sshd interaction with desktop not working

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

sshd interaction with desktop not working

Aijaz Baig
Hello

I am SSH'ing into a windows 10 box from a Linux box. I've configured
sshd on the windows box and I can properly SSH into it.

X11 forwarding also works perfectly after having installed Xming on
windows (not that it matters with this problem anyways).

However I am unable to open any windows application from the Linux
box. I would like to open the windows app locally in the windows box
(or to rephrase it, I do not need the UI windows to be opened on the
Linux box)

I am unable to figure out why it is not working even after selecting
"Allow service to interact with desktop". My goal is to invoke windows
app from ssh (Linux to Windows). Similar problems earlier were solved
by selecting this option but apparently they were on earlier version
of windows.

Or should I take a different approach? Am I barking at the wrong tree here??

I am keen to hear from input(s)
--

Best Regards,
Aijaz Baig

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: sshd interaction with desktop not working

Larry Hall (Cygwin)
On 2/9/2016 4:49 AM, Aijaz Baig wrote:

> Hello
>
> I am SSH'ing into a windows 10 box from a Linux box. I've configured
> sshd on the windows box and I can properly SSH into it.
>
> X11 forwarding also works perfectly after having installed Xming on
> windows (not that it matters with this problem anyways).
>
> However I am unable to open any windows application from the Linux
> box. I would like to open the windows app locally in the windows box
> (or to rephrase it, I do not need the UI windows to be opened on the
> Linux box)
>
> I am unable to figure out why it is not working even after selecting
> "Allow service to interact with desktop". My goal is to invoke windows
> app from ssh (Linux to Windows). Similar problems earlier were solved
> by selecting this option but apparently they were on earlier version
> of windows.
>
> Or should I take a different approach? Am I barking at the wrong tree here??
>
> I am keen to hear from input(s)

Wrong tree, yes.  Microsoft chopped down the tree you want and planted a new
one in its place.  In short, the restriction was introduced post-XP as it
is considered a security hole.  There have been sporadic subsequent reports
of success to this list but never a clear recipe for getting this to work
reliably.  And given that this is perceived as a security hole, I doubt
you'll find one that doesn't include some significant effort and/or
restrictions.  If you search around for "Windows station" and "Allow
service to interact with desktop", I think you'll find some relevant
information.


--
Larry

_____________________________________________________________________

A: Yes.
 > Q: Are you sure?
 >> A: Because it reverses the logical flow of conversation.
 >>> Q: Why is top posting annoying in email?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: sshd interaction with desktop not working

Aijaz Baig
In reply to this post by Aijaz Baig
Hello

I was able to see some "action" by turning the
"NoInteractiveSercvices" option OFF in the registry. So now when I try
to run notepad.exe from the ssh shell, it asks me whether I'd like to
see the "message" and when I click yes, I see some "window-like" thing
on the desktop at which point the desktop apparently hangs.

On prodding further, I realize that if I disable the windows service
which checks whether a certain service is trying to "interact", I see
nothing in the desktop and everything is just like it was before I
started this exploration.

Has anyone been able to get around this problem? On the other hand,
where can I get to read the log of the cygwin SSHD?? /var/log/sshd.log
is empty? where does CYGWIN sshd does the logging?? AFAIK it used to
be this file. Has that changed??

On Tue, Feb 9, 2016 at 3:19 PM, Aijaz Baig <[hidden email]> wrote:

> Hello
>
> I am SSH'ing into a windows 10 box from a Linux box. I've configured
> sshd on the windows box and I can properly SSH into it.
>
> X11 forwarding also works perfectly after having installed Xming on
> windows (not that it matters with this problem anyways).
>
> However I am unable to open any windows application from the Linux
> box. I would like to open the windows app locally in the windows box
> (or to rephrase it, I do not need the UI windows to be opened on the
> Linux box)
>
> I am unable to figure out why it is not working even after selecting
> "Allow service to interact with desktop". My goal is to invoke windows
> app from ssh (Linux to Windows). Similar problems earlier were solved
> by selecting this option but apparently they were on earlier version
> of windows.
>
> Or should I take a different approach? Am I barking at the wrong tree here??
>
> I am keen to hear from input(s)
> --
>
> Best Regards,
> Aijaz Baig



--

Best Regards,
Aijaz Baig

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: sshd interaction with desktop not working

Andrey Repin
Greetings, Aijaz Baig!

Please don't top-post, thank you.


