<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Sorry, I just have one other question
that came to mind: Is it ok that I'm using NoMachine's Version 4
free software? I've been doing some googling, and it looks like
nomachine removed some important functionality between major
releases.<br>
<br>
On 2/23/2014 3:21 PM, Lucky0106 wrote:<br>
</div>
<blockquote cite="mid:BLU0-SMTP47967B6AD5614DA7FAC1497AA870@phx.gbl"
type="cite">
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
<div class="moz-cite-prefix">On 2/23/2014 5:54 AM, <a
moz-do-not-send="true" class="moz-txt-link-abbreviated"
href="mailto:chris@ccburton.com">chris@ccburton.com</a> wrote:<br>
</div>
<blockquote
cite="mid:OF0845AE6F.B53EEDAF-ON80257C88.0038BEDA-80257C88.003BE9D3@ccburton.com"
type="cite"> <br>
<a moz-do-not-send="true" class="moz-txt-link-abbreviated"
href="mailto:freenx-knx-bounces@kde.org">freenx-knx-bounces@kde.org</a>
wrote on 22/02/2014 18:49:23:<br>
<br>
>> So <br>
>> <br>
>> now you know <br>
>> your nx account is fine <br>
>> and <br>
>> nxserver is installed . . . <br>
>> which <br>
>> should log you in as <br>
>> user "glen" <br>
>> provided <br>
>> your user "glen" account can log in <br>
>> set in /etc/ssh/sshd_config) <br>
> I guess I don't quite understand why PasswordAuth needs to
be <br>
> enabled in SSH. It does look like I'm logging in fine
through SSH <br>
> (since the welcome message shows up in NX's client log).<br>
<br>
NX uses s key pair for the user <br>
nx <br>
to set up an ssh "encrypted tunnel" to move your compressed <br>
X session over the network. <br>
<br>
It then logs in the normal user to ANOTHER LOCAL ssh <br>
session using <br>
<br>
ssh PasswordAuthentication <br>
<br>
from <br>
the end of the tunnel on the NX server <br>
to <br>
the same NX server ie. ssh 127.0.0.1 <br>
<br>
The first ssh session uses user nx and the nx key pair <br>
so <br>
you add the nx key to the nxclient <br>
and <br>
don't worry about user nx 'cos the client knows <br>
<br>
The second session uses <br>
your username (glen) <br>
and <br>
glen's password on the FreeNX server <br>
so <br>
you put glen & glen's password into the nxclient <br>
login entry fields. <br>
<br>
<br>
You do NOT need your ssh key OR username nx <br>
ANYWHERE for NXv3 login unless you have moved <br>
away from the default login method <br>
<br>
<br>
> I've tried enabling PasswordAuth anyways (and restarting
the <br>
> machine), and here's the result:<br>
<br>
> Pseudo-terminal will not be allocated because stdin is not
a terminal.<br>
> <br>
> Permission denied (publickey,password).<br>
<br>
Different error. which user are you attemting to log ing in as??
