Freenx

Tue Feb 15 11:28:18 UTC 2005

On 15 Feb 2005, at 06:32, Eric Tanguy wrote:

> Le mardi 15 février 2005 à 00:29 +0100, Felipe Alfaro Solana a écrit :
>> On 14 Feb 2005, at 22:48, Eric Tanguy wrote:
>>
>>> Anyone achieve to have freenx running fine on fc3? I got the sources
>>> from http://homepage.mac.com/felipe_alfaro/FileSharing10.html  and 
>>> made
>>> rpms without any problems. But when i want to connect from a windows
>>> client to my fc3 feenx server, i obtain :
>>> NX> 203 NXSSH running with pid: 2940
>>> NX> 285 Enabling check on switch command
>>> NX> 285 Enabling skip of SSH config files
>>> NX> 200 Connected to address: 192.168.1.12 on port: 22
>>> NX> 205 The authenticity of host 'bureau (192.168.1.12)' can't be
>>> established.
>>> RSA key fingerprint is 
>>> 86:7a:e2:c2:bb:fe:38:83:74:0e:b6:80:03:d0:43:81.
>>> Are you sure you want to continue connecting (yes/no)?
>>> Warning: Permanently added 'bureau' (RSA) to the list of known hosts.
>>> NX> 202 Authenticating user: nx
>>> NX> 208 Using auth method: publickey
>>> NX> 204 Authentication failed.
>>> Thanks
>>
>> You will need to tell your NX windows client to use they private key
>> that FreeNX created during installation. FreeNX creates a
>> private/public key pair, and stores the private key into
>> /var/lib/nxserver/nxhome/.ssh/client.id_dsa.key, and the public key
>> into /var/lib/nxhome/.ssh/authorized_keys2.
>>
>> You'll have to install the private key stored in
>> /var/lib/nxserver/nxhome/.ssh/client.id_dsa.key into your Windows NX
>> client. Don't have a clue on how to do this, but for the Linux NX
>> client is as simple as copying that file into
>> /usr/NX/share/client.id_dsa.key.
>>
>> To check public key authentication works, I run the following command
>> from the client machine:
>>
>> # ssh -i /usr/NX/share/client.id_dsa.key nx at server
>> Last login: Fri Feb 11 20:35:35 2005 from 192.168.0.90
>> HELLO NXSERVER - Version 1.4.0-02 OS_(GPL)
>> NX> 105 quit
>> quit
>> Quit
>> NX> 999 Bye
>>
> I have only one linux machine : the server. So i tried to ssh from the
> server to the server using :
>  ssh -i /var/lib/nxserver/nxhome/.ssh/client.id_dsa.key nx at server
> but the system ask me a password.
> It seems to not take care of the pubkey.
> May be a problem in sshd config ?

Maybe.
Could you please do the following?

1. cp /var/lib/nxserver/nxhome/.ssh/server.id_dsa.pub.key 
/var/lib/nxserver/nxhome/.ssh/authorized_keys2
2. chown nx:root /var/lib/nxserver/nxhome/.ssh/authorized_keys2
3. chmod 640 /var/lib/nxserver/nxhome/.ssh/authorized_keys2

If this doesn't work, you'll have to enable more verbose logging for 
the SSH server, by editing /etc/ssh/sshd_config and setting "LogLevel 
DEBUG", then restarting the SSH server. Next time, try to log in using:

ssh -vvv -i /var/lib/nxserver/nxhome/.ssh/client.id_dsa.key nx at localhost

And take a look at both the SSH server logs and the output for the ssh 
command.