on the remote server, they're allowed to see the contents of <c.\program files\openssh>. What's worse is that they can even view the contents of the passwd-file. I don't think that is such a good idea to allow regualr users.

I finally managed to disallow users from at least seeing the contents of the etc-folder. Disallowing them from seeing the other folders like bin, and thus the makepasswd.exe and makegroup.exe executables, disables the user from logging in at all.

Is there any way to make a nicer and cleaner thing hiding stuff, than the solution I already have?

> I am not sure, but I think you have to grant the user the login local right
> to the server. Can anyone confirm this?
>
> Armand
>
>
> Armand Welsh
> --------------------------
> Sent from my BlackBerry Wireless Handheld
>
>
> ----- Original Message -----
> From: ssh@erdelynet.com <ssh@erdelynet.com>
> To: ssh@erdelynet.com <ssh@erdelynet.com>
> Sent: Sun Jun 24 06:01:27 2007
> Subject: Ssh running on windows
>
> Hi all,
>
> I set up ssh on a win2k3-server according to instructions from
> sshwindows.sourceforge.net, in order to allow a few users to connect
> securely
> to my ftp-server.
>
> Upon connecting with WinSCP from a client to the server, it works if I use
> an (domain) admin account, but not a regular (domain user) account. I get
> as far
> as being asked to re-enter the password. On entering it and pressing ok, I
> get
> asked to enter password again. A bit strange.
>
> Am I missing anything?
>
> Group and passwd files created and looks ok as far as I can tell. Have also
> checked that the right port is being used(22), using the right password and
> user-id and connecting to right server-ip. The opensshd-service is installed
> and started.
>
> Can anybody give me a hint as to what might be wrong?
>
> Thank you in advance.
>
> --
>
> BW
> Sorin
> ---------------------------------------------
> http://home-skynet.servehttp.com/
> Public GPG-key: http://http://home-skynet.servehttp.com/files/GPG
> Still a proud member of TEAM OS/2.
> Mountainbiker [Kona Kilauea - Member of Equipe Les Cafards VTT]
> Motorcyclist [BMW R100RT-'91]
> MCSE, MCP+I, MCP, A+ [Knowledge is power!]
> ---------------------------------------------
>
> () ascii ribbon campaign - against html e-mail
> /\
>
>
>
>
> --
> List Info: http://erdelynet.com/ssh-l/
> List Archives: http://erdelynet.com/archive/ssh-l/
> To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com

--
List Info:      http://erdelynet.com/ssh-l/
List Archives:  http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com