<br>
<br>
nx ?? <br>
<br>
> <br>
> And I'm entering the exact password I normally use to log
into my <br>
> account on the machine.<br>
<br>
OK , so what's new in the nx server log just after this attempt
?? <br>
<br>
<br>
>> Here's another annoying test to help you along <br>
>>> <br>
>> 1/ Add the nx private key (as a new key file) to your
.ssh/ directory <br>
>> in the same format as the other private keys. <br>
>> Sounds like you generated your own pair 2me <br>
>> <br>
>> 2/ run <br>
>> <br>
>> ssh -l nx -i
~/.ssh/new-nx-private-key.file your-server-IP <br>
<br>
<br>
> Alright, so I go to /var/lib/nxserver/home/default_keys
(which is <br>
> where the key is stored, I believe). <br>
> I copy the key named client.id_dsa.key dated at Mar 22 2012
<br>
> to ~/.ssh/nx_priv_key.dsa, <br>
> then I run <br>
> ssh -l nx -i ~/ssh/nx_priv_key.dsa 192.168.1.133. <br>
> SSH continues to <br>
> warn me about the authenticity of the server, <br>
<br>
normal <br>
<br>
> asks me if I want to continue (I say yes), <br>
> says it was permanentlyadded to the list of known hosts, <br>
<br>
normal <br>
<br>
> warns me about an unprotected key file, <br>
> warns that permissions are too open, <br>
> then tells me that it will be ignored. <br>
<br>
The key file will be ignored unless its mode 0700 <br>
<br>
> It then asks me for nx's password, of which I have no clue,
<br>
<br>
cos it can't use the (ignored) key file so it tries password <br>
<br>
*** user nx should have NO password set *** <br>
<br>
<br>
> so after trying my own password, <br>
> I send a SIGINT to ssh and go about changing the
permissions <br>
> on the key file. <br>
<br>
Well done <br>
<br>
> I give myself (and only myself) read permissions on the new
<br>
> copy of the key file, and run the previous ssh command
again.<br>
<br>
well done again. I could list all these detail things but most <br>
people already know or work or ask . . . <br>
<br>
<br>
> At this point, the SSH welcome message is printed, <br>
<br>
right <br>
<br>
> and to my great surprise, <br>
<br>
. . . but it's not surprising to me . . . <br>
<br>
You are now connected using the correct name(nx) and key pair. <br>
<br>
<br>
<br>
*** You need this key for the nxclient. *** <br>
<br>
copy it from the file into the entry field in the nx client <br>
<br>
</blockquote>
Alright: Here's a new test. This time, I logged in over SFTP and
copied the file just to be sure they were the same (it seems like
I may have actually had a different key file!). With the new file
in hand, I fire up NoMachine again, and started the log in
process. Now, it just seems to indefinitely sit at the screen
saying Connecting to glenux. I looked through my auth.log, and
found this bit:<br>
<br>
<blockquote type="cite">Feb 23 15:05:51 glenux sshd[2489]:
Accepted publickey for nx from 192.168.1.121 port 49976 ssh2<br>
Feb 23 15:05:51 glenux sshd[2489]: pam_unix(sshd:session):
session opened for user nx by (uid=0)</blockquote>
<br>
So it must have authed with SSH at this point? The only problem,
though, is that it appears nxserver is not creating a new log file
in the /var/log directory.<br>
<br>
<blockquote
cite="mid:OF0845AE6F.B53EEDAF-ON80257C88.0038BEDA-80257C88.003BE9D3@ccburton.com"
type="cite"> <br>
> nxserver says hello and gives me a prompt of its own! <br>
> I don't know what to do at this point so I say "BYE".<br>
<br>
You can at this point test log in as your user <br>
<br>
( yup, another annoying test ) <br>
<br>
at that <br>
"NX > 105 " prompt <br>
( your version will probably be different ) <br>
enter <br>
login <return> <br>
expect <br>
"NX> 101 User:" <br>
enter <br>
"glen" <return> <br>
expect <br>
"NX> 102 Password:" <br>
<br>
now enter user account "glen"'s password and return <br>
(you still have PasswordAuthentication yes I hope ) <br>
<br>
expect <br>
"NX> 103 Welcome to: harrow user: glen <br>
NX> 105" <br>
<br>
If you <return> you will see a "quit" reply <br>
<br>
eg. <br>
<br>
<br>
HELLO NXSERVER - Version 3.2.0-73 OS (GPL, using backend: 3.5.0)
<br>
NX> 105 login <br>
login <br>
NX> 101 User: glen <br>
glen <br>
NX> 102 Password: <br>
NX> 103 Welcome to: servername user: glen <br>
NX> 105 <br>
<br>
quit <br>
Quit <br>
NX> 999 Bye <br>
</blockquote>
Ok, I gave that a try:<br>
<br>
<blockquote type="cite">HELLO NXSERVER - Version 3.2.0-74-SVN OS
(GPL, using backend: 3.5.0)<br>
NX> 105 login<br>
login<br>
NX> 101 User: glen<br>
