<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Chris,<br>
<br>
That suggestion worked. I also added in a longer 'sleep' because of
the time it takes a user to type in their PIN, then look at the
SecurID RSA token.<br>
Thanks, again, for the suggestion.<br>
<br>
PEV<br>
<br>
On 04/05/2012 07:13 AM, <a class="moz-txt-link-abbreviated" href="mailto:chris@ccburton.com">chris@ccburton.com</a> wrote:
<blockquote
cite="mid:OFE437F198.5C97E745-ON802579D7.003454FF-802579D7.003DA4DF@ccburton.com"
type="cite">
<br>
<tt><font size="2"><a class="moz-txt-link-abbreviated" href="mailto:freenx-knx-bounces@kde.org">freenx-knx-bounces@kde.org</a> wrote on 04/04/2012
18:38:29:<br>
<br>
> Members,<br>
> <br>
> I've been having issues with getting any of my NX clients
to properly
<br>
> authenticate against the FreeNX server on a remote
machine. I have
<br>
> enabled SSH only--per our security directives--because we
use SecurID
<br>
> PIN+token authentication for our SSH connections. Here's
the behavior
I <br>
> get when I use nxnode-login to test:<br>
> <br>
> [root@s4pt pam.d]# nxnode-login ssh pvirgo 22 nxnode
--check<br>
> can't read "expect_out(1,string)": no such variable<br>
> while executing<br>
> "set password $expect_out(1,string)"<br>
> (file "/usr/bin/nxnode-login" line 57)<br>
> [root@s4pt pam.d]#<br>
> <br>
> This would happen if I were to attempt to put in the
SecurID PIN+token
<br>
> combo, so I figured I was 'tripping' something that the
expect script
<br>
> couldn't handle, but then I went ahead--on a second
attempt--and typed
a <br>
> carriage return, and got this:<br>
> <br>
> root@s4pt pam.d]# nxnode-login ssh pvirgo 22 nxnode
--check<br>
> <br>
>
*******************************************************************************<br>
> * This US Government computer is for authorized users
only.
By <br>
> accessing *<br>
> * this system you are consenting to complete monitoring
with
no <br>
> expectation *<br>
> * of privacy. Unauthorized access or use may subject
you
to <br>
> disciplinary *<br>
> * action and criminal <br>
> prosecution.
*<br>
>
*******************************************************************************<br>
> Enter PASSCODE:<br>
> <br>
> which would make sense, but when typing the PIN+token, I
just get
the <br>
> characters echo'ed back and the prompt just sits there. I
feel like
I'm <br>
> closer to getting this working. Was wondering if anyone
had any <br>
> ideas/suggestions? Do I need to manipulate something
within the expect
<br>
> script portion somewhere?<br>
> <br>
> Thanks.<br>
</font></tt>
<br>
<br>
<tt><font size="2">Try editing nxnode-login, find the following
(about
line 72)</font></tt>
<br>
<br>
<br>
<tt><font size="2"> "Are
you sure you want to continue connecting (yes/no)?" { send
"yes\r"
}</font></tt>
<br>
<tt><font size="2"> "assword*:"
{ sleep 0.3; send "$password\r" }</font></tt>
<br>
<br>
<tt><font size="2">and ADD this line underneath:-</font></tt>
<br>
<tt><font size="2">
"Enter PASSCODE:" {
sleep 0.3; send "$password\r" }</font></tt>
<br>
<br>
<tt><font size="2">It might work. I don't have one to test.</font></tt>
<br>
<br>
<tt><font size="2">> <br>
> <br>
> <br>
> <br>
> -- <br>
> Paul E Virgo<br>
> Sr. System Administrator<br>
> Code 610<br>
> SESDA II - DAAC/DISC<br>
> Goddard Space Flight Ctr<br>
> Greenbelt, MD 20771<br>
> (301) 614-5751<br>
</font></tt></blockquote>
<br>
<pre class="moz-signature" cols="72">--
Paul E Virgo
Sr. System Administrator
Code 610
SESDA II - DAAC/DISC
Goddard Space Flight Ctr
Greenbelt, MD 20771
(301) 614-5751
</pre>
</body>
</html>