[K12OSN] I can't log in into LDM | SL 6.1 thin client image
Radek Bursztynowski
radek at bursztynowski.waw.pl
Sun Jul 21 19:48:51 UTC 2013
Emil,
Many thanks for your ltsp-update-sshkeys script correction. Now I can
log in into SL 6.1 thin client image (K12Linux 5.2) on CentOS 6.4
x86_64.
Best regards,
Radek
===
> Hi all,
>
>
> I've found the "ltsp-update-sshkeys" script failing on CentOS 6.4.
> Reason is, script attempts to create keys for rsa, dsa and ecdsa while
> the last one (ecdsa) is not available in this distro.
> One may install ecdsa, however I've failed to find it. Disregarding
> that I would suggest to fix the script making it a bit smarter about
> what is possible in the system where it is running.
>
>
> Assuming, that list of the private key files stored in /etc/ssh
> resembles what is possible in the system (each file is created using
> different algorithm), one may derive names
> from /etc/ssh/ssh_host_*_key files.
> Simple "diff" of old and new files presents the change I do suggest:
> 84a85,87
> > # Use ciphers known to the local system
> > KNOWN_ALGO=$(for fn in /etc/ssh/ssh_host_*_key; do echo `basename
> $fn`; done | awk -F_ '{if(FNR>1)printf ",";printf $3}')
> >
> 93c96
> < ssh-keyscan -t dsa,rsa,ecdsa ${PORT:+-p $PORT} "$@" 2>&1 >"$EXPORT"
> |
> ---
> > ssh-keyscan -t "${KNOWN_ALGO}" ${PORT:+-p $PORT} "$@" 2>&1
> >"$EXPORT" |
>
> With above fix applied, script is using what is available and creates
> keys. It will use ecdsa (or any other algorithm) if it might ever been
> installed later and appropriate private key file will get created,
> without need to fix it again.
>
>
> For your convenience, both - diff file and modified script are
> attached.
>
>
> Kind regards
> Emil Krotki
> EkroTech
> PL: +48 693 463 115
>
>
>
> -------- Original Message --------
> Subject: Re: [K12OSN] I can't log in into LDM | SL 6.1 thin
> client image
> From: Radek Bursztynowski <radek at bursztynowski.waw.pl>
> Date: Fri, July 12, 2013 1:14 pm
> To: "Support list for open source software in schools."
> <k12osn at redhat.com>
>
> Baryy,
>
> It could be that I don't understand you exactly, so let me
> present my steps:
>
> 1. I log into my server as a root and I deleted all files
> from /tmp directory.
> 2. I rebooted my thin client.
> 3. I switched SCREEN on my thin client to xtermm.
> 4. Then: ssh -X user at my_server
> 5. I logged into my server (I accepted certificate). Next I
> exited.
> 6. From my thin client (still xterm SCREEN)I made:
> # su -
> # ssh -X root at my_server (I accepted certificate), and I logged
> into, next I exited.
> 7. I switched SCREEN to LDM.
> 8. Now I can log into as a regular user and root.
>
> But it is temporary success because after rebooting thin
> client I lose certificate and still I couldn't log into.
>
> How to save proper set-up?
>
> Radek
>
> ---
> Radek,
>
> On your server browse to the /tmp folder.
> Delete all files ( as root) within the /tmp folder.
> After deleting these files try and log into a thin client as a
> regular
> user.
> Also as a backup..try logging into a thin client as root and
> see if root
> can do a log in to a thin client to your SL(older) image.
>
> Barry
>
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>;
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
More information about the K12OSN
mailing list