<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<blockquote type="cite"><tt><font size="2">So</font></tt>
<br>
<br>
<tt><font size="2">now you know</font></tt>
<br>
<tt><font size="2"> your nx
account is fine</font></tt>
<br>
<tt><font size="2">and</font></tt>
<br>
<tt><font size="2"> nxserver is installed
. . .</font></tt>
<br>
<tt><font size="2">which</font></tt>
<br>
<tt><font size="2"> should log you
in as</font></tt>
<br>
<tt><font size="2">
user "glen"</font></tt>
<br>
<tt><font size="2">provided</font></tt>
<br>
<br>
<tt><font size="2">your user "glen" account can log in</font></tt>
<br>
<tt><font size="2"> (with PasswordAuthentication
yes</font></tt>
<br>
<tt><font size="2"> set in /etc/ssh/sshd_config)</font></tt>
</blockquote>
I guess I don't quite understand why PasswordAuth needs to be
enabled in SSH. It does look like I'm logging in fine through SSH
(since the welcome message shows up in NX's client log).<br>
<br>
I've tried enabling PasswordAuth anyways (and restarting the
machine), and here's the result:<br>
<br>
<blockquote type="cite">Pseudo-terminal will not be allocated
because stdin is not a terminal.<br>
<br>
Permission denied (publickey,password).<br>
<br>
</blockquote>
<br>
And I'm entering the exact password I normally use to log into my
account on the machine.<br>
<br>
<blockquote type="cite"><tt><font size="2">Here's another annoying
test to help you along</font></tt>
<br>
<br>
<br>
<tt><font size="2">1/ Add the nx private key (as a new key file)
to your
.ssh/ directory</font></tt>
<br>
<tt><font size="2"> in the same format
as the other private keys.</font></tt>
<br>
<tt><font size="2"> Sounds like you
generated your own pair 2me</font></tt>
<br>
<br>
<tt><font size="2">2/ run</font></tt>
<br>
<br>
<tt><font size="2"> ssh -l nx
-i ~/.ssh/new-nx-private-key.file your-server-IP</font></tt>
</blockquote>
Alright, so I go to /var/lib/nxserver/home/default_keys (which is
where the key is stored, I believe). I copy the key named
client.id_dsa.key dated at Mar 22 2012 to ~/.ssh/nx_priv_key.dsa,
then I run ssh -l nx -i ~/ssh/nx_priv_key.dsa 192.168.1.133. SSH
continues to warn me about the authenticity of the server, asks me
if I want to continue (I say yes), says it was permanently added to
the list of known hosts, warns me about an unprotected key file,
warns that permissions are too open, then tells me that it will be
ignored. It then asks me for nx's password, of which I have no clue,
so after trying my own password, I send a SIGINT to ssh and go about
changing the permissions on the key file. I give myself (and only
myself) read permissions on the new copy of the key file, and run
the previous ssh command again.<br>
<br>
At this point, the SSH welcome message is printed, and to my great
surprise, nxserver says hello and gives me a prompt of its own! I
don't know what to do at this point so I say "BYE".<br>
<br>
Now, going back to the nomachine client on my windows computer, I
try logging in again over the ssh protocol with the nomachine login
and using the nxserver private key. I again attempt logging in with
my ubuntu user and password, although authentication fails once
again:<br>
<br>
<blockquote type="cite">Pseudo-terminal will not be allocated
because stdin is not a terminal.<br>
<br>
Permission denied (publickey,password).</blockquote>
Any further ideas?<br>
<br>
<div class="moz-cite-prefix">On 2/20/2014 5:50 AM,
<a class="moz-txt-link-abbreviated" href="mailto:chris@ccburton.com">chris@ccburton.com</a> wrote:<br>
</div>
<blockquote
cite="mid:OFBC9AF485.7C9F5C90-ON80257C85.0032D74D-80257C85.003B8E7F@ccburton.com"
type="cite">
<br>
<tt><font size="2"><a class="moz-txt-link-abbreviated" href="mailto:freenx-knx-bounces@kde.org">freenx-knx-bounces@kde.org</a> wrote on 19/02/2014
21:17:01:<br>
<br>
>> <br>
>> Well . . . <br>
>> <br>
>> start by checking that you DO have the private key
from the FreeNX
server <br>
>> key pair set up in the nxclient, <br>
>> the (default) nomachine one if you didn't generate
your own <br>
>> or <br>
>> copy over the new key from the server if you did
choose to generate
your <br>
>> own key pair, when you ran nxsetup </font></tt>
<br>
<tt><font size="2"> <br>
> I made sure to follow the defaults when running the
server setup <br>
> script, so here's what I get when I try to log in with
Nxserver's
default key:<br>
</font></tt>
<br>
<tt><font size="2">> Pseudo-terminal will not be allocated
because
stdin is not a terminal.<br>
> <br>
> Permission denied (publickey).</font></tt>