> I was able to see some "action" by turning the
> "NoInteractiveSercvices" option OFF in the registry. So now when I try
> to run notepad.exe from the ssh shell, it asks me whether I'd like to
> see the "message" and when I click yes, I see some "window-like" thing
> on the desktop at which point the desktop apparently hangs.

> On prodding further, I realize that if I disable the windows service
> which checks whether a certain service is trying to "interact", I see
> nothing in the desktop and everything is just like it was before I
> started this exploration.

This is exactly what Larry has been referring to. Services are running in a
separate desktop session since Vista.
If you disable detection of such services showing GUI stuff, you will have no
access to that desktop.

> Has anyone been able to get around this problem? On the other hand,
> where can I get to read the log of the cygwin SSHD?? /var/log/sshd.log
> is empty? where does CYGWIN sshd does the logging?? AFAIK it used to
> be this file. Has that changed??

This is not a problem, this is a security feature.
If you desperately want to interact with user session, run SSHD in that user's
session.


--
With best regards,
Andrey Repin
Thursday, February 11, 2016 14:51:36

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: sshd interaction with desktop not working

mhallnh
Has anyone been able to get the CYGWIN sssd service to interact with the
Windows desktop?
If yes could you please reply back with the details on how you got it to
work.

Thanks,

Mitch Hall



--
Sent from: http://cygwin.1069669.n5.nabble.com/Cygwin-list-f3.html

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: sshd interaction with desktop not working

Andrey Repin
Greetings, mhallnh!

> Has anyone been able to get the CYGWIN sssd service to interact with the
> Windows desktop?
> If yes could you please reply back with the details on how you got it to
> work.

Re-read the message you were replying to. It contains the answer.


--
With best regards,
Andrey Repin
Saturday, March 17, 2018 05:41:23

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: sshd interaction with desktop not working

mhallnh
What's the answer?  That CYGWIN sshd can not interact with the Windows
desktop?



--
Sent from: http://cygwin.1069669.n5.nabble.com/Cygwin-list-f3.html

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: sshd interaction with desktop not working

R0b0t1
On Sat, Mar 17, 2018 at 2:47 PM, mhallnh <[hidden email]> wrote:
> What's the answer?  That CYGWIN sshd can not interact with the Windows
> desktop?
>

It can if it is run from the desktop, but I think it is started in the
privileged session for services. The problem with running it within a
desktop is that the session containing it must stay open. There is no
way to create sessions besides interacting with Terminal Services,
e.g. RDP.

If you need to interact with OS objects in a meaningful way you will
likely not be able to use Cygwin's bundled OpenSSH.

Cheers,
     R0b0t1

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: sshd interaction with desktop not working

mhallnh
I guess I'll go back to my original solution which is to use PsExec from
Sysinternals.

It's a little more complicated because you have to first run a script to
retrieve the Windows Session ID

This script works:
$username = 'mhall'
$results = psexec \\192.168.X.XXX query session
$id = $results | Select-String "$username\s+(\w+)" |
                 Foreach {$_.Matches[0].Groups[1].Value}


Then you can follow up by invoking the windows program (notepad in the
example below).
the 'i' switch is used to indicate that you want to interact with the
windows desktop

psexec \\192.168.X.xxx -u $username -i $id -d notepad.exe

pause



--
Sent from: http://cygwin.1069669.n5.nabble.com/Cygwin-list-f3.html

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: sshd interaction with desktop not working

R0b0t1
On Sun, Mar 18, 2018 at 8:52 AM, mhallnh <[hidden email]> wrote:

> I guess I'll go back to my original solution which is to use PsExec from
> Sysinternals.
>
> It's a little more complicated because you have to first run a script to
> retrieve the Windows Session ID
>
> This script works:
> $username = 'mhall'
> $results = psexec \\192.168.X.XXX query session
> $id = $results | Select-String "$username\s+(\w+)" |
>                  Foreach {$_.Matches[0].Groups[1].Value}
>
>
> Then you can follow up by invoking the windows program (notepad in the
> example below).
> the 'i' switch is used to indicate that you want to interact with the
> windows desktop
>
> psexec \\192.168.X.xxx -u $username -i $id -d notepad.exe
>
> pause
>

If you want to follow along with Microsoft's own effort/inability to
get this feature working in OpenSSH, see:

1) https://github.com/PowerShell/Win32-OpenSSH/issues/996
2) https://github.com/PowerShell/Win32-OpenSSH/issues/998

There is a comment in the latter where I mention SetTokenInformation,
which would allow OpenSSH to duplicate the functionality of PsExec or
parts of the Windows Management Interface.

Cheers,
     R0b0t1

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple