win_pageant fails when running as Administrator and PAgeant is running as UAC-limited account #98

jaraco opened this Issue Oct 24, 2012 · 3 comments


None yet

2 participants

jaraco commented Oct 24, 2012

I've adopted Windows 8, which is much more aggressive about requiring UAC (i.e. some apps refuse to run unless UAC is enabled). As a result, I've started using UAC, and I'm running into issues with interprocess communication, such as win_pageant uses for communicating with PAgeant. This is one such issue.

When one invokes win_pagent when running as Administrator (but with PAgeant running as the UAC limited user), it fails to communicate with the process:

PS C:\Users\jaraco> python -c "import ssh.agent; ssh.agent.Agent()"
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "C:\Users\jaraco\AppData\Roaming\Python\Python27\site-packages\ssh-1.7.13-py2.7.egg\ssh\", line 323, in __init__
  File "C:\Users\jaraco\AppData\Roaming\Python\Python27\site-packages\ssh-1.7.13-py2.7.egg\ssh\", line 70, in _connect
    ptype, result = self._send_message(chr(SSH2_AGENTC_REQUEST_IDENTITIES))
  File "C:\Users\jaraco\AppData\Roaming\Python\Python27\site-packages\ssh-1.7.13-py2.7.egg\ssh\", line 87, in _send_message
    l = self._read_all(4)
  File "C:\Users\jaraco\AppData\Roaming\Python\Python27\site-packages\ssh-1.7.13-py2.7.egg\ssh\", line 95, in _read_all
    raise SSHException('lost ssh-agent')
ssh.SSHException: lost ssh-agent

Run the same command in the same environment, but as a limited user, and it does not fail. Reverse the roles (run ssh.agent.Agent in a limited context with PAgeant as an Administrator), and it fails similarly.

I've confirmed that pscp (PuTTY's implementation of scp) is able to get keys from the PAgeant even in this situation (where pscp is running as Administrator but PAgeant is not). Therefore, it should be possible for the ssh library to do the same.

I expect I own this ticket, so I will investigate. Any tips appreciated.

jaraco commented Oct 24, 2012

I found this code which has comments specifically addressing this issue. I'll work on porting the details to paramiko.

@jaraco jaraco added a commit to jaraco/paramiko that referenced this issue Nov 1, 2012
@jaraco jaraco Initial work toward setting security attributes on the memory-mapped …
…file used to communicate with PAgeant (per issue #98).
jaraco commented Nov 1, 2012

I've started work on this in this issue in this branch. It appears as if quite a bit of functionality will need to be implemented in C or c-types or called from pywin32, because mmap doesn't provide an interface for specifying the security identifier (SID), and the reference implementation makes quite a few API calls in order to implement creating the memory-mapped file under the user's own SID.

@jaraco jaraco added a commit to jaraco/paramiko that referenced this issue Nov 23, 2012
@jaraco jaraco Create the memory map with the security attributes for the current us…
…er (rather than the default) to avoid permissions failures when the client and the agent run in different UAC contexts. Fixes #98.

See #112 for further discussion.

@bitprophet bitprophet closed this Mar 19, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment