我在带有.NET 1.1的Windows XP Professional机器上安装了signtool.exe。属性对话框中显示的版本为5.2.3790.2568。
我也在同一台机器上安装了Cygwin和OpenSSH。无论如何,当我在本地运行该工具时 - 一切正常,请观察:
D:\WORK\workspace>type 1.cmd
d:\work\workspace\VE\CodeSign\signtool.exe sign /f d:\work\workspace\VE\CodeSign\Shunra.pfx /p "shunrail" /t http://timestamp.verisign.com/scripts/tim
stamp.dll /du "www.shunra.com" /v "d:\work\workspace\VE\ShunraInstallationServices\lib\net\Release\ShunraInstallationServices.dll"
D:\WORK\workspace>1.cmd
D:\WORK\workspace>d:\work\workspace\VE\CodeSign\signtool.exe sign /f d:\work\workspace\VE\CodeSign\Shunra.pfx /p "shunrail" /t http://timestamp.verisi
gn.com/scripts/timstamp.dll /du "www.shunra.com" /v "d:\work\workspace\VE\ShunraInstallationServices\lib\net\Release\ShunraInstallationServices.dll"
The following certificate was selected:
Issued to: Shunra Software Ltd.
Issued by: VeriSign Class 3 Code Signing 2009-2 CA
Expires: 6/3/2013 1:59:59
SHA1 hash: DE4A79909D95FCFB16DA8BFE4251C5FC88659FFA
Done Adding Additional Store
Attempting to sign: d:\work\workspace\VE\ShunraInstallationServices\lib\net\Release\ShunraInstallationServices.dll
Successfully signed and timestamped: d:\work\workspace\VE\ShunraInstallationServices\lib\net\Release\ShunraInstallationServices.dll
Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
D:\WORK\workspace>
现在,我尝试通过SSH从另一台机器运行相同的命令。观察:
markk@Dev-Builder /cygdrive/d
$ ssh builder@vm-builder /cygdrive/c/WINDOWS/system32/cmd.exe /c d:\\\\WORK\\\\workspace\\\\1.cmd
C:\cygwin\home\builder>d:\work\workspace\VE\CodeSign\signtool.exe sign /f d:\work\workspace\VE\CodeSign\Shunra.pfx /p "s
hunrail" /t http://timestamp.verisign.com/scripts/timstamp.dll /du "www.shunra.com" /v "d:\work\workspace\VE\ShunraInsta
llationServices\lib\net\Release\ShunraInstallationServices.dll"
Number of files successfully Signed: 0
Number of warnings: 0
Number of errors: 1
SignTool Error: IStore2::Load returned error: 0x80090345
The requested operation requires delegation to be enabled on the machine.
SignTool Error: An error occurred while attempting to load the signing
certificate from: d:\work\workspace\VE\CodeSign\Shunra.pfx
markk@Dev-Builder /cygdrive/d
$
两种情况下使用的用户都是相同的。的确,在第一台机器上:
D:\WORK\workspace>echo %USERNAME% %USERDOMAIN%
builder SHUNRANET
D:\WORK\workspace>c:\utils\PsLoggedon.exe
PsLoggedon v1.34 - See who's logged on
Copyright (C) 2000-2010 Mark Russinovich
Sysinternals - www.sysinternals.com
Users logged on locally:
11/21/2011 4:53:01 SHUNRANET\builder
No one is logged on via resource shares.
D:\WORK\workspace>
现在在第二台机器上通过SSH发出相同的命令:
markk@Dev-Builder /cygdrive/d
$ ssh builder@vm-builder /cygdrive/c/WINDOWS/system32/cmd.exe /c echo %USERNAME% %USERDOMAIN%
builder SHUNRANET
markk@Dev-Builder /cygdrive/d
$ ssh builder@vm-builder /cygdrive/c/utils/PsLoggedon.exe
Users logged on locally:
11/21/2011 4:53:01 SHUNRANET\builder
No one is logged on via resource shares.
PsLoggedon v1.34 - See who's logged on
Copyright (C) 2000-2010 Mark Russinovich
Sysinternals - www.sysinternals.com
markk@Dev-Builder /cygdrive/d
$
发生了什么事?
我已将pause
命令插入1.cmd批处理文件,该文件允许我在Process Explorer中打开相应cmd.exe进程的属性对话框。 “安全”选项卡为本地运行的cmd.exe讲述的故事与通过SSH远程运行的cmd.exe的故事不同。
本地运行的cmd.exe的“安全”选项卡(我不得不连接权限值,因为UI不允许调整窗口的那一部分):
现在,cmd.exe的同一对话框从另一台计算机通过SSH运行:
答案 0 :(得分:1)
我找到了帖子 Re: Cygwin ssh session privileges differ from console privileges? ,其中声明:
底线是,如果您需要所有用户的访问权限使用 密码验证
事实上,在我更改目标计算机上的ssh配置以询问用户密码后,signtool.exe成功。