[FreeNX-kNX] freenx ssh key question on CENTOS 5.8

Akemi Yagi amyagi at gmail.com
Tue May 8 17:50:50 UTC 2012 

On Tue, May 8, 2012 at 10:24 AM,  <chris at ccburton.com> wrote:
>
> freenx-knx-bounces at kde.org wrote on 08/05/2012 16:47:36:

>> I am on CentOS 5.8 (32-bit PAE) and I followed the instructions here:
>>
>> http://wiki.centos.org/HowTos/FreeNX
>
> PASSDB
>
> Oh yes, that does use
>
>          /etc/nxserver/users.id_dsa
>
> to connect ordinary users via ssh localhost instead of
> using password.
>
> The code just runs it as a default when
>
>          $LOGIN_METHOD = PASSDB
>
> so I hadn't correctly worked out how it came to be executed
> (and I've never bothered with it)
>
> The code is a bit complicated.
>
> But
> the "nx" user which sets up the ssh "tunnel" needs
>
>         /var/lib/nxserver/home/.ssh/client.id_dsa.key
>
> in nxclient.
>
>>
>> It makes no mention of "nxsetup --install"

Right, this is not needed for CentOS.

> The date on the HTML is:-
>
> "HowTos/FreeNX (last edited 2012-05-02 13:10:54
>          by <span title="christophgaluschka @ misterx.tiwag.at"

The page was recently updated by CentOS developer Karanbir Singh.

> but there is stuff from 2006 still in there.
>
> Look at :-
>
> https://www.centos.org/modules/newbb/viewtopic.php?topic_id=32959
>
> This show nxsetup --install being run

Please do not look at that old forum thread. :-)  I have just updated
it so people do not follow the instructions there and also added a
link to the CentOS wiki page.

> And look here :-
>
> http://www.kernelhardware.org/how-to-setup-freenx/
>
>
> This says the key is in
>
>         /var/lib/nxserver/home/.ssh/client.id_dsa.key
>
> on centos

> QUOTE
>
> freeNX SSH Keys configuration:
>
> In order for freeNX to function securely we need to copy the ssh key from
> the remote server system to the local machines NoMachine client software.
>
> On the remote server system copy the client.id_dsa.key contents (including
> the —BEGIN— and —- END— lines):
>
> # cat /var/lib/nxserver/home/.ssh/client.id_dsa.key
>
> UNQUOTE

I was not aware of this article. CentOS users should stick to the
CentOS wiki article because the info there can be properly maintained.
Any place outside cannot be updated by CentOS admins/users.

Akemi / toracat

More information about the FreeNX-kNX mailing list