We are using CopSSH on a domain connected MS windows 2008 server system. The access permissions on this system are governed by a domain group policy and are very restricted.
CopSSH installer is creating a local administrator account to run the SSH service. Initially it is all working fine after the configuration. But when the group policy getting enforced on the box, we are getting “Fatal: seteuid 10000: Operation not permitted” error messages when we attempt to connect from Linux client.
Our security team confirmed that SvcCopSSH local administrator account cannot be excluded from the domain group policy. Instead, they requested us to provide them with a list of specific rights and permissions that are required by the SvcCopSSH user to be able to run the SSH service. Once we provide them the list to them, they can assign those rights and permissions manually to SvcCopSSH user.
Has anyone got a list of required permissions and rights required by a non-administrative user to be able to run the CopSSH service on MS Windows 2008 server operating system ?
We have created a FAQ about the issue - Which user privileges are required by a Copssh service account ?
Copssh requires a service account with local admin privileges for proper operation.