[FreeNX-kNX] Re: Problem sending 'switch' command to nxssh (Was: Re: Need help to get nxproxy & nxssh working over encrypted connection)

Gian Filippo Pinzari pinzari at nomachine.com
Tue Jan 11 17:29:39 UTC 2005


LROUFAIL at nc.rr.com wrote:
 > It would really help if a more detailed explanation of how
 > the client should behave with this new mechanism were published.
 > Especially since no compatibility mode for the old way is included
 > as near as I can tell.  IS there a flag that will let us use the
 > old way?

The old way was leading to a notable set of insecurities, due
to the reliance on SSH port forwarding. In the new server port
forwarding is forcibly disabled, so backward compatibility is
inherently not possible.

Please, find in the ChangeLog of nxssh and nxcomp the details
about out to perform the switch. Be sure that you send the Bye
command on the client side. The Bye command should be the last
thing you send, then you should perform the switch. You send
any data after the switch, nxssh will interleave that data with
data coming from he proxy. The remote end (that is likely to
work OK already) will try to interpret the bytes as a proxy
message and will complain that data is invalid, closing the
connection.

Increase the log level in nxssh as I explained, and also re-
compile nxcomp with TEST and eventually DEBUG to ensure that
the diagnostic output goes in 'errors'.

Regards,

/Gian Filippo.





More information about the FreeNX-kNX mailing list