[Samba] Trouble in ssh into Windows machines in the Windows/Samba Domain
nmingotti at gmail.com
Sun Apr 11 10:12:51 UTC 2021
On 4/10/21 8:20 PM, Rowland penny via samba wrote:
> It is Samba 14.4.2 , but this shouldn't matter, ssh has nothing to do
> with Samba unless you are using kerberos, and I am not.
Umm, Rowland you are at least 10 times more knowledgeable then me about
Samba and Windows.
I wouldn't rule out Samba is involved for this argument (it may be
bullshit, you know better). "Take the case of Linux, for example,
my domain users aren't definied in /etc/passwd, but are visible by
'getent passwd', which means
that every time somebody logs into a Linux box as domain user my system has
to talk to AD to understand what that user can do. That is the reason
why I suppose
Samba is involved anytime I am talking about Domain Users.
>> 2] Your domain configuration is different, in the smb.conf or a GPO
> Fairly stock smb.conf, no GPO's that have anything to do with ssh (are
> there any ?)
About 6 months ago I tried to achieve the same result I am trying now
It was a failure. After about a week of deep testing and searching I
have given up.
In that occasion GPO were fundamental, if I remember well, to let a user
another user. (sudo basically). I can look up details if you whish, it
should be in my notes.
Another little difference between our configuration is that my
the domain are called "adam1", "adam2" etc. I never use "Administator". That
can cause some different outcomes.
>> 3] If you didn't install SSH in the last two days you may be using a
>> release from the past which does not contain a bug.
> I am using the standard ssh you get by installing it via 'settings'
I think it would be better if we standardize our tests. For at least
1] Nobody knows what Microsoft did to OpenSSH
2] There isn't a Windows version of OpenSSH for Server 2016
3] There are now scripts to check user permissions in the new releases
=> In propose to use the latest OpenSSH from gitHub for further analysis.
>> The error I see i luckily reported by other people here:
> That is trying to use kerberos (That isn't publickey, it isn't any
> key) and I haven't troubleshooted that yet, perhaps tomorrow. One
> question I do have, does Windows use GSSAPI ?
I can't help you here, i am ignorant on this subject at the moment. I
may know more after some reaserch ;)
More information about the samba