[FreeNX-kNX] Re: got: "cannot create directory `/home/.nx'"

Rick Stout zipsonic at gmail.com
Tue Oct 19 16:15:13 UTC 2004



Jean-Eric Cuendet wrote:
> 
>> Just a thought. I don't think its a good idea to use or recommend the 
>> --setup-nomachine-key option. Its never a good idea to use default 
>> security settings, and a dsa key that gives you access to a server is 
>> definetly not a good idea. I realize its not the default, but maybe we 
>> should remove the nomachine key setup option, and leave the key in the 
>> README for anyone that NEEDS to use it. That will make it much more 
>> difficult to use, but not impossible for anyone who would absolutely 
>> need to use it.
> 
> 
> I think that you are right by saying:
>  "<snip>Its never a good idea to use default security settings"
> But in this case, I don't understand how to do when you have more than 
> one server to connect to? If the 2 servers have the nomachine key, then 
> I can have only one client.id_dsa file for the 2 servers. But if each 
> server has its' own key, how to do it?
> There should be a way, no?
> -jec

Steps:

Setup Server1 and create client.id_dsa.key and server.id_dsa.pub.key
Setup Server2
copy server.id_dsa.pub.key from server1 to server2
[ repeat above step on server3, server4,.... server9478 ]
on server2 copy server1's server.id_dsa.pub.key to authorized_keys2
[ repeat above step on server3, server4,.... server9478 ]
copy client.id_dsa.key from server1 to client.
connect to both servers with one key.

Voila!

Its actually the same process that you would use if you have multiple 
computers that you want to ssh into. You keep your id_dsa file secret, 
but place id_dsa.pub on every computer you want to connect to. SSH does 
the rest.

> _______________________________________________
> FreeNX-kNX mailing list
> FreeNX-kNX at kde.org
> https://mail.kde.org/mailman/listinfo/freenx-knx
> 
> 
> 



More information about the FreeNX-kNX mailing list