<div id="reply-content">
It's possible to use openssh client with a patched nxproxy.</div><div id="reply-content">This patch redirects the nx connection to stdin.</div><div id="reply-content"><br></div><div id="reply-content">Otherwise I don't think it's possible, because you can't</div><div id="reply-content">create a port forward on an existing connection.</div><div id="reply-content">The port forward is static and the nxagent port is not</div><div id="reply-content">defined <span class="Apple-style-span" style="-webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469); ">by the time the connection is made.</span></div><div id="reply-content"><br></div><div id="reply-content">With python-paramiko you can create tunnels dynamically.</div><div id="reply-content">Maybe some java ssh library has support for this too.</div><div id="reply-content"><br></div><div id="reply-content">Regards.</div><div id="reply-content">Marcelo</div>
<p style="color: #A0A0A8;">On Saturday, 7 de July de 2012 at 04:56, Julio Carlos Barrera Juez wrote:</p><blockquote type="cite"><div>
<div id="quoted-message-content"><div>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: x-small;">
Ok,
<div><br>
</div>
<div>it is very easy, I want to establish an encrypted NX session without 'nxssh', only openssh client. I achieve all the process until the switch to the SSL tunnel. I want to construct this tunnel using 'ssh -L'. Is it possible? If it was, it would be easy
to use any SSH client.</div>
<div><br>
</div>
<div>Thank you!<br>
<div style="font-family: Times New Roman; color: #000000; font-size: 16px">
<hr tabindex="-1">
<div id="divRpF417136" style="direction: ltr; "><font face="Tahoma" size="2" color="#000000"><b>De:</b> freenx-knx-bounces@kde.org [freenx-knx-bounces@kde.org] en nombre de Jean Milot [jmilot@dotriver.eu]<br>
<b>Enviado:</b> viernes, 06 de julio de 2012 15:36<br>
<b>Para:</b> freenx-knx@kde.org<br>
<b>Asunto:</b> Re: [FreeNX-kNX] establish a encrypted NX session using an alternative SSH client<br>
</font><br>
</div>
<div>Hi,<br>
<br>
I would like to help you but can you give more informations or tell us how to try what you have done.<br>
<br>
<br>
<br>
Le 06/07/2012 15:14, Julio Carlos Barrera Juez a écrit :
<blockquote type="cite"><div>
<div>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">Hi again!</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">I have debugged the scenario a little bit more and I noticed that the local ‘nxproxy’ didn’t receive any data from the remote one. The SSL port forwarded tunnel is well established because I have
tested it separately. But anyway the local ‘nxproxy’ remains in a the ‘ProxyStage’ called ‘stage_waiting_proxy_version’. It is the one after stage ‘stage_connected’. Then it seems the tunnel was not well established… a contradiction.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">I need some help with that, for sure.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">Thank you!</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid #B5C4DF
1.0pt; padding:3.0pt 0cm 0cm 0cm">
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><b><span lang="EN-GB" style="font-size:10.0pt; font-family:"Tahoma","sans-serif"">De:</span></b><span lang="EN-GB" style="font-size:10.0pt; font-family:"Tahoma","sans-serif"">
<a href="mailto:freenx-knx-bounces@kde.org" target="_blank">
freenx-knx-bounces@kde.org</a> [<a href="mailto:freenx-knx-bounces@kde.org" target="_blank">mailto:freenx-knx-bounces@kde.org</a>]
<b>En nombre de </b>Julio Carlos Barrera Juez<br>
<b>Enviado el:</b> viernes, 06 de julio de 2012 14:03<br>
<b>Para:</b> User Support for FreeNX Server and kNX Client<br>
<b>Asunto:</b> Re: [FreeNX-kNX] establish a encrypted NX session using an alternative SSH client</span></p>
</div>
</div>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">Hi again, I have noticed that remote ‘nxagent’ is listening on the correct port and when local ‘nxproxy’ starts the connection is established. But the session fails after 1 minute. It seems that
a negotiation between both is not well done. I invoke the ‘nxproxy’ by the same way with ‘nxssh’ and with my custom program and SSL port forwarded tunnel, the it must be a negotiation failure.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">The ‘nxnode’ log shows me the failure, but not the reason:
</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">…</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">06.07 13:49:49: node_start_agent (8225): Wait for NODE_AGENT_PID (8524)</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">06.07 13:50:35: node_start_agent (8225): NODE_AGENT_EXIT_STATUS = "1"</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">06.07 13:50:35: node_start_agent (8225): close session</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">06.07 13:50:35: node_start_agent (8225): NODE_FAILED = "failed"</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">…</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">And the session log shows a failure with the display, but I don’t understand why:</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">NXAGENT - Version 3.5.0</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">Copyright (C) 2001, 2011 NoMachine.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">See <a href="http://www.nomachine.com/" target="_blank">
http://www.nomachine.com/</a> for more information.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">Info: Agent running with pid '8524'.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">Session: Starting session at 'Fri Jul 6 13:49:32 2012'.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">Info: Proxy running in server mode with pid '8524'.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">Info: Waiting for connection from '127.0.0.1' on port '6011'.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">Info: Accepted connection from '127.0.0.1'.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">Info: Aborting the procedure due to signal '1'.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">Error: Aborting session with