<br>
<br>
<br>
<tt><font size="2">OK a real error message - always a good place
to start
. . . .</font></tt>
<br>
<br>
<tt><font size="2">. . . . even if</font></tt>
<br>
<tt><font size="2"> they're
not always issued at the error point,</font></tt>
<br>
<tt><font size="2">but by the calling process . . . .</font></tt>
<br>
<br>
<br>
<tt><font size="2">I don't know why people are asking you which
desktop
you use</font></tt>
<br>
<tt><font size="2">etc . . when the log show you aren't even
connecting.</font></tt>
<br>
<br>
<br>
<tt><font size="2">So,</font></tt>
<br>
<tt><font size="2"> you ether have the wrong key for the key-pair</font></tt>
<br>
<br>
<tt><font size="2">** OR **</font></tt>
<br>
<br>
<tt><font size="2">your user (glen) can't log in to</font></tt>
<br>
<br>
<tt><font size="2"> the sshd pointed
to in node.conf (port 22 default)</font></tt>
<br>
<br>
<tt><font size="2">using</font></tt>
<br>
<br>
<tt><font size="2"> "PasswordAuthentication
yes"</font></tt>
<br>
<br>
<tt><font size="2">because</font></tt>
<br>
<br>
<tt><font size="2">eg.</font></tt>
<br>
<tt><font size="2">you have set it to keypair (rsa etc) only in </font></tt>
<br>
<br>
<tt><font size="2"> /etc/ssh/sshd_config</font></tt>
<br>
<br>
<tt><font size="2">(OR both the above maybe)</font></tt>
<br>
<br>
<br>
<tt><font size="2">> <br>
> And when using my SSH private key (it seems like this is
what I had
<br>
> the client setup to do to begin with), the NoMachine
client will <br>
> prompt me for a username and password (I'll specify my
ubuntu user
<br>
> account and its password). The client will proceed to
think on it
<br>
> for awhile, then respond with the error "The NoMachine
service
is <br>
> not available". Looking at my client connection log this
time:<br>
</font></tt>
<br>
<br>
<tt><font size="2">OK sounds like it was "both" above,</font></tt>
<br>
<tt><font size="2">but</font></tt>
<br>
<tt><font size="2">now you have a key which gets you into the
server
as user nx</font></tt>
<br>
<br>
<br>
<br>
<tt><font size="2">> Pseudo-terminal will not be allocated
because
stdin is not a terminal.<br>
> <br>
> Warning: No xauth data; using fake authentication data
for X11 forwarding.<br>
> <br>
> Welcome to Ubuntu 12.04.4 LTS (GNU/Linux
3.2.0-58-generic-pae i686)<br>
> <br>
> * Documentation: </font></tt><a moz-do-not-send="true"
href="https://help.ubuntu.com/"><tt><font size="2">https://help.ubuntu.com/</font></tt></a><tt><font
size="2"><br>
> <br>
> 16 packages can be updated.<br>
> 16 updates are security updates.<br>
> <br>
> Linux<br>
> NX server command not found</font></tt>
<br>
<tt><font size="2">> <br>
> So it seems like my SSH private key is doing the trick,
although I
<br>
> see some potentially concerning errors there besides the
server <br>
> command not found.<br>
> <br>
> I also just found a more detailed log on the client side:<br>
</font></tt>
<br>
<tt><font size="2">[SNIP]</font></tt>
<br>
<br>
<tt><font size="2">> 5044 5048 16:01:28 899.273 ClientSession:
Change
state to 'Failed'.</font></tt>
<br>
<br>
<br>
<tt><font size="2">OK . . . something went wrong . . . have a nice
day
. . .</font></tt>
<br>
<br>
<br>
<tt><font size="2">> <br>
> Hopefully that offers some more information...<br>
</font></tt>
<br>
<br>
<tt><font size="2">Not much . . . have an ice day tho' (mint choc
chip
4me)</font></tt>
<br>
<br>
<br>
<tt><font size="2">> set logging to debug, ie. 6 <br>
</font></tt>
<br>
<tt><font size="2">Good</font></tt>
<br>
<br>
<br>
<tt><font size="2">>> <br>
>> tho . . <br>
>> <br>
>> . . . probably you are not connecting at all. </font></tt>
<br>
<tt><font size="2">>> <br>
</font></tt>
<br>
<tt><font size="2">> Bumped logging up to 6 in node.conf, sudo
nxserver
--stop, sudo <br>
> nxserver --start, attempted another log in with the
client, annnnd...<br>
</font></tt>
<br>
<tt><font size="2">The service isn't a service i.e. there is
**NO** daemon
to start/stop</font></tt>
<br>
<br>
<tt><font size="2">The service script enables/disables the nx
(tunnel)
account</font></tt>
<br>
<tt><font size="2">and</font></tt>
<br>
<tt><font size="2">clears up a bit of the mess</font></tt>
<br>
<br>
<tt><font size="2">> glen@glenux:/var/log$ sudo cat
nxserver.log<br>
> glen@glenux:/var/log$</font></tt>
<br>
<tt><font size="2">> <br>
> Still empty. FWIW, the client logs still appear to be
relatively the<br>
> same, in case that would have made a difference.<br>
</font></tt>
<br>
<br>
<tt><font size="2">OK, so you still aren't logging in then . . . .
