cygwin ssh windows domain auth

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I know this question has been asked a million times, but I would lke to know
if the answer is still the same.  I would like to set up an sshd that can
use windows domain acounts for authentication rather than a local user
database that needs to be maintained regularily.  I'm currently working with
cygwin/openssh to figure out a secure FTP solution.  As I see it my options
are to tunnel FTP which should leave the auth to the domain as usual, even
if it's just the control channel, or just connect to the SSH server with
SFTP clients if the auth can be against the domain.  It's not clear to me if
either of these are possible, but it seems like since cygwin supports GSSAPI
and Kerberos it should be able to use the domain accounts. claims the ability to auth against a domain, but i'm so
unfamiliar with some of these concept that I'm not sure if I'm interpreting

Can anyone help?


Re: cygwin ssh windows domain auth

Matt wrote:
Quoted text here. Click to load it

You might want to ask this one the cygwin mailing list too.

IIRC you just need to get the domain account into the cygwin passwd file
with mkpasswd. Have a look at cygwin's man page for that command and
especially the -d and -u (if you only want specific users) options.

You also might want to look at mkgroup.

To reply by email remove "_nospam"

Re: cygwin ssh windows domain auth

Quoted text here. Click to load it

But then the passwd file will get out of sync often.  Not only that we have
users from other domains that access FTP on our server.  I'm talking about
authenticating directly with the domain or forest.


Site Timeline