<b>'Unable to open display</b> 'nx/nx,options=/home/logoff/.nx/C-Virtual-Xubuntu-2011-2759B7A3A04A7A53439B9CD1E7ED183E/options:2011''.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">Session: Aborting session at 'Fri Jul 6 13:50:32 2012'.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D">Session: Session aborted at 'Fri Jul 6 13:50:32 2012'.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="font-size:8.0pt; color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">What I’m doing bad?</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D">Thank you!</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB" style="color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid #B5C4DF
1.0pt; padding:3.0pt 0cm 0cm 0cm">
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><b><span lang="EN-GB" style="font-size:10.0pt; font-family:"Tahoma","sans-serif"">De:</span></b><span lang="EN-GB" style="font-size:10.0pt; font-family:"Tahoma","sans-serif"">
<a href="mailto:freenx-knx-bounces@kde.org" target="_blank">
freenx-knx-bounces@kde.org</a> [<a href="mailto:freenx-knx-bounces@kde.org" target="_blank">mailto:freenx-knx-bounces@kde.org</a>]
<b>En nombre de </b>Julio Carlos Barrera Juez<br>
<b>Enviado el:</b> viernes, 06 de julio de 2012 13:04<br>
<b>Para:</b> <a href="mailto:freenx-knx@kde.org" target="_blank">
freenx-knx@kde.org</a><br>
<b>Asunto:</b> [FreeNX-kNX] establish a encrypted NX session using an alternative SSH client</span></p>
</div>
</div>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB">Hi all.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB">I’m developing a Java based NX client. In my first sprint I have developed a NX handler to establish NX sessions using a SSH pure Java library called JSCH (<a href="http://www.jcraft.com/jsch/" target="_blank">http://www.jcraft.com/jsch/</a>).
It worked with few source code lines and I achieve establishing NX sessions without encryption (SSL Port forwarding). Now I’m trying to do the same, but using encrypted NX sessions that only use one SSH port. I change the ‘startsession’ parameter and I create
a SSL forwarded tunnel in my SSH client. I know that using ‘nxssh’, it is necessary to say ‘bye’ to the server and then write the command ‘NX> 299 Switch connection to: SSH port: local_port accept: 127.0.0.1’. Then I launch ‘nxproxy’ and the remote NX session
starts.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB">The problem appeared when I tried to launch the original ‘nxproxy’ with my custom SSL port forwarded tunnel. ‘nxproxy’ connected with the local listening port, but it seems it didn’t connect with the remote ‘nxagent’
which was listening in the correct port. Maybe I was establishing bad the port forwarded tunnel, but I have no evidences of it.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB">It is possible to establish the whole connection using ‘openssh’ standard client instead of ‘nxssh’, it will help me a lot to understand the whole process.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB">Any help will be appreciated.</span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB"> </span></p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span lang="EN-GB">Thank you!</span></p>
</div>
<br>
<fieldset target="_blank"></fieldset> <br>
<pre>________________________________________________________________
Were you helped on this list with your FreeNX problem?
Then please write up the solution in the FreeNX Wiki/FAQ:
<a href="http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ" target="_blank">http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ</a>
Don't forget to check the NX Knowledge Base:
<a href="http://www.nomachine.com/kb/" target="_blank">http://www.nomachine.com/kb/</a>
________________________________________________________________
FreeNX-kNX mailing list --- <a href="mailto:FreeNX-kNX@kde.org" target="_blank">FreeNX-kNX@kde.org</a>
<a href="https://mail.kde.org/mailman/listinfo/freenx-knx" target="_blank">https://mail.kde.org/mailman/listinfo/freenx-knx</a>
________________________________________________________________</pre>
</div></blockquote><br>
<pre cols="72">--
Jean Milot - <a href="mailto:jmilot@dotriver.eu" target="_blank">jmilot@dotriver.eu</a> - <a href="http://www.dotriver.eu" target="_blank">www.dotriver.eu</a> <a href="http://www.dotriver.eu/" target="_blank"><http://www.dotriver.eu/></a>
5 passage de l'avenir, F-69200 Vénissieux
Fixe: +33 (0)4 27 46 39 80 Hotline: # 89 Fax: # 81
Rencontrez DotRiver : Salon Use-IT 2012 (<a href="http://bit.ly/IV8U81" target="_blank">http://bit.ly/IV8U81</a>),
Festival Temps Libre (<a href="http://bit.ly/L6YbwD" target="_blank">http://bit.ly/L6YbwD</a>)
DotRiver, membre du consortium "nuage" (<a href="http://bit.ly/LNIfMr" target="_blank">http://bit.ly/LNIfMr</a>)
Pas à pas, agissons au quotidien pour préserver notre environnement. N'imprimez que si nécessaire, réduisez les déchets informatiques et économisez l'énergie en utilisant les solutions DotRiver.</pre>
</div>
</div>
</div>
</div>
<div>________________________________________________________________</div><div> Were you helped on this list with your FreeNX problem?</div><div> Then please write up the solution in the FreeNX Wiki/FAQ:</div><div><br></div><div>http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ</div><div><br></div><div> Don't forget to check the NX Knowledge Base:</div><div> http://www.nomachine.com/kb/</div><div><br></div><div>________________________________________________________________</div><div> FreeNX-kNX mailing list --- FreeNX-kNX@kde.org</div><div> https://mail.kde.org/mailman/listinfo/freenx-knx</div><div>________________________________________________________________</div></div></div>
</div></blockquote><div>
<br>
</div>