by
the look of it</font></tt>
<br>
<br>
<br>
<tt><font size="2">>> To test your server you can try <br>
>> <br>
>> logging in to the server as your normal user, then
running <br>
>> <br>
>> sudo su -l nx <br>
>> <br>
>> at a command prompt <br>
>> to see <br>
>> if user nx logs in and finds its shell </font></tt>
<br>
<tt><font size="2"> <br>
> Now *that* is pretty darned cool. I just tried the
command:<br>
</font></tt>
<br>
<br>
<tt><font size="2">Proper systematic testing is usually
quickly/useful
. . . ;)</font></tt>
<br>
<br>
<br>
<br>
<tt><font size="2">> glen@glenux:/var/log$ sudo su -l nx<br>
> HELLO NXSERVER - Version 3.2.0-74-SVN OS (GPL, using
backend: 3.5.0)<br>
> NX> 105 help<br>
> help<br>
> NX> 105 ls<br>
> ls<br>
> NX> 105 quit<br>
> quit<br>
> Quit<br>
> NX> 999 Bye</font></tt>
<br>
<tt><font size="2">> <br>
</font></tt>
<br>
<tt><font size="2">So</font></tt>
<br>
<br>
<tt><font size="2">now you know</font></tt>
<br>
<tt><font size="2"> your nx
account is fine</font></tt>
<br>
<tt><font size="2">and</font></tt>
<br>
<tt><font size="2"> nxserver is installed
. . .</font></tt>
<br>
<tt><font size="2">which</font></tt>
<br>
<tt><font size="2"> should log you
in as</font></tt>
<br>
<tt><font size="2">
user "glen"</font></tt>
<br>
<tt><font size="2">provided</font></tt>
<br>
<br>
<tt><font size="2">your user "glen" account can log in</font></tt>
<br>
<tt><font size="2"> (with PasswordAuthentication
yes</font></tt>
<br>
<tt><font size="2"> set in /etc/ssh/sshd_config)</font></tt>
<br>
<br>
<br>
<br>
<tt><font size="2">> So clearly I have no idea what I'm doing
once
I'm in, but hey, I <br>
> logged in on the server side! And naturally, the log:<br>
</font></tt>
<br>
<tt><font size="2">> glen@glenux:/var/log$ sudo cat
nxserver.log </font></tt>
<br>
<tt><font size="2">> -- NX SERVER START: - ORIG_COMMAND=<br>
> -- NX SERVER START: - ORIG_COMMAND=<br>
> Info: Using fds #4 and #3 for communication with nxnode.<br>
> HELLO NXSERVER - Version 3.2.0-74-SVN OS (GPL, using
backend: 3.5.0)<br>
> NX> 105 help<br>
> NX> 105 ls<br>
> NX> 105 quit<br>
> Quit<br>
> NX> 999 Bye<br>
> glen@glenux:/var/log$</font></tt>
<br>
<br>
<tt><font size="2">Right</font></tt>
<br>
<br>
<tt><font size="2">so logging works too</font></tt>
<br>
<tt><font size="2">BUT</font></tt>
<br>
<tt><font size="2">you've never got that far have you ??</font></tt>
<br>
<tt><font size="2">cos</font></tt>
<br>
<tt><font size="2">you've never quite logged in . . </font></tt>
<br>
<br>
<br>
<br>
<tt><font size="2">Here's another annoying test to help you along</font></tt>
<br>
<br>
<br>
<tt><font size="2">1/ Add the nx private key (as a new key file)
to your
.ssh/ directory</font></tt>
<br>
<tt><font size="2"> in the same format
as the other private keys.</font></tt>
<br>
<tt><font size="2"> Sounds like you
generated your own pair 2me</font></tt>
<br>
<br>
<tt><font size="2">2/ run</font></tt>
<br>
<br>
<tt><font size="2"> ssh -l nx
-i ~/.ssh/new-nx-private-key.file your-server-IP</font></tt>
<br>
<br>
<br>
<tt><font size="2">this should key-pair log in as user nx over the
network</font></tt>
<br>
<tt><font size="2">and</font></tt>
<br>
<tt><font size="2">give you the same prompt ( user nx's shell) as
