[FreeNX-kNX] Server setup; no logging & command not found

chris at ccburton.com chris at ccburton.com
Sun Feb 23 10:54:37 UTC 2014 

freenx-knx-bounces at kde.org wrote on 22/02/2014 18:49:23:

>> So 
>> 
>> now you know 
>>          your nx account is fine 
>> and 
>>         nxserver is installed . . . 
>> which 
>>         should log you in as 
>>                  user "glen" 
>> provided 
>> your user "glen" account can log in 
>>          set in /etc/ssh/sshd_config) 
> I guess I don't quite understand why PasswordAuth needs to be 
> enabled in SSH. It does look like I'm logging in fine through SSH 
> (since the welcome message shows up in NX's client log).

NX uses s key pair for the user 
        nx
to set up an ssh "encrypted tunnel" to move your compressed
X session over the network.

It then logs in the normal user to ANOTHER LOCAL ssh
session using

         ssh PasswordAuthentication

from
the end of the tunnel on the NX server 
to
the same NX server  ie. ssh 127.0.0.1

The first ssh session uses user nx and the nx key pair
so
you add the nx key to the nxclient
and
don't worry about user nx 'cos the client knows

The second session uses
        your username (glen)
and
         glen's password on the FreeNX server
so
you put glen & glen's password into the nxclient
login entry fields.


You do NOT need your ssh key OR username nx
ANYWHERE for NXv3 login unless you have moved
away from the default login method

 
> I've tried enabling PasswordAuth anyways (and restarting the 
> machine), and here's the result:

> Pseudo-terminal will not be allocated because stdin is not a terminal.
> 
> Permission denied (publickey,password).

Different error. which user are you attemting to log ing in as??

         nx ??

> 
> And I'm entering the exact password I normally use to log into my 
> account on the machine.

OK , so what's new in the nx server log just after this attempt ??


>> Here's another annoying test to help you along 
>>> 
>> 1/ Add the nx private key (as a new key file) to your .ssh/ directory 
>>         in the same format as the other private keys. 
>>         Sounds like you generated your own pair 2me 
>> 
>> 2/ run 
>> 
>>         ssh  -l nx     -i ~/.ssh/new-nx-private-key.file your-server-IP 



> Alright, so I go to /var/lib/nxserver/home/default_keys (which is 
> where the key is stored, I believe).
> I copy the key named client.id_dsa.key dated at Mar 22 2012
> to ~/.ssh/nx_priv_key.dsa,
> then I run
> ssh -l nx -i ~/ssh/nx_priv_key.dsa 192.168.1.133.
> SSH continues to
> warn me about the authenticity of the server,

normal

> asks me if I want to continue (I say yes),
> says it was permanentlyadded to the list of known hosts,

normal

> warns me about an unprotected key file,
> warns that permissions are too open,
> then tells me that it will be ignored.

The key file will be ignored unless its mode 0700

> It then asks me for nx's password, of which I have no clue,

cos it can't use the (ignored) key file so it tries password

*** user nx should have NO password set ***


> so after trying my own password,
> I send a SIGINT to ssh and go about changing the permissions
> on the key file.

Well done

> I give myself (and only myself) read permissions on the new
> copy of the key file, and run the previous ssh command again.

well done again. I could list all these detail things but most
people already know or work or ask . . .

 
> At this point, the SSH welcome message is printed,

right

> and to my great surprise,

. . . but it's not surprising to me . . . 

You are now connected using the correct name(nx) and key pair.



*** You need this key for the nxclient. ***

copy it from the file into the entry field in the nx client


> nxserver says hello and gives me a prompt of its own!
> I don't know what to do at this point so I say "BYE".

You can at this point test log in as your user

( yup, another annoying test )

at that
         "NX > 105 " prompt
 ( your version will probably be different )
enter
         login <return>
expect
         "NX> 101 User:"
enter
         "glen" <return>
expect
        "NX> 102 Password:"

now enter user account "glen"'s password and return
(you still have PasswordAuthentication yes I hope )

expect
        "NX> 103 Welcome to: harrow user: glen
         NX> 105"

If you <return>  you will see a "quit" reply

eg.


HELLO NXSERVER - Version 3.2.0-73 OS (GPL, using backend: 3.5.0)           
 
NX> 105 login
login
NX> 101 User: glen
glen
NX> 102 Password:
NX> 103 Welcome to: servername user: glen
NX> 105

quit
Quit
NX> 999 Bye

> 
> Now, going back to the nomachine client on my windows computer, I 
> try logging in again over the ssh protocol with the nomachine login 
> and using the nxserver private key. I again attempt logging in with 
> my ubuntu user and password, although authentication fails once again:

> Pseudo-terminal will not be allocated because stdin is not a terminal.
> 
> Permission denied (publickey,password).
> Any further ideas?

Yup.

put the correct key ( for user nx ) into the client
with
your username and password ( glen, glen's password )


Have
        PasswordAuthentication yes
in ssh


Look in the log if it doesn't work and tell us what it says
for the session you just tried
( you may have another issue too )

Let us know how you get on . . 




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/freenx-knx/attachments/20140223/35833c52/attachment-0001.html>

More information about the FreeNX-kNX mailing list