glen<br>
NX> 102 Password:<br>
NX> 103 Welcome to: glenux user: glen<br>
NX> 105<br>
quit<br>
Quit<br>
NX> 999 Bye<br>
/usr/bin/nxserver: line 580: kill: (3426) - No such process<br>
Connection to 192.168.1.133 closed.</blockquote>
Well, so far so good (I think...).<br>
<blockquote
cite="mid:OF0845AE6F.B53EEDAF-ON80257C88.0038BEDA-80257C88.003BE9D3@ccburton.com"
type="cite"> <br>
> <br>
> Now, going back to the nomachine client on my windows
computer, I <br>
> try logging in again over the ssh protocol with the
nomachine login <br>
> and using the nxserver private key. I again attempt logging
in with <br>
> my ubuntu user and password, although authentication fails
once again:<br>
<br>
> Pseudo-terminal will not be allocated because stdin is not
a terminal.<br>
> <br>
> Permission denied (publickey,password). <br>
> Any further ideas?<br>
<br>
Yup. <br>
<br>
put the correct key ( for user nx ) into the client <br>
with <br>
your username and password ( glen, glen's password ) <br>
<br>
<br>
Have <br>
PasswordAuthentication yes <br>
in ssh <br>
<br>
<br>
Look in the log if it doesn't work and tell us what it says <br>
for the session you just tried <br>
( you may have another issue too ) <br>
<br>
Let us know how you get on . . <br>
<br>
<br>
</blockquote>
Ok, I may have forgotten this, but I guess I have to create the
log file for nxserver if it doesn't exist :P I did that and
confirmed everything was working by running the test log in, and
it seemed like it was logging ok at that point.<br>
<br>
Now, I try logging in with NoMachine again, and here is the
result:<br>
<br>
<blockquote type="cite">glen@glenux:/var/log$ cat nxserver.log<br>
<br>
-- NX SERVER START: - ORIG_COMMAND=<br>
-- NX SERVER START: - ORIG_COMMAND=<br>
Info: Using fds #4 and #3 for communication with nxnode.<br>
HELLO NXSERVER - Version 3.2.0-74-SVN OS (GPL, using backend:
3.5.0)<br>
NX> 105 hello NXCLIENT - Version 3.2.0<br>
NX> 134 Accepted protocol: 3.2.0<br>
NX> 105 SET SHELL_MODE SHELL<br>
NX> 105 SET AUTH_MODE PASSWORD<br>
NX> 105 login<br>
NX> 101 User: glen<br>
NX> 102 Password: glen@glenux:/var/log$<br>
</blockquote>
So either it's waiting for a password (and the client hasn't
picked up on that), or the password was entered and it just
doesn't know what to do now. Just for kicks and grins, I tried
clearing all saved passwords in the client, then I tried logging
in again. Same result.<br>
<br>
<blockquote
cite="mid:OF0845AE6F.B53EEDAF-ON80257C88.0038BEDA-80257C88.003BE9D3@ccburton.com"
type="cite"> <br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">________________________________________________________________
Were you helped on this list with your FreeNX problem?
Then please write up the solution in the FreeNX Wiki/FAQ:
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ">http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ</a>
Don't forget to check the NX Knowledge Base:
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.nomachine.com/kb/">http://www.nomachine.com/kb/</a>
________________________________________________________________
FreeNX-kNX mailing list --- <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:FreeNX-kNX@kde.org">FreeNX-kNX@kde.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://mail.kde.org/mailman/listinfo/freenx-knx">https://mail.kde.org/mailman/listinfo/freenx-knx</a>
________________________________________________________________</pre>
</blockquote>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">________________________________________________________________
Were you helped on this list with your FreeNX problem?
Then please write up the solution in the FreeNX Wiki/FAQ:
<a class="moz-txt-link-freetext" href="http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ">http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ</a>
Don't forget to check the NX Knowledge Base:
<a class="moz-txt-link-freetext" href="http://www.nomachine.com/kb/">http://www.nomachine.com/kb/</a>
________________________________________________________________
FreeNX-kNX mailing list --- <a class="moz-txt-link-abbreviated" href="mailto:FreeNX-kNX@kde.org">FreeNX-kNX@kde.org</a>
<a class="moz-txt-link-freetext" href="https://mail.kde.org/mailman/listinfo/freenx-knx">https://mail.kde.org/mailman/listinfo/freenx-knx</a>
________________________________________________________________</pre>
</blockquote>
</body>
</html>