the</font></tt>
<br>
<tt><font size="2">previous annoying test</font></tt>
<br>
<br>
<br>
<tt><font size="2">Keep going with the various key-pair options</font></tt>
<br>
<tt><font size="2">until</font></tt>
<br>
<tt><font size="2"> you have
the correct key pair identified</font></tt>
<br>
<tt><font size="2">**BUT**</font></tt>
<br>
<tt><font size="2">look at</font></tt>
<br>
<tt><font size="2"> /etc/ssh/sshd.conf</font></tt>
<br>
<tt><font size="2">for</font></tt>
<br>
<tt><font size="2"> PasswordAuthentication
yes</font></tt>
<br>
<tt><font size="2">**FIRST**</font></tt>
<br>
<br>
<br>
<tt><font size="2">> <br>
> So it seems like things may be functioning over there.
Now just for
<br>
> getting the client to talk!<br>
</font></tt>
<br>
<br>
<tt><font size="2">Next thing to look at is your user account via
ssh</font></tt>
<br>
<tt><font size="2"> (PasswordAuthentication
yes</font></tt>
<br>
<tt><font size="2"> in</font></tt>
<br>
<tt><font size="2"> /etc/ssh/sshd_config)</font></tt>
<br>
<br>
<tt><font size="2">> Development ceased in 2008 tho' various
people
have fixed various <br>
> things since . . . </font></tt>
<br>
<tt><font size="2">> <br>
> Ah, shoot. I was reading up on some of the history; does
this <br>
> coincide with when NoMachine cut off their mailing list?<br>
</font></tt>
<br>
<tt><font size="2">Nonachine have moved to version 4 which
coincides
with</font></tt>
<br>
<tt><font size="2">the ending of their support for the
"opensource"
V3 nxagent </font></tt>
<br>
<tt><font size="2">and libraries etc</font></tt>
<br>
<br>
<br>
<tt><font size="2">> <br>
> Thank you!<br>
</font></tt>
<br>
<tt><font size="2">UR welcome</font></tt>
<br>
<br>
<tt><font size="2">let us know how you get on</font></tt>
<br>
<br>
<br>
<tt><font size="2">I'm staying with FreeNX for the moment; I see
no advantage
in changing</font></tt>
<br>
<br>
<tt><font size="2">Marcello seems to recompile the libraries and
re-package
for new ubuntu's</font></tt>
<br>
<tt><font size="2">and</font></tt>
<br>
<tt><font size="2">Akemi for RHEL/centos</font></tt>
<br>
<tt><font size="2">also</font></tt>
<br>
<tt><font size="2">some community volunteers do the same for
OpenSuse</font></tt>
<br>
<br>
<br>
<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">________________________________________________________________
Were you helped on this list with your FreeNX problem?
Then please write up the solution in the FreeNX Wiki/FAQ:
<a class="moz-txt-link-freetext" href="http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ">http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ</a>
Don't forget to check the NX Knowledge Base:
<a class="moz-txt-link-freetext" href="http://www.nomachine.com/kb/">http://www.nomachine.com/kb/</a>
________________________________________________________________
FreeNX-kNX mailing list --- <a class="moz-txt-link-abbreviated" href="mailto:FreeNX-kNX@kde.org">FreeNX-kNX@kde.org</a>
<a class="moz-txt-link-freetext" href="https://mail.kde.org/mailman/listinfo/freenx-knx">https://mail.kde.org/mailman/listinfo/freenx-knx</a>
________________________________________________________________</pre>
</blockquote>
<br>
</body